Gnump3d Security Vulnerabilities and Issues — Gnump3d CVE List

Lucene search

GnuGnump3d

7 matches found

CVE•added 2005/11/18 10:3 p.m.•64 views

CVE-2005-3355

Directory traversal vulnerability in GNU Gnump3d before 2.9.8 has unknown impact via "CGI parameters, and cookie values".

6.4CVSS6.3AI score0.00678EPSS

CVE•added 2005/10/30 8:2 p.m.•53 views

CVE-2005-3123

Directory traversal vulnerability in GNUMP3D before 2.9.6 allows remote attackers to read arbitrary files via crafted sequences such as "/.//..//////././", which is collapsed into "/.././" after ".." and "//" sequences are removed.

5CVSS6.4AI score0.01258EPSS

CVE•added 2005/11/01 10:2 p.m.•52 views

CVE-2005-3425

Cross-site scripting (XSS) vulnerability in GNUMP3D before 2.9.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2005-3424.

4.3CVSS5.5AI score0.00804EPSS

CVE•added 2005/11/01 10:2 p.m.•50 views

CVE-2005-3424

Cross-site scripting (XSS) vulnerability in GNUMP3D before 2.9.5 allows remote attackers to inject arbitrary web script or HTML via 404 error pages, a different vulnerability than CVE-2005-3425.

4.3CVSS5.5AI score0.00804EPSS

CVE•added 2005/11/18 10:3 p.m.•46 views

CVE-2005-3349

GNU Gnump3d before 2.9.8 allows local users to modify or delete arbitrary files via a symlink attack on the index.lok temporary file.

1.9CVSS5.9AI score0.00045EPSS

CVE•added 2007/11/26 10:46 p.m.•42 views

CVE-2007-6130

gnump3d 2.9final does not apply password protection to its plugins, which might allow remote attackers to bypass intended access restrictions.

5CVSS6.9AI score0.00349EPSS

CVE•added 2020/01/24 12:15 p.m.•37 views

CVE-2019-3697

UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of gnump3d in openSUSE Leap 15.1 allows local attackers to escalate from user gnump3d to root. This issue affects: openSUSE Leap 15.1 gnump3d version 3.0-lp151.2.1 and prior versions.

7.8CVSS7.6AI score0.00129EPSS