Search Results (1261 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-2397 1 Gnu 1 Phpbook 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in guestbook.php in phpBook 1.46 allows remote attackers to inject arbitrary web script or HTML via the admin parameter.
CVE-2004-0778 2 Gnu, Redhat 2 Cvs, Enterprise Linux 2026-04-16 N/A
CVS 1.11.x before 1.11.17, and 1.12.x before 1.12.9, allows remote attackers to determine the existence of arbitrary files and directories via the -X command for an alternate history file, which causes different error messages to be returned.
CVE-2005-1705 2 Gnu, Redhat 2 Gdb, Enterprise Linux 2026-04-16 N/A
gdb before 6.3 searches the current working directory to load the .gdbinit configuration file, which allows local users to execute arbitrary commands as the user running gdb.
CVE-1999-0150 1 Gnu 1 Fingerd 2026-04-16 N/A
The Perl fingerd program allows arbitrary command execution from remote users.
CVE-2000-0959 1 Gnu 1 Glibc 2026-04-16 N/A
glibc2 does not properly clear the LD_DEBUG_OUTPUT and LD_DEBUG environmental variables when a program is spawned from a setuid program, which could allow local users to overwrite files via a symlink attack.
CVE-1999-0719 1 Gnu 1 Gnumeric 2026-04-16 N/A
The Guile plugin for the Gnumeric spreadsheet package allows attackers to execute arbitrary code.
CVE-2005-1520 1 Gnu 1 Mailutils 2026-04-16 N/A
Buffer overflow in the header_get_field_name function in header.c for GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows remote attackers to execute arbitrary code via a crafted e-mail.
CVE-2001-1267 2 Gnu, Redhat 3 Tar, Enterprise Linux, Linux 2026-04-16 N/A
Directory traversal vulnerability in GNU tar 1.13.19 and earlier allows local users to overwrite arbitrary files during archive extraction via a tar file whose filenames contain a .. (dot dot).
CVE-2004-2459 1 Gnu 1 Gnubiff 2026-04-16 N/A
Unknown vulnerability in gnubiff 1.2.0 and earlier allows local users to obtain passwords, related to the password table.
CVE-2003-0826 1 Gnu 1 Lsh 2026-04-16 N/A
lsh daemon (lshd) does not properly return from certain functions in (1) read_line.c, (2) channel_commands.c, or (3) client_keyexchange.c when long input is provided, which could allow remote attackers to execute arbitrary code via a heap-based buffer overflow attack.
CVE-2005-3573 2 Gnu, Redhat 2 Mailman, Enterprise Linux 2026-04-16 N/A
Scrubber.py in Mailman 2.1.5-8 does not properly handle UTF8 character encodings in filenames of e-mail attachments, which allows remote attackers to cause a denial of service (application crash).
CVE-2004-0984 1 Gnu 1 Mailutils 2026-04-16 N/A
Unknown vulnerability in the dotlock implementation in mailutils before 1:0.5-4 on Debian GNU/Linux allows attackers to gain privileges.
CVE-2004-0581 2 Gnu, Mandrakesoft 3 Ksymoops, Mandrake Linux, Mandrake Linux Corporate Server 2026-04-16 N/A
ksymoops-gznm script in Mandrake Linux 9.1 through 10.0, and Corporate Server 2.1, allows local users to delete arbitrary files via a symlink attack on files in /tmp.
CVE-2004-0576 1 Gnu 1 Radius 2026-04-16 N/A
The radius daemon (radiusd) for GNU Radius 1.1, when compiled with the -enable-snmp option, allows remote attackers to cause a denial of service (server crash) via malformed SNMP messages containing an invalid OID.
CVE-2005-1523 1 Gnu 1 Mailutils 2026-04-16 N/A
Format string vulnerability in imap4d server in GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows remote attackers to execute arbitrary code via format string specifiers in the command tag for IMAP commands.
CVE-2001-0522 2 Gnu, Redhat 2 Privacy Guard, Linux 2026-04-16 N/A
Format string vulnerability in Gnu Privacy Guard (aka GnuPG or gpg) 1.05 and earlier can allow an attacker to gain privileges via format strings in the original filename that is stored in an encrypted file.
CVE-2004-1382 2 Gnu, Redhat 2 Glibc, Enterprise Linux 2026-04-16 N/A
The glibcbug script in glibc 2.3.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CVE-2004-0968.
CVE-2005-1522 1 Gnu 1 Mailutils 2026-04-16 N/A
The imap4d server for GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows authenticated remote users to cause a denial of service (CPU consumption) via a large range value in the FETCH command.
CVE-2006-0300 2 Gnu, Redhat 2 Tar, Enterprise Linux 2026-04-16 N/A
Buffer overflow in tar 1.14 through 1.15.90 allows user-assisted attackers to cause a denial of service (application crash) and possibly execute code via unspecified vectors involving PAX extended headers.
CVE-2005-1431 2 Gnu, Redhat 2 Gnutls, Enterprise Linux 2026-04-16 N/A
The "record packet parsing" in GnuTLS 1.2 before 1.2.3 and 1.0 before 1.0.25 allows remote attackers to cause a denial of service, possibly related to padding bytes in gnutils_cipher.c.