GNU : Security Vulnerabilities, CVEs, Published In 2000 CVSS score >= 5
The -ftrapv compiler option in gcc and g++ 3.3.3 and earlier does not handle all types of integer overflows, which may leave applications vulnerable to vulnerabilities related to overflows.
Max CVSS
7.5
EPSS Score
0.21%
Published
2000-11-01
Updated
2008-09-05
GnuPG (gpg) 1.0.3 does not properly check all signatures of a file containing multiple documents, which allows an attacker to modify contents of all documents but the first without detection.
Max CVSS
7.5
EPSS Score
1.25%
Published
2000-12-19
Updated
2018-05-03
Buffer overflow in ncurses library allows local users to execute arbitrary commands via long environmental information such as TERM or TERMINFO_DIRS.
Max CVSS
7.2
EPSS Score
0.04%
Published
2000-12-19
Updated
2023-03-03
Format string vulnerability in cfd daemon in GNU CFEngine before 1.6.0a11 allows attackers to execute arbitrary commands via format characters in the CAUTH command.
Max CVSS
10.0
EPSS Score
0.30%
Published
2000-12-19
Updated
2017-10-10
Mailman 1.1 allows list administrators to execute arbitrary commands via shell metacharacters in the %(listname) macro expansion.
Max CVSS
7.2
EPSS Score
0.11%
Published
2000-11-14
Updated
2017-10-10
The unsetenv function in glibc 2.1.1 does not properly unset an environmental variable if the variable is provided twice to a program, which could allow local users to execute arbitrary commands in setuid programs by specifying their own duplicate environmental variables such as LD_PRELOAD or LD_LIBRARY_PATH.
Max CVSS
7.2
EPSS Score
0.04%
Published
2000-11-14
Updated
2017-10-10
GNU Groff uses the current working directory to find a device description file, which allows a local user to gain additional privileges by including a malicious postpro directive in the description file, which is executed when another user runs groff.
Max CVSS
10.0
EPSS Score
0.56%
Published
2000-12-19
Updated
2021-05-10
The resolver in glibc 2.1.3 uses predictable IDs, which allows a local attacker to spoof DNS query results.
Max CVSS
7.5
EPSS Score
1.06%
Published
2000-05-03
Updated
2008-09-10
GNU make follows symlinks when it reads a Makefile from stdin, which allows other local users to execute commands.
Max CVSS
6.2
EPSS Score
0.04%
Published
2000-02-01
Updated
2008-09-10
9 vulnerabilities found