Vulnerabilities > GNU
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-01-21 | CVE-2004-1185 | Multiple vulnerability in GNU Enscript Enscript 1.6.3 does not sanitize filenames, which allows remote attackers or local users to execute arbitrary commands via crafted filenames. | 7.5 |
| 2005-01-21 | CVE-2004-1184 | Multiple vulnerability in GNU Enscript The EPSF pipe support in enscript 1.6.3 allows remote attackers or local users to execute arbitrary commands via shell metacharacters. | 4.6 |
| 2005-01-10 | CVE-2004-1177 | Unspecified vulnerability in GNU Mailman Cross-site scripting (XSS) vulnerability in the driver script in mailman before 2.1.5 allows remote attackers to inject arbitrary web script or HTML via a URL, which is not properly escaped in the resulting error page. network gnu | 4.3 |
| 2005-01-10 | CVE-2004-1170 | a2ps 4.13 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename. | 10.0 |
| 2004-12-31 | CVE-2004-2531 | Denial Of Service vulnerability in GNU Gnutls 1.0.16 X.509 Certificate Signature Verification in Gnu transport layer security library (GnuTLS) 1.0.16 allows remote attackers to cause a denial of service (CPU consumption) via certificates containing long chains and signed with large RSA keys. | 7.8 |
| 2004-12-31 | CVE-2004-2461 | Remote POP3 Protocol vulnerability in gnubiff Buffer overflow in pop3.c in gnubiff before 2.0.0 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code. | 7.5 |
| 2004-12-31 | CVE-2004-2460 | Remote POP3 Protocol vulnerability in gnubiff Unknown vulnerability in POP3 in gnubiff before 2.0.0 allows remote attackers to cause a denial of service (application crash) via an "infinite" Unique IDentification Listing (UIDL) list. | 5.0 |
| 2004-12-31 | CVE-2004-2459 | Local Security vulnerability in gnubiff Unknown vulnerability in gnubiff 1.2.0 and earlier allows local users to obtain passwords, related to the password table. | 2.1 |
| 2004-12-31 | CVE-2004-2014 | Unspecified vulnerability in GNU Wget Wget 1.9 and 1.9.1 allows local users to overwrite arbitrary files via a symlink attack on the name of the file being downloaded. | 2.6 |
| 2004-12-31 | CVE-2004-1773 | Buffer Overflow vulnerability in GNU Sharutils 4.2/4.2.1 Multiple buffer overflows in sharutils 4.2.1 and earlier may allow attackers to execute arbitrary code via (1) long output from wc to shar, or (2) unknown vectors in unshar. | 7.5 |