Gnump3d Security Vulnerabilities and Issues — Gnump3d CVE List

GnuGnump3d

7 matches found

CVE•added 2005/11/18 10:0 p.m.•73 views

CVE-2005-3355

The CVE-2005-3355 issue affects gnump3d, where the theme parameter in HTTP requests can be used for path traversal. Technical details across connected sources confirm this vulnerability in gnump3d prior to version 2.9.8, caused by inadequate validation of CGI input causing unauthorized file acces...

6.4CVSS6.3AI score0.02226EPSS

CVE•added 2005/10/30 8:0 p.m.•63 views

CVE-2005-3123

CVE-2005-3123 affects GNUMP3d (before 2.9.6). Multiple connected advisories describe a directory traversal flaw where crafted URLs allow reading arbitrary files the server’s user can access, due to incomplete path sanitization. Debian/DSA-877-1 and Gentoo GLSA-200511-05 cite remote exploitation; ...

5CVSS6.4AI score0.02982EPSS

CVE•added 2005/11/01 10:0 p.m.•62 views

CVE-2005-3425

CVE-2005-3425 is an XSS vulnerability in gnump3d prior to version 2.9.6 . Remote attackers could inject arbitrary web script or HTML via unspecified vectors, potentially compromising the victim’s browser. The CVE is discussed across multiple advisories (Debian/DSA-877-1, SUSE, Gentoo GLSA 200511-...

4.3CVSS5.5AI score0.01754EPSS

CVE•added 2005/11/01 10:0 p.m.•61 views

CVE-2005-3424

Summary of CVE-2005-3424 (GNUMP3d) : A cross-site scripting (XSS) vulnerability affecting GNUMP3d prior to 2.9.5 (some sources mention up to 2.9.6) enables remote attackers to inject arbitrary web script or HTML, via crafted 404 error pages. The issue is documented alongside CVE-2005-3425 (a sepa...

4.3CVSS5.5AI score0.01437EPSS

CVE•added 2005/11/18 10:0 p.m.•55 views

CVE-2005-3349

CVE-2005-3349 affects gnump3d prior to 2.9.8, where insecure temporary-file handling (index.lok) enables local attackers to create symlink attacks and overwrite or delete files. Multiple advisories assess this as a local, path/temporary-file vulnerability in gnump3d and note related issues (CVE-2...

1.9CVSS5.9AI score0.00365EPSS

CVE•added 2007/11/26 10:0 p.m.•51 views

CVE-2007-6130

The CVE-2007-6130 issue affects gnump3d 2.9final, where password protection is not applied to plugins, potentially allowing remote attackers to bypass intended access restrictions. The vulnerability concerns plugin-level access controls rather than core authentication, with the NVD and SUSE entri...

5CVSS6.9AI score0.01488EPSS

CVE•added 2020/01/24 12:10 p.m.•48 views

CVE-2019-3697

The provided documents describe CVE-2019-3697 as a local privilege escalation in openSUSE Leap 15.1, specifically affecting gnump3d packaging. The vulnerability arises from a UNIX symbolic link (symlink) following issue in the packaging process, enabling a local attacker operating as the gnump3d ...

7.8CVSS7.6AI score0.00518EPSS