The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in degraded service or Denial of Service on the local system. This is related to netgroupcache.c.
Max CVSS
2.5
EPSS Score
0.05%
Published
2021-02-24
Updated
2022-11-04
The bmexec_trans function in kwset.c in grep 2.19 through 2.21 allows local users to cause a denial of service (out-of-bounds heap read and crash) via crafted input when using the -F option.
Max CVSS
2.1
EPSS Score
0.04%
Published
2015-02-12
Updated
2018-10-30
A certain Debian patch for GNU GRUB uses world-readable permissions for grub.cfg, which allows local users to obtain password hashes, as demonstrated by reading the password_pbkdf2 directive in the file.
Max CVSS
2.1
EPSS Score
0.04%
Published
2014-05-12
Updated
2024-01-16
pt_chown in GNU C Library (aka glibc or libc6) before 2.18 does not properly check permissions for tty files, which allows local users to change the permission on the files and obtain access to arbitrary pseudo-terminals by leveraging a FUSE file system.
Max CVSS
2.6
EPSS Score
0.04%
Published
2013-10-09
Updated
2017-07-01
The /etc/profile.d/60alias.sh script in the Mandriva bash package for Bash 2.05b, 3.0, 3.2, 3.2.48, and 4.0 enables the --show-control-chars option in LS_OPTIONS, which allows local users to send escape sequences to terminal emulators, or hide the existence of a file, via a crafted filename.
Max CVSS
2.1
EPSS Score
0.05%
Published
2010-01-14
Updated
2011-08-08
Grub Legacy 0.97 and earlier stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not clear this buffer before and after use, which allows local users to obtain sensitive information by reading the physical memory locations associated with this buffer.
Max CVSS
2.1
EPSS Score
0.04%
Published
2008-09-03
Updated
2018-10-11
CRLF injection vulnerability in Utils.py in Mailman before 2.1.9rc1 allows remote attackers to spoof messages in the error log and possibly trick the administrator into visiting malicious URLs via CRLF sequences in the URI.
Max CVSS
2.6
EPSS Score
1.65%
Published
2006-09-07
Updated
2018-10-17
Multiple unspecified vulnerabilities in the "utf8 combining characters handling" (utf8_handle_comb function in encoding.c) in screen before 4.0.3 allows user-assisted attackers to cause a denial of service (crash or hang) via certain UTF8 sequences.
Max CVSS
2.6
EPSS Score
3.97%
Published
2006-10-24
Updated
2011-03-08
fold_binary in fold-const.c in GNU Compiler Collection (gcc) 4.1 improperly handles pointer overflow when folding a certain expr comparison to a corresponding offset comparison in cases other than EQ_EXPR and NE_EXPR, which might introduce buffer overflow vulnerabilities into applications that could be exploited by context-dependent attackers.NOTE: the vendor states that the essence of the issue is "not correctly interpreting an offset to a pointer as a signed value."
Max CVSS
2.1
EPSS Score
0.06%
Published
2006-04-20
Updated
2018-10-18
Cross-site scripting (XSS) vulnerability in the private archive script (private.py) in GNU Mailman 2.1.7 allows remote attackers to inject arbitrary web script or HTML via the action argument.
Max CVSS
2.6
EPSS Score
0.31%
Published
2006-04-11
Updated
2011-03-08
The (1) cfmailfilter and (2) cfcron.in files for cfengine 1.6.5 allow local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CVE-2005-2960.
Max CVSS
2.1
EPSS Score
0.04%
Published
2005-10-05
Updated
2017-07-11
cfengine 1.6.5 and 2.1.16 allows local users to overwrite arbitrary files via a symlink attack on temporary files used by vicf.in, a different vulnerability than CVE-2005-3137.
Max CVSS
2.1
EPSS Score
0.04%
Published
2005-10-05
Updated
2017-07-11
gen-index in GNATS 4.0, 4.1.0, and possibly earlier versions, when installed setuid, does not properly check files passed to the -o argument and opens the file with write access, which allows local users to overwrite arbitrary files.
Max CVSS
2.1
EPSS Score
0.04%
Published
2005-07-11
Updated
2016-10-18
The original patch for a GNU tar directory traversal vulnerability (CVE-2002-0399) in Red Hat Enterprise Linux 3 and 2.1 uses an "incorrect optimization" that allows user-assisted attackers to overwrite arbitrary files via a crafted tar file, probably involving "/../" sequences with a leading "/".
Max CVSS
2.6
EPSS Score
0.11%
Published
2005-12-31
Updated
2018-10-19
unshar (unshar.c) in sharutils 4.2.1 allows local users to overwrite arbitrary files via a symlink attack on the unsh.X temporary file.
Max CVSS
2.1
EPSS Score
0.04%
Published
2005-05-02
Updated
2018-10-03
Unknown vulnerability in gnubiff 1.2.0 and earlier allows local users to obtain passwords, related to the password table.
Max CVSS
2.1
EPSS Score
0.04%
Published
2004-12-31
Updated
2008-09-05
Wget 1.9 and 1.9.1 allows local users to overwrite arbitrary files via a symlink attack on the name of the file being downloaded.
Max CVSS
2.6
EPSS Score
0.04%
Published
2004-12-31
Updated
2018-10-03
GNU glibc 2.3.4 before 2.3.4.20040619, 2.3.3 before 2.3.3.20040420, and 2.3.2 before 2.3.2-r10 does not restrict the use of LD_DEBUG for a setuid program, which allows local users to gain sensitive information, such as the list of symbols used by the program.
Max CVSS
2.1
EPSS Score
0.04%
Published
2004-12-31
Updated
2017-10-11
The glibcbug script in glibc 2.3.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CVE-2004-0968.
Max CVSS
2.1
EPSS Score
0.04%
Published
2004-12-31
Updated
2016-10-18
The (1) fixps (aka fixps.in) and (2) psmandup (aka psmandup.in) scripts in a2ps before 4.13 allow local users to overwrite arbitrary files via a symlink attack on temporary files.
Max CVSS
2.1
EPSS Score
0.04%
Published
2004-12-27
Updated
2017-07-11
gzip before 1.3 in Solaris 8, when called with the -f or -force flags, will change the permissions of files that are hard linked to the target files, which allows local users to view or modify these files.
Max CVSS
2.1
EPSS Score
0.09%
Published
2004-10-04
Updated
2023-03-24
The (1) gzexe, (2) zdiff, and (3) znew scripts in the gzip package, as used by other packages such as ncompress, allows local users to overwrite files via a symlink attack on temporary files. NOTE: the znew vulnerability may overlap CVE-2003-0367.
Max CVSS
2.1
EPSS Score
0.04%
Published
2005-02-09
Updated
2017-07-11
The groffer script in the Groff package 1.18 and later versions, as used in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.
Max CVSS
2.1
EPSS Score
0.04%
Published
2005-02-09
Updated
2017-07-11
The catchsegv script in glibc 2.3.2 and earlier allows local users to overwrite files via a symlink attack on temporary files.
Max CVSS
2.1
EPSS Score
0.04%
Published
2005-02-09
Updated
2017-10-11
The (1) autopoint and (2) gettextize scripts in the GNU gettext package 1.14 and later versions, as used in Trustix Secure Linux 1.5 through 2.1 and other operating systems, allows local users to overwrite files via a symlink attack on temporary files.
Max CVSS
2.1
EPSS Score
0.04%
Published
2005-02-09
Updated
2017-07-11
35 vulnerabilities found
1 2
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!