Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnu vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-1999-0492
The ffingerd 1.19 allows remote malicious users to identify users on the target system based on its responses.
1 EDB exploit
9.3
CVSSv2
CVE-2018-20969
do_ed_script in pch.c in GNU patch up to and including 2.7.6 does not block strings beginning with a ! character. NOTE: this is the same commit as for CVE-2019-13638, but the ! syntax is specific to ed, and is unrelated to a shell metacharacter.
Gnu Patch
1 Github repository
9.3
CVSSv2
CVE-2019-13638
GNU patch up to and including 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is diff...
Gnu Patch 2.7.6
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
1 Github repository
9.3
CVSSv2
CVE-2015-1418
The do_ed_script function in pch.c in GNU patch up to and including 2.7.6, and patch in FreeBSD 10.1 prior to 10.1-RELEASE-p17, 10.2 prior to 10.2-BETA2-p3, 10.2-RC1 prior to 10.2-RC1-p2, and 0.2-RC2 prior to 10.2-RC2-p1, allows remote malicious users to execute arbitrary command...
Freebsd Freebsd 10.1
Freebsd Freebsd 10.2
9.3
CVSSv2
CVE-2015-1416
Larry Wall's patch; patch in FreeBSD 10.2-RC1 prior to 10.2-RC1-p1, 10.2 prior to 10.2-BETA2-p2, and 10.1 prior to 10.1-RELEASE-p16; Bitrig; GNU patch prior to 2.2.5; and possibly other patch variants allow remote malicious users to execute arbitrary shell commands via a cra...
Freebsd Freebsd 10.1
Freebsd Freebsd 10.0
Freebsd Freebsd 10.2
9.3
CVSSv2
CVE-2012-0035
Untrusted search path vulnerability in EDE in CEDET prior to 1.0.1, as used in GNU Emacs prior to 23.4 and other products, allows local users to gain privileges via a crafted Lisp expression in a Project.ede file in the directory, or a parent directory, of an opened file.
Eric M Ludlam Cedet 1.0
Gnu Emacs 20.1
Gnu Emacs 20.2
Gnu Emacs 21.3
Gnu Emacs 22.1
Gnu Emacs 23.1
Gnu Emacs 23.2
Gnu Emacs 20.0
Gnu Emacs 21
Gnu Emacs 21.2.1
Gnu Emacs 22.2
Gnu Emacs 22.3
Eric M Ludlam Cedet
Gnu Emacs 20.5
Gnu Emacs 20.6
Gnu Emacs 21.3.1
Gnu Emacs 21.4
Gnu Emacs 20.3
Gnu Emacs 20.4
Gnu Emacs 20.7
Gnu Emacs 21.1
Gnu Emacs 21.2
9.3
CVSSv2
CVE-2010-4541
Stack-based buffer overflow in the loadit function in plug-ins/common/sphere-designer.c in the SPHERE DESIGNER plugin in GIMP 2.6.11 allows user-assisted remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a long "Nu...
Gimp Gimp 2.6.11
9.3
CVSSv2
CVE-2009-3232
pam-auth-update for PAM, as used in Ubuntu 8.10 and 9.4, and Debian GNU/Linux, does not properly handle an "empty selection" for system authentication modules in certain rare configurations, which causes any attempt to be successful and allows remote malicious users to ...
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 8.10
9.3
CVSSv2
CVE-2009-2946
Eval injection vulnerability in scripts/uscan.pl before Rev 1984 in devscripts allows remote malicious users to execute arbitrary Perl code via crafted pathnames on distribution servers for upstream source code used in Debian GNU/Linux packages.
Devscripts Devel Team Devscripts
9.3
CVSSv2
CVE-2009-1492
The getAnnots Doc method in the JavaScript API in Adobe Reader and Acrobat 9.1, 8.1.4, 7.1.1, and previous versions allows remote malicious users to cause a denial of service (memory corruption) or execute arbitrary code via a PDF file that contains an annotation, and has an Open...
Adobe Acrobat
Adobe Acrobat Reader
1 EDB exploit
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3661
open redirect
CVE-2024-25512
CVE-2024-33788
command injection
SSTI
CVE-2024-0043
CVE-2024-29210
CVE-2024-25510
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »