Total
7 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-3697 | 2 Gnu, Opensuse | 2 Gnump3d, Leap | 2021-09-14 | 7.2 HIGH | 7.8 HIGH |
UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of gnump3d in openSUSE Leap 15.1 allows local attackers to escalate from user gnump3d to root. This issue affects: openSUSE Leap 15.1 gnump3d version 3.0-lp151.2.1 and prior versions. | |||||
CVE-2005-3349 | 1 Gnu | 1 Gnump3d | 2011-10-17 | 1.9 LOW | N/A |
GNU Gnump3d before 2.9.8 allows local users to modify or delete arbitrary files via a symlink attack on the index.lok temporary file. | |||||
CVE-2005-3355 | 1 Gnu | 1 Gnump3d | 2011-10-17 | 6.4 MEDIUM | N/A |
Directory traversal vulnerability in GNU Gnump3d before 2.9.8 has unknown impact via "CGI parameters, and cookie values". | |||||
CVE-2007-6130 | 1 Gnu | 1 Gnump3d | 2011-03-07 | 5.0 MEDIUM | N/A |
gnump3d 2.9final does not apply password protection to its plugins, which might allow remote attackers to bypass intended access restrictions. | |||||
CVE-2005-3424 | 1 Gnu | 1 Gnump3d | 2011-03-07 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in GNUMP3D before 2.9.5 allows remote attackers to inject arbitrary web script or HTML via 404 error pages, a different vulnerability than CVE-2005-3425. | |||||
CVE-2005-3123 | 1 Gnu | 1 Gnump3d | 2011-03-07 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in GNUMP3D before 2.9.6 allows remote attackers to read arbitrary files via crafted sequences such as "/.//..//////././", which is collapsed into "/.././" after ".." and "//" sequences are removed. | |||||
CVE-2005-3425 | 1 Gnu | 1 Gnump3d | 2008-09-05 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in GNUMP3D before 2.9.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2005-3424. |