CVE-2008-5367

ip-up in ppp-udeb 2.4.4rel on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on the /tmp/resolv.conf.tmp temporary file...

CVE-2005-3254

The CGIwrap program before 3.9 on Debian GNU/Linux uses an incorrect minimum value of 100 for a UID to determine whether it can perform a seteuid operation, which could allow attackers to execute code as other system UIDs that are greater than the minimum value, which should be 1000 on Debian...

CVE-2004-1342

CVS 1.12 and earlier on Debian GNU/Linux, when using the repouid patch, allows remote attackers to bypass authentication via the pserver access method...

CVE-1999-0202

The GNU tar command, when used in FTP sessions, may allow an attacker to execute arbitrary commands...

CVE-2025-5001

A vulnerability was found in GNU PSPP 82fb509fb2fedd33e7ac0c46ca99e108bb3bdffb. It has been declared as problematic. This vulnerability affects the function calloc of the file pspp-convert.c. The manipulation of the argument -l leads to integer overflow. Local access is required to approach this...

CVE-2025-5001

A vulnerability was found in GNU PSPP 82fb509fb2fedd33e7ac0c46ca99e108bb3bdffb. It has been declared as problematic. This vulnerability affects the function calloc of the file pspp-convert.c. The manipulation of the argument -l leads to integer overflow. Local access is required to approach this...

UBUNTU-CVE-2025-5001

A vulnerability was found in GNU PSPP 82fb509fb2fedd33e7ac0c46ca99e108bb3bdffb. It has been declared as problematic. This vulnerability affects the function calloc of the file pspp-convert.c. The manipulation of the argument -l leads to integer overflow. Local access is required to approach this...

CVE-2025-5001 GNU PSPP pspp-convert.c calloc integer overflow

A vulnerability was found in GNU PSPP 82fb509fb2fedd33e7ac0c46ca99e108bb3bdffb. It has been declared as problematic. This vulnerability affects the function calloc of the file pspp-convert.c. The manipulation of the argument -l leads to integer overflow. Local access is required to approach this...

CVE-2025-5001 GNU PSPP pspp-convert.c calloc integer overflow

A vulnerability was found in GNU PSPP 82fb509fb2fedd33e7ac0c46ca99e108bb3bdffb. It has been declared as problematic. This vulnerability affects the function calloc of the file pspp-convert.c. The manipulation of the argument -l leads to integer overflow. Local access is required to approach this...

CVE-2025-5001

CVE-2025-5001 affects GNU PSPP (pspp-convert.c: calloc). Root cause: manipulation of the -l argument leads to an integer overflow in calloc. Impact: potential local impact, with availability degraded; confidentiality/integrity not affected per sources. Exploit has been disclosed publicly. Affecte...

CVE-2025-5001

A vulnerability was found in GNU PSPP 82fb509fb2fedd33e7ac0c46ca99e108bb3bdffb. It has been declared as problematic. This vulnerability affects the function calloc of the file pspp-convert.c. The manipulation of the argument -l leads to integer overflow. Local access is required to approach this...

SUSE CVE-2025-4802

Untrusted LDLIBRARYPATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of dynamically shared library in statically compiled setuid binaries that call dlopen including internal dlopen calls after setlocale or calls to NSS functions...

GNU PSPP Buffer Overflow Vulnerability

GNU PSPP is an application for data sampling, statistics and analysis from the American GNU community. GNU PSPP suffers from a buffer overflow vulnerability that stems from inflateread failing to properly validate the length and size of input data, which can be exploited by an attacker to cause a...

GNU GRUB Access Control Error Vulnerability

GNU GRUB is a Linux system boot program from the GNU community. An Access Control Error vulnerability exists in GNU GRUB, which stems from GRUB not clearing the key in memory during automatic TPM decryption, and can be exploited by an attacker to obtain unencrypted data...

PT-2025-22311 · Gnu +1 · Gnu Pspp +1

Name of the Vulnerable Software and Affected Versions: GNU PSPP version 82fb509fb2fedd33e7ac0c46ca99e108bb3bdffb Description: A vulnerability was found in GNU PSPP, affecting the calloc function in the pspp-convert.c file. The manipulation of the argument -l leads to integer overflow. Local acces...

PT-2025-23038

Name of the Vulnerable Software and Affected Versions GNU Coreutils affected versions not specified Description A flaw was found in the sort utility's begfield function, which is vulnerable to a heap buffer under-read. This issue may cause the program to access memory outside the allocated buffer...

CVE-2025-4802

A flaw was found in the glibc library. A statically linked setuid binary that calls dlopen, including internal dlopen calls after setlocale or calls to NSS functions such as getaddrinfo, may incorrectly search LDLIBRARYPATH to determine which library to load, allowing a local attacker to load...

CVE-2025-48188

A flaw was found in GNU PSPP's libpspp-core.a component. This vulnerability can allow a heap-based buffer over-read via a crafted encrypted file when the rijndaelDecrypt function is incorrectly called by fillbuffer in encrypted-file.c. This can lead to memory disclosure or an application crash...

CVE-2025-48188

libpspp-core.a in GNU PSPP through 2.0.1 has an incorrect call from fillbuffer in data/encrypted-file.c to the Gnulib rijndaelDecrypt function, leading to a heap-based buffer over-read...

CVE-2025-48188

libpspp-core.a in GNU PSPP through 2.0.1 has an incorrect call from fillbuffer in data/encrypted-file.c to the Gnulib rijndaelDecrypt function, leading to a heap-based buffer over-read...