Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnu vulnerabilities and exploits
(subscribe to this query)
890
VMScore
CVE-2002-0391
Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote malicious users to execute arbitrary code by passing a large number of arguments to xdr_array through RPC services suc...
Openbsd Openbsd 3.1
Sun Sunos 5.7
Sun Sunos 5.8
Sun Sunos 5.5.1
Sun Solaris 2.6
Sun Solaris 9.0
Freebsd Freebsd
Microsoft Windows Nt 4.0
Microsoft Windows Xp -
Microsoft Windows 2000 -
890
VMScore
CVE-2001-0961
Buffer overflow in tab expansion capability of the most program allows local or remote malicious users to execute arbitrary code via a malformed file that is viewed with most.
John E. Davis Most 4.5
John E. Davis Most 4.6
John E. Davis Most 4.7
John E. Davis Most 4.9.0
John E. Davis Most 4.9.1
John E. Davis Most 4.4
John E. Davis Most 4.41
890
VMScore
CVE-2000-0947
Format string vulnerability in cfd daemon in GNU CFEngine prior to 1.6.0a11 allows malicious users to execute arbitrary commands via format characters in the CAUTH command.
Gnu Cfengine 1.5
Gnu Cfengine 1.5.3-4
Gnu Cfengine 1.6
890
VMScore
CVE-2000-0803
GNU Groff uses the current working directory to find a device description file, which allows a local user to gain additional privileges by including a malicious postpro directive in the description file, which is executed when another user runs groff.
Gnu Groff
828
VMScore
CVE-2018-20969
do_ed_script in pch.c in GNU patch up to and including 2.7.6 does not block strings beginning with a ! character. NOTE: this is the same commit as for CVE-2019-13638, but the ! syntax is specific to ed, and is unrelated to a shell metacharacter.
Gnu Patch
1 Github repository
828
VMScore
CVE-2019-13638
GNU patch up to and including 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is diff...
Gnu Patch 2.7.6
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
1 Github repository
828
VMScore
CVE-2015-1416
Larry Wall's patch; patch in FreeBSD 10.2-RC1 prior to 10.2-RC1-p1, 10.2 prior to 10.2-BETA2-p2, and 10.1 prior to 10.1-RELEASE-p16; Bitrig; GNU patch prior to 2.2.5; and possibly other patch variants allow remote malicious users to execute arbitrary shell commands via a cra...
Freebsd Freebsd 10.1
Freebsd Freebsd 10.0
Freebsd Freebsd 10.2
828
VMScore
CVE-2015-1418
The do_ed_script function in pch.c in GNU patch up to and including 2.7.6, and patch in FreeBSD 10.1 prior to 10.1-RELEASE-p17, 10.2 prior to 10.2-BETA2-p3, 10.2-RC1 prior to 10.2-RC1-p2, and 0.2-RC2 prior to 10.2-RC2-p1, allows remote malicious users to execute arbitrary command...
Freebsd Freebsd 10.1
Freebsd Freebsd 10.2
828
VMScore
CVE-2012-0035
Untrusted search path vulnerability in EDE in CEDET prior to 1.0.1, as used in GNU Emacs prior to 23.4 and other products, allows local users to gain privileges via a crafted Lisp expression in a Project.ede file in the directory, or a parent directory, of an opened file.
Eric M Ludlam Cedet 1.0
Gnu Emacs 20.1
Gnu Emacs 20.2
Gnu Emacs 21.3
Gnu Emacs 22.1
Gnu Emacs 23.1
Gnu Emacs 23.2
Gnu Emacs 20.0
Gnu Emacs 21
Gnu Emacs 21.2.1
Gnu Emacs 22.2
Gnu Emacs 22.3
Eric M Ludlam Cedet
Gnu Emacs 20.5
Gnu Emacs 20.6
Gnu Emacs 21.3.1
Gnu Emacs 21.4
Gnu Emacs 20.3
Gnu Emacs 20.4
Gnu Emacs 20.7
Gnu Emacs 21.1
Gnu Emacs 21.2
828
VMScore
CVE-2010-4541
Stack-based buffer overflow in the loadit function in plug-ins/common/sphere-designer.c in the SPHERE DESIGNER plugin in GIMP 2.6.11 allows user-assisted remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a long "Nu...
Gimp Gimp 2.6.11
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-34377
CVE-2024-20859
CVE-2023-49606
inject
arbitrary
CVE-2024-33788
CVE-2024-30973
IDOR
CVE-2024-33907
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »