Filtered by vendor Gnu
Subscribe
Total
1196 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-6271 | 17 Apple, Arista, Canonical and 14 more | 85 Mac Os X, Eos, Ubuntu Linux and 82 more | 2026-04-22 | 10.0 HIGH | 9.8 CRITICAL |
| GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock." NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix. | |||||
| CVE-2014-6278 | 1 Gnu | 1 Bash | 2026-04-22 | 10.0 HIGH | 8.8 HIGH |
| GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attackers to execute arbitrary commands via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271, CVE-2014-7169, and CVE-2014-6277. | |||||
| CVE-2014-7169 | 17 Apple, Arista, Canonical and 14 more | 85 Mac Os X, Eos, Ubuntu Linux and 82 more | 2026-04-22 | 10.0 HIGH | 9.8 CRITICAL |
| GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271. | |||||
| CVE-2026-4046 | 1 Gnu | 1 Glibc | 2026-04-20 | N/A | 7.5 HIGH |
| The iconv() function in the GNU C Library versions 2.43 and earlier may crash due to an assertion failure when converting inputs from the IBM1390 or IBM1399 character sets, which may be used to remotely crash an application. This vulnerability can be trivially mitigated by removing the IBM1390 and IBM1399 character sets from systems that do not need them. | |||||
| CVE-2025-32990 | 2 Gnu, Redhat | 3 Gnutls, Enterprise Linux, Openshift Container Platform | 2026-04-20 | N/A | 6.5 MEDIUM |
| A heap-buffer-overflow (off-by-one) flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When it reads certain settings from a template file, it allows an attacker to cause an out-of-bounds (OOB) NULL pointer write, resulting in memory corruption and a denial-of-service (DoS) that could potentially crash the system. | |||||
| CVE-2000-0803 | 1 Gnu | 1 Groff | 2026-04-16 | 10.0 HIGH | N/A |
| GNU Groff uses the current working directory to find a device description file, which allows a local user to gain additional privileges by including a malicious postpro directive in the description file, which is executed when another user runs groff. | |||||
| CVE-2004-1349 | 2 Gnu, Oracle | 2 Gzip, Solaris | 2026-04-16 | 2.1 LOW | N/A |
| gzip before 1.3 in Solaris 8, when called with the -f or -force flags, will change the permissions of files that are hard linked to the target files, which allows local users to view or modify these files. | |||||
| CVE-2005-1039 | 1 Gnu | 1 Coreutils | 2026-04-16 | 3.7 LOW | N/A |
| Race condition in Core Utilities (coreutils) 5.2.1, when (1) mkdir, (2) mknod, or (3) mkfifo is running with the -m switch, allows local users to modify permissions of other files. | |||||
| CVE-2004-0968 | 2 Gnu, Redhat | 3 Glibc, Enterprise Linux, Enterprise Linux Desktop | 2026-04-16 | 2.1 LOW | N/A |
| The catchsegv script in glibc 2.3.2 and earlier allows local users to overwrite files via a symlink attack on temporary files. | |||||
| CVE-2005-0988 | 7 Freebsd, Gentoo, Gnu and 4 more | 13 Freebsd, Linux, Gzip and 10 more | 2026-04-16 | 3.7 LOW | N/A |
| Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip after the decompression is complete. | |||||
| CVE-2003-0038 | 1 Gnu | 1 Mailman | 2026-04-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in options.py for Mailman 2.1 allows remote attackers to inject script or HTML into web pages via the (1) email or (2) language parameters. | |||||
| CVE-2005-2541 | 1 Gnu | 1 Tar | 2026-04-16 | 10.0 HIGH | N/A |
| Tar 1.15.1 does not properly warn the user when extracting setuid or setgid files, which may allow local users or remote attackers to gain privileges. | |||||
| CVE-2000-0947 | 1 Gnu | 1 Cfengine | 2026-04-16 | 10.0 HIGH | N/A |
| Format string vulnerability in cfd daemon in GNU CFEngine before 1.6.0a11 allows attackers to execute arbitrary commands via format characters in the CAUTH command. | |||||
| CVE-2005-0758 | 2 Canonical, Gnu | 2 Ubuntu Linux, Gzip | 2026-04-16 | 4.6 MEDIUM | N/A |
| zgrep in gzip before 1.3.5 does not properly sanitize arguments, which allows local users to execute arbitrary commands via filenames that are injected into a sed script. | |||||
| CVE-2005-0080 | 2 Gnu, Ubuntu | 2 Mailman, Ubuntu Linux | 2026-04-16 | 5.0 MEDIUM | N/A |
| The 55_options_traceback.dpatch patch for mailman 2.1.5 in Ubuntu 4.10 displays a different error message depending on whether the e-mail address is subscribed to a private list, which allows remote attackers to determine the list membership for a given e-mail address. | |||||
| CVE-2001-1132 | 1 Gnu | 1 Mailman | 2026-04-16 | 7.5 HIGH | N/A |
| Mailman 2.0.x before 2.0.6 allows remote attackers to gain access to list administrative pages when there is an empty site or list password, which is not properly handled during the call to the crypt function during authentication. | |||||
| CVE-2005-3355 | 1 Gnu | 1 Gnump3d | 2026-04-16 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in GNU Gnump3d before 2.9.8 has unknown impact via "CGI parameters, and cookie values". | |||||
| CVE-2001-0290 | 1 Gnu | 1 Mailman | 2026-04-16 | 4.6 MEDIUM | N/A |
| Vulnerability in Mailman 2.0.1 and earlier allows list administrators to obtain user passwords. | |||||
| CVE-2005-2180 | 1 Gnu | 1 Gnats | 2026-04-16 | 2.1 LOW | N/A |
| gen-index in GNATS 4.0, 4.1.0, and possibly earlier versions, when installed setuid, does not properly check files passed to the -o argument and opens the file with write access, which allows local users to overwrite arbitrary files. | |||||
| CVE-2004-0548 | 2 Gentoo, Gnu | 2 Linux, Aspell | 2026-04-16 | 7.2 HIGH | N/A |
| Multiple stack-based buffer overflows in the word-list-compress functionality in compress.c for Aspell allow local users to execute arbitrary code via a long entry in the wordlist that is not properly handled when using the (1) "c" compress option or (2) "d" decompress option. | |||||