Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnu vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-5029
Integer overflow in the __tzfile_read function in glibc prior to 2.15 allows context-dependent malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted timezone (TZ) file, as demonstrated using vsftpd.
Gnu Glibc 2.1.2
Gnu Glibc 2.0.5
Gnu Glibc 2.0.6
Gnu Glibc 2.1.1
Gnu Glibc 2.0.3
Gnu Glibc 2.0
Gnu Glibc 2.13
Gnu Glibc 2.1.1.6
Gnu Glibc 2.1
Gnu Glibc 2.1.9
Gnu Glibc 2.0.1
Gnu Glibc 2.0.4
Gnu Glibc 2.0.2
Gnu Glibc 2.1.3
Gnu Glibc
1 EDB exploit
NA
CVE-2010-3089
Multiple cross-site scripting (XSS) vulnerabilities in GNU Mailman prior to 2.1.14rc1 allow remote authenticated users to inject arbitrary web script or HTML via vectors involving (1) the list information field or (2) the list description field.
Gnu Mailman 2.1.5
Gnu Mailman 2.1.11
Gnu Mailman 2.1.3
Gnu Mailman 2.1.8
Gnu Mailman 2.1.13
Gnu Mailman 2.1.2
Gnu Mailman 2.1.9
Gnu Mailman 2.1
Gnu Mailman 2.1.6
Gnu Mailman
Gnu Mailman 2.1.10
Gnu Mailman 2.1.1
Gnu Mailman 2.1.12
Gnu Mailman 2.1.7
Gnu Mailman 2.1.4
NA
CVE-2011-4609
The svc_run function in the RPC implementation in glibc prior to 2.15 allows remote malicious users to cause a denial of service (CPU consumption) via a large number of RPC connections.
Gnu Glibc 2.1.2
Gnu Glibc 2.0.5
Gnu Glibc 2.0.6
Gnu Glibc 2.1.1
Gnu Glibc 2.0.3
Gnu Glibc 2.0
Gnu Glibc 2.13
Gnu Glibc 2.1.1.6
Gnu Glibc 2.1
Gnu Glibc 2.1.9
Gnu Glibc 2.0.1
Gnu Glibc 2.0.4
Gnu Glibc 2.0.2
Gnu Glibc 2.1.3
Gnu Glibc
NA
CVE-2005-3424
Cross-site scripting (XSS) vulnerability in GNUMP3D prior to 2.9.5 allows remote malicious users to inject arbitrary web script or HTML via 404 error pages, a different vulnerability than CVE-2005-3425.
Gnu Gnump3d 2.9
Gnu Gnump3d 2.4
Gnu Gnump3d 2.5b
Gnu Gnump3d 2.9.2
Gnu Gnump3d 2.9.4
Gnu Gnump3d 2.3
Gnu Gnump3d 2.7
Gnu Gnump3d 2.9.3
Gnu Gnump3d 2.2
Gnu Gnump3d 2.1
Gnu Gnump3d 2.0
Gnu Gnump3d 2.5
Gnu Gnump3d 2.8
Gnu Gnump3d 2.6
Gnu Gnump3d 2.9.1
NA
CVE-2009-3736
ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 prior to 2.2.6b, as used in Ham Radio Control Libraries, Q, and possibly other products, attempts to open a .la file in the current working directory, which allows local users to gain privileges via a Trojan horse file.
Gnu Libtool 1.5.2
Gnu Libtool 1.5.24
Gnu Libtool 1.5
Gnu Libtool 1.5.8
Gnu Libtool 1.5.22
Gnu Libtool 1.5.6
Gnu Libtool 1.5.26
Gnu Libtool 1.5.18
Gnu Libtool 1.5.12
Gnu Libtool 2.2.6a
Gnu Libtool 1.5.16
Gnu Libtool 1.5.10
Gnu Libtool 1.5.4
Gnu Libtool 1.5.20
Gnu Libtool 1.5.14
NA
CVE-2007-4131
Directory traversal vulnerability in the contains_dot_dot function in src/names.c in GNU tar allows user-assisted remote malicious users to overwrite arbitrary files via certain //.. (slash slash dot dot) sequences in directory symlinks in a TAR archive.
Gnu Tar 1.13
Gnu Tar 1.13.5
Gnu Tar 1.13.11
Gnu Tar 1.13.14
Gnu Tar 1.13.16
Gnu Tar 1.13.17
Gnu Tar 1.13.18
Gnu Tar 1.13.19
Gnu Tar 1.13.25
Gnu Tar 1.14
Gnu Tar 1.14.90
Gnu Tar 1.15
Gnu Tar 1.15.1
Gnu Tar 1.15.90
Gnu Tar 1.15.91
Gnu Tar 1.16
NA
CVE-2005-3425
Cross-site scripting (XSS) vulnerability in GNUMP3D prior to 2.9.6 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2005-3424.
Gnu Gnump3d 2.9
Gnu Gnump3d 2.4
Gnu Gnump3d 2.9.5
Gnu Gnump3d 2.5b
Gnu Gnump3d 2.9.2
Gnu Gnump3d 2.9.4
Gnu Gnump3d 2.3
Gnu Gnump3d 2.7
Gnu Gnump3d 2.9.3
Gnu Gnump3d 2.2
Gnu Gnump3d 2.1
Gnu Gnump3d 2.0
Gnu Gnump3d 2.5
Gnu Gnump3d 2.8
Gnu Gnump3d 2.6
Gnu Gnump3d 2.9.1
NA
CVE-2005-2960
cfengine 1.6.5 and 2.1.16 allows local users to overwrite arbitrary files via a symlink attack on temporary files used by vicf.in, a different vulnerability than CVE-2005-3137.
Gnu Cfengine 2.0.7
Gnu Cfengine 2.0.8
Gnu Cfengine 2.0.5
Gnu Cfengine 1.5
Gnu Cfengine 2.1.16
Gnu Cfengine 2.1.0
Gnu Cfengine 2.1.8
Gnu Cfengine 1.6
Gnu Cfengine 2.1.9
Gnu Cfengine 2.0.0
Gnu Cfengine 1.5.3-4
Gnu Cfengine 2.0.2
Gnu Cfengine 2.0.1
Gnu Cfengine 2.0.6
Gnu Cfengine 1.6.5
Gnu Cfengine 2.0.4
Gnu Cfengine 2.1.7
Gnu Cfengine 2.0.3
Debian Debian Linux 3.1
NA
CVE-2012-0035
Untrusted search path vulnerability in EDE in CEDET prior to 1.0.1, as used in GNU Emacs prior to 23.4 and other products, allows local users to gain privileges via a crafted Lisp expression in a Project.ede file in the directory, or a parent directory, of an opened file.
Gnu Emacs 22.1
Eric M Ludlam Cedet 1.0
Gnu Emacs 21.1
Gnu Emacs 21.3
Gnu Emacs 20.1
Gnu Emacs 20.5
Gnu Emacs
Gnu Emacs 20.4
Gnu Emacs 20.7
Gnu Emacs 20.6
Gnu Emacs 21.2
Gnu Emacs 23.1
Gnu Emacs 20.2
Gnu Emacs 21.3.1
Gnu Emacs 22.3
Gnu Emacs 23.4
Gnu Emacs 21
Gnu Emacs 20.3
Gnu Emacs 21.4
Gnu Emacs 21.2.1
Gnu Emacs 22.2
Eric M Ludlam Cedet
NA
CVE-2003-0991
Unknown vulnerability in the mail command handler in Mailman prior to 2.0.14 allows remote malicious users to cause a denial of service (crash) via malformed e-mail commands.
Gnu Mailman 2.0.5
Gnu Mailman 2.0.1
Gnu Mailman 2.0.11
Gnu Mailman 2.0.6
Gnu Mailman 2.0
Gnu Mailman 1.1
Gnu Mailman 2.0.12
Gnu Mailman 2.0.9
Gnu Mailman 2.0.3
Gnu Mailman 2.0.13
Gnu Mailman 2.0.4
Gnu Mailman 2.1
Sgi Propack 2.3
Gnu Mailman 1.0
Gnu Mailman 2.0.8
Gnu Mailman 2.0.10
Gnu Mailman 2.0.2
Gnu Mailman 2.0.7
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »