Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnu vulnerabilities and exploits
(subscribe to this query)
614
VMScore
CVE-2011-4355
GNU Project Debugger (GDB) prior to 7.5, when .debug_gdb_scripts is defined, automatically loads certain files from the current working directory, which allows local users to gain privileges via crafted files such as Python scripts.
Gnu Gdb 6.1
Gnu Gdb 6.1.1
Gnu Gdb 5.2.1
Gnu Gdb 6.3
Gnu Gdb 5.1.1
Gnu Gdb 6.7.1
Gnu Gdb 6.2
Gnu Gdb 5.2
Gnu Gdb 4.18
Gnu Gdb 5.1
Gnu Gdb 7.3.1
Gnu Gdb 5.0
Gnu Gdb 7.2
Gnu Gdb 5.0.92
Gnu Gdb 6.5
Gnu Gdb 6.4
Gnu Gdb 7.4
Gnu Gdb 7.0
Gnu Gdb 6.8
Gnu Gdb 7.3
Gnu Gdb 6.2.1
Gnu Gdb 6.6
383
VMScore
CVE-2011-0707
Multiple cross-site scripting (XSS) vulnerabilities in Cgi/confirm.py in GNU Mailman 2.1.14 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) full name or (2) username field in a confirmation message.
Gnu Mailman 2.1.13
Gnu Mailman 2.1.5
Gnu Mailman 2.1.11
Gnu Mailman 2.0.5
Gnu Mailman 2.0.1
Gnu Mailman 2.1.5.8
Gnu Mailman 2.1.3
Gnu Mailman 2.0.11
Gnu Mailman 2.0.6
Gnu Mailman 2.0
Gnu Mailman 2.1.8
Gnu Mailman 1.1
Gnu Mailman 2.0.14
Gnu Mailman 2.0.12
Gnu Mailman 2.1.2
Gnu Mailman 2.0.9
Gnu Mailman 2.1.9
Gnu Mailman 2.0.3
Gnu Mailman 2.1
Gnu Mailman 2.1.14
Gnu Mailman 2.0.13
Gnu Mailman 2.1.6
1000
VMScore
CVE-2014-6277
GNU Bash up to and including 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote malicious users to execute arbitrary code or cause a denial of service (uninitialized memory access, and untrusted-pointer read and...
Gnu Bash 4.0
Gnu Bash 4.3
Gnu Bash 3.2.48
Gnu Bash 1.14.3
Gnu Bash 4.1
Gnu Bash 2.05
Gnu Bash 1.14.1
Gnu Bash 3.0
Gnu Bash 2.01
Gnu Bash 2.04
Gnu Bash 2.0
Gnu Bash 2.01.1
Gnu Bash 1.14.7
Gnu Bash 3.1
Gnu Bash 1.14.6
Gnu Bash 1.14.2
Gnu Bash 1.14.4
Gnu Bash 4.2
Gnu Bash 2.02.1
Gnu Bash 3.0.16
Gnu Bash 1.14.5
Gnu Bash 1.14.0
3 EDB exploits
4 Github repositories
1000
VMScore
CVE-2014-6278
GNU Bash up to and including 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote malicious users to execute arbitrary commands via a crafted environment, as demonstrated by vectors involving the ForceCommand feat...
Gnu Bash 4.0
Gnu Bash 4.3
Gnu Bash 3.2.48
Gnu Bash 1.14.3
Gnu Bash 4.1
Gnu Bash 2.05
Gnu Bash 1.14.1
Gnu Bash 3.0
Gnu Bash 2.01
Gnu Bash 2.04
Gnu Bash 2.0
Gnu Bash 2.01.1
Gnu Bash 1.14.7
Gnu Bash 3.1
Gnu Bash 1.14.6
Gnu Bash 1.14.2
Gnu Bash 1.14.4
Gnu Bash 4.2
Gnu Bash 2.02.1
Gnu Bash 3.0.16
Gnu Bash 1.14.5
Gnu Bash 1.14.0
5 EDB exploits
12 Github repositories
760
VMScore
CVE-2008-5659
The gnu.java.security.util.PRNG class in GNU Classpath 0.97.2 and previous versions uses a predictable seed based on the system time, which makes it easier for context-dependent malicious users to conduct brute force attacks against cryptographic routines that use this class for ...
Gnu Classpath 0.14
Gnu Classpath 0.90
Gnu Classpath 0.15
Gnu Classpath 0.97.1
Gnu Classpath
Gnu Classpath 0.17
Gnu Classpath 0.16
Gnu Classpath 0.9
Gnu Classpath 0.96.1
Gnu Classpath 0.92
Gnu Classpath 0.12
Gnu Classpath 0.18
Gnu Classpath 0.11
Gnu Classpath 0.6
Gnu Classpath 0.97
Gnu Classpath 0.93
Gnu Classpath 0.7
Gnu Classpath 0.95
Gnu Classpath 0.96
Gnu Classpath 0.91
Gnu Classpath 0.19
Gnu Classpath 0.13
2 EDB exploits
187
VMScore
CVE-2004-1453
GNU glibc 2.3.4 prior to 2.3.4.20040619, 2.3.3 prior to 2.3.3.20040420, and 2.3.2 prior to 2.3.2-r10 does not restrict the use of LD_DEBUG for a setuid program, which allows local users to gain sensitive information, such as the list of symbols used by the program.
Gnu Glibc 2.2.2
Gnu Glibc 2.1.2
Gnu Glibc 2.0.5
Gnu Glibc 2.2.5
Gnu Glibc 2.0.6
Gnu Glibc 2.1.1
Gnu Glibc 2.0.3
Gnu Glibc 2.3.1
Gnu Glibc 2.3
Gnu Glibc 2.0
Gnu Glibc 2.1.1.6
Gnu Glibc 2.1
Gnu Glibc 2.3.4
Gnu Glibc 2.1.9
Gnu Glibc 2.3.3
Gnu Glibc 2.0.1
Gnu Glibc 2.0.4
Gnu Glibc 2.0.2
Gnu Glibc 2.2.1
Gnu Glibc 2.3.2
Gnu Glibc 2.1.3.10
Gnu Glibc 2.2.3
755
VMScore
CVE-2012-4412
Integer overflow in string/strcoll_l.c in the GNU C Library (aka glibc or libc6) 2.17 and previous versions allows context-dependent malicious users to cause a denial of service (crash) or possibly execute arbitrary code via a long string, which triggers a heap-based buffer overf...
Gnu Glibc 2.1.2
Gnu Glibc 2.11
Gnu Glibc 2.0.5
Gnu Glibc 2.0.6
Gnu Glibc 2.10.1
Gnu Glibc 2.1.1
Gnu Glibc 2.14
Gnu Glibc 2.0.3
Gnu Glibc 2.0
Gnu Glibc 2.13
Gnu Glibc 2.1.1.6
Gnu Glibc 2.1
Gnu Glibc 2.1.9
Gnu Glibc 2.12.1
Gnu Glibc 2.0.1
Gnu Glibc 2.14.1
Gnu Glibc 2.11.2
Gnu Glibc 2.0.4
Gnu Glibc 2.0.2
Gnu Glibc 2.16
Gnu Glibc
Gnu Glibc 2.11.3
1 EDB exploit
187
VMScore
CVE-2004-1382
The glibcbug script in glibc 2.3.4 and previous versions allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CVE-2004-0968.
Gnu Glibc 2.2.2
Gnu Glibc 2.1.2
Gnu Glibc 2.0.5
Gnu Glibc 2.2.5
Gnu Glibc 2.0.6
Gnu Glibc 2.1.1
Gnu Glibc 2.0.3
Gnu Glibc 2.3.1
Gnu Glibc 2.3
Gnu Glibc 2.0
Gnu Glibc 2.1.1.6
Gnu Glibc 2.3.10
Gnu Glibc 2.1
Gnu Glibc 2.3.4
Gnu Glibc 2.1.9
Gnu Glibc 2.3.3
Gnu Glibc 2.0.1
Gnu Glibc 2.0.4
Gnu Glibc 2.0.2
Gnu Glibc 2.2.1
Gnu Glibc 2.3.2
Gnu Glibc 2.1.3.10
455
VMScore
CVE-2012-4424
Stack-based buffer overflow in string/strcoll_l.c in the GNU C Library (aka glibc or libc6) 2.17 and previous versions allows context-dependent malicious users to cause a denial of service (crash) or possibly execute arbitrary code via a long string that triggers a malloc failure...
Gnu Glibc 2.1.2
Gnu Glibc 2.11
Gnu Glibc 2.0.5
Gnu Glibc 2.0.6
Gnu Glibc 2.10.1
Gnu Glibc 2.1.1
Gnu Glibc 2.14
Gnu Glibc 2.0.3
Gnu Glibc 2.0
Gnu Glibc 2.13
Gnu Glibc 2.1.1.6
Gnu Glibc 2.1
Gnu Glibc 2.1.9
Gnu Glibc 2.12.1
Gnu Glibc 2.0.1
Gnu Glibc 2.14.1
Gnu Glibc 2.11.2
Gnu Glibc 2.0.4
Gnu Glibc 2.0.2
Gnu Glibc 2.16
Gnu Glibc
Gnu Glibc 2.11.3
446
VMScore
CVE-2016-6321
Directory traversal vulnerability in the safer_name_suffix function in GNU tar 1.14 up to and including 1.29 might allow remote malicious users to bypass an intended protection mechanism and write to arbitrary files via vectors related to improper sanitization of the file_name pa...
Gnu Tar 1.26
Gnu Tar 1.27.1
Gnu Tar 1.23
Gnu Tar 1.29
Gnu Tar 1.25
Gnu Tar 1.22
Gnu Tar 1.18
Gnu Tar 1.19
Gnu Tar 1.20
Gnu Tar 1.17
Gnu Tar 1.27
Gnu Tar 1.15.90
Gnu Tar 1.16
Gnu Tar 1.28
Gnu Tar 1.14
Gnu Tar 1.24
Gnu Tar 1.15.91
Gnu Tar 1.15
Gnu Tar 1.15.1
Gnu Tar 1.21
Gnu Tar 1.16.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »