Vulnerabilities (CVE)

Filtered by vendor Gnu Subscribe
Filtered by product Gnats
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2007-2808 2 Gnu, Yngve Svendsen 2 Gnats, Gnatsweb 2024-11-21 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in gnatsweb.pl in Gnatsweb 4.00 and Gnats 4.1.99 allows remote attackers to inject arbitrary web script or HTML via the database parameter.
CVE-2005-2180 1 Gnu 1 Gnats 2024-11-20 2.1 LOW N/A
gen-index in GNATS 4.0, 4.1.0, and possibly earlier versions, when installed setuid, does not properly check files passed to the -o argument and opens the file with write access, which allows local users to overwrite arbitrary files.
CVE-2004-0623 1 Gnu 1 Gnats 2024-11-20 10.0 HIGH N/A
Format string vulnerability in misc.c in GNU GNATS 4.00 may allow remote attackers to execute arbitrary code via format string specifiers in a string that gets logged by syslog.