Search Results (1247 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-4808 2 Canonical, Gnu 2 Ubuntu Linux, Binutils 2026-04-16 N/A
Buffer overflow in reset_vars in config/tc-crx.c in the GNU as (gas) assembler in Free Software Foundation GNU Binutils before 20050714 allows user-assisted attackers to have an unknown impact via a crafted .s file.
CVE-2000-0824 1 Gnu 1 Glibc 2026-04-16 N/A
The unsetenv function in glibc 2.1.1 does not properly unset an environmental variable if the variable is provided twice to a program, which could allow local users to execute arbitrary commands in setuid programs by specifying their own duplicate environmental variables such as LD_PRELOAD or LD_LIBRARY_PATH.
CVE-2003-0826 1 Gnu 1 Lsh 2026-04-16 N/A
lsh daemon (lshd) does not properly return from certain functions in (1) read_line.c, (2) channel_commands.c, or (3) client_keyexchange.c when long input is provided, which could allow remote attackers to execute arbitrary code via a heap-based buffer overflow attack.
CVE-2005-1111 4 Canonical, Debian, Gnu and 1 more 4 Ubuntu Linux, Debian Linux, Cpio and 1 more 2026-04-16 4.7 Medium
Race condition in cpio 2.6 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by cpio after the decompression is complete.
CVE-2001-0884 2 Gnu, Redhat 4 Mailman, Linux, Powertools and 1 more 2026-04-16 N/A
Cross-site scripting vulnerability in Mailman email archiver before 2.08 allows attackers to obtain sensitive information or authentication credentials via a malicious link that is accessed by other web users.
CVE-2005-1039 1 Gnu 1 Coreutils 2026-04-16 N/A
Race condition in Core Utilities (coreutils) 5.2.1, when (1) mkdir, (2) mknod, or (3) mkfifo is running with the -m switch, allows local users to modify permissions of other files.
CVE-2003-0795 4 Gnu, Quagga, Redhat and 1 more 5 Zebra, Quagga, Enterprise Linux and 2 more 2026-04-16 N/A
The vty layer in Quagga before 0.96.4, and Zebra 0.93b and earlier, does not verify that sub-negotiation is taking place when processing the SE marker, which allows remote attackers to cause a denial of service (crash) via a malformed telnet command to the telnet CLI port, which may trigger a null dereference.
CVE-2005-0990 2 Gnu, Redhat 2 Sharutils, Enterprise Linux 2026-04-16 N/A
unshar (unshar.c) in sharutils 4.2.1 allows local users to overwrite arbitrary files via a symlink attack on the unsh.X temporary file.
CVE-2000-0335 2 Gnu, Isc 2 Glibc, Bind 2026-04-16 N/A
The resolver in glibc 2.1.3 uses predictable IDs, which allows a local attacker to spoof DNS query results.
CVE-2005-0988 7 Freebsd, Gentoo, Gnu and 4 more 13 Freebsd, Linux, Gzip and 10 more 2026-04-16 N/A
Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip after the decompression is complete.
CVE-1999-0612 2 Gnu, Microsoft 4 Finger Service, Fingerd, Windows 2000 and 1 more 2026-04-16 N/A
A version of finger is running that exposes valid user information to any entity on the network.
CVE-2003-0367 2 Debian, Gnu 2 Debian Linux, Gzip 2026-04-16 6.2 Medium
znew in the gzip package allows local users to overwrite arbitrary files via a symlink attack on temporary files.
CVE-2005-0758 3 Canonical, Gnu, Redhat 3 Ubuntu Linux, Gzip, Enterprise Linux 2026-04-16 N/A
zgrep in gzip before 1.3.5 does not properly sanitize arguments, which allows local users to execute arbitrary commands via filenames that are injected into a sed script.
CVE-2001-0522 2 Gnu, Redhat 2 Privacy Guard, Linux 2026-04-16 N/A
Format string vulnerability in Gnu Privacy Guard (aka GnuPG or gpg) 1.05 and earlier can allow an attacker to gain privileges via format strings in the original filename that is stored in an encrypted file.
CVE-1999-0017 9 Caldera, Freebsd, Gnu and 6 more 11 Openlinux, Freebsd, Inet and 8 more 2026-04-16 N/A
FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce.
CVE-2024-57360 1 Gnu 1 Binutils 2026-04-15 5.5 Medium
https://www.gnu.org/software/binutils/ nm >=2.43 is affected by: Incorrect Access Control. The type of exploitation is: local. The component is: `nm --without-symbol-version` function.
CVE-2024-52867 1 Gnu 1 Guix 2026-04-15 8.1 High
guix-daemon in GNU Guix before 5ab3c4c allows privilege escalation because build outputs are accessible by local users before file metadata concerns (e.g., for setuid and setgid programs) are properly addressed. The vulnerability can be remediated within the product via certain pull, reconfigure, and restart actions. Both 5ab3c4c and 5582241 are needed to resolve the vulnerability.
CVE-2025-46803 1 Gnu 1 Screen 2026-04-15 5 Medium
The default mode of pseudo terminals (PTYs) allocated by Screen was changed from 0620 to 0622, thereby allowing anyone to write to any Screen PTYs in the system.
CVE-2025-46802 1 Gnu 1 Screen 2026-04-15 6 Medium
For a short time they PTY is set to mode 666, allowing any user on the system to connect to the screen session.
CVE-2025-46804 1 Gnu 1 Screen 2026-04-15 3.3 Low
A minor information leak when running Screen with setuid-root privileges allows unprivileged users to deduce information about a path that would otherwise not be available. Affected are older Screen versions, as well as version 5.0.0.