CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2002-0044
https://notcve.org/view.php?id=CVE-2002-0044
31 Jan 2002 — GNU Enscript 1.6.1 and earlier allows local users to overwrite arbitrary files of the Enscript user via a symlink attack on temporary files. Enscript 1.5.1 y anteriores permiten a usaurios locales sobreescribir ficheros arbitrarios del usuario Enscript mediante un ataque de enlaces simbólicos (symlink attack) en ficheros temporales. • http://www.debian.org/security/2002/dsa-105 •
CVSS: 6.1EPSS: 0%CPEs: 5EXPL: 0CVE-2001-0884
https://notcve.org/view.php?id=CVE-2001-0884
21 Dec 2001 — Cross-site scripting vulnerability in Mailman email archiver before 2.08 allows attackers to obtain sensitive information or authentication credentials via a malicious link that is accessed by other web users. Vulnerabilidad de secuencias de comandos en sitios cruzados en el archivador de correo electrónico Mailman permite a atacantes ganar información sensible o credenciales de autenticación mediante un enlace malicioso que es accedido por otros usuarios web. • http://www.redhat.com/support/errata/RHSA-2001-168.html •
CVSS: 9.8EPSS: 1%CPEs: 3EXPL: 0CVE-2001-1228
https://notcve.org/view.php?id=CVE-2001-1228
18 Nov 2001 — Buffer overflows in gzip 1.3x, 1.2.4, and other versions might allow attackers to execute code via a long file name, possibly remotely if gzip is run on an FTP server. • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-002.txt.asc •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2001-1132
https://notcve.org/view.php?id=CVE-2001-1132
05 Sep 2001 — Mailman 2.0.x before 2.0.6 allows remote attackers to gain access to list administrative pages when there is an empty site or list password, which is not properly handled during the call to the crypt function during authentication. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000420 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 2CVE-2001-1036 – GNU findutils 4.0/4.1 - Locate Arbitrary Command Execution
https://notcve.org/view.php?id=CVE-2001-1036
31 Aug 2001 — GNU locate in findutils 4.1 on Slackware 7.1 and 8.0 allows local users to gain privileges via an old formatted filename database (locatedb) that contains an entry with an out-of-range offset, which causes locate to write to arbitrary process memory. • https://www.exploit-db.com/exploits/21043 •
CVSS: 7.8EPSS: 8%CPEs: 3EXPL: 1CVE-2001-0522 – GNU Privacy Guard 1.0.x - Format String
https://notcve.org/view.php?id=CVE-2001-0522
14 Aug 2001 — Format string vulnerability in Gnu Privacy Guard (aka GnuPG or gpg) 1.05 and earlier can allow an attacker to gain privileges via format strings in the original filename that is stored in an encrypted file. • https://www.exploit-db.com/exploits/20889 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2001-1301
https://notcve.org/view.php?id=CVE-2001-1301
07 Aug 2001 — rcs2log, as used in Emacs 20.4, xemacs 21.1.10 and other versions before 21.4, and possibly other packages, allows local users to modify files of other users via a symlink attack on a temporary file. • http://archives.neohapsis.com/archives/bugtraq/2001-08/0093.html •
CVSS: 9.8EPSS: 3%CPEs: 7EXPL: 2CVE-2001-1022 – GNU groff 1.1x - xploitation Via LPD
https://notcve.org/view.php?id=CVE-2001-1022
26 Jul 2001 — Format string vulnerability in pic utility in groff 1.16.1 and other versions, and jgroff before 1.15, allows remote attackers to bypass the -S option and execute arbitrary commands via format string specifiers in the plot command. • https://www.exploit-db.com/exploits/21037 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2001-1267
https://notcve.org/view.php?id=CVE-2001-1267
12 Jul 2001 — Directory traversal vulnerability in GNU tar 1.13.19 and earlier allows local users to overwrite arbitrary files during archive extraction via a tar file whose filenames contain a .. (dot dot). • ftp://alpha.gnu.org/gnu/tar/tar-1.13.25.tar.gz •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2001-0191
https://notcve.org/view.php?id=CVE-2001-0191
03 May 2001 — gnuserv before 3.12, as shipped with XEmacs, does not properly check the specified length of an X Windows MIT-MAGIC-COOKIE cookie, which allows remote attackers to execute arbitrary commands via a buffer overflow, or brute force authentication by using a short cookie length. • http://archives.neohapsis.com/archives/bugtraq/2001-02/0030.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •