NVD - Results

Sort results by:

Search Results (Refine Search)

Search Parameters:

Results Type: Overview
Keyword (text search): cpe:2.3:a:gnu:gnump3d:2.9:*:*:*:*:*:*:*
CPE Name Search: true

There are 6 matching records.

Displaying matches 1 through 6.

Vuln ID	Summary	CVSS Severity
CVE-2019-3697	UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of gnump3d in openSUSE Leap 15.1 allows local attackers to escalate from user gnump3d to root. This issue affects: openSUSE Leap 15.1 gnump3d version 3.0-lp151.2.1 and prior versions. Published: January 24, 2020; 7:15:11 AM -0500	V3.1: 7.8 HIGH V2.0: 7.2 HIGH
CVE-2005-3349	GNU Gnump3d before 2.9.8 allows local users to modify or delete arbitrary files via a symlink attack on the index.lok temporary file. Published: November 18, 2005; 5:03:00 PM -0500	V3.x:(not available) V2.0: 1.9 LOW
CVE-2005-3355	Directory traversal vulnerability in GNU Gnump3d before 2.9.8 has unknown impact via "CGI parameters, and cookie values". Published: November 18, 2005; 5:03:00 PM -0500	V3.x:(not available) V2.0: 6.4 MEDIUM
CVE-2005-3424	Cross-site scripting (XSS) vulnerability in GNUMP3D before 2.9.5 allows remote attackers to inject arbitrary web script or HTML via 404 error pages, a different vulnerability than CVE-2005-3425. Published: November 01, 2005; 5:02:00 PM -0500	V3.x:(not available) V2.0: 4.3 MEDIUM
CVE-2005-3425	Cross-site scripting (XSS) vulnerability in GNUMP3D before 2.9.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2005-3424. Published: November 01, 2005; 5:02:00 PM -0500	V3.x:(not available) V2.0: 4.3 MEDIUM
CVE-2005-3123	Directory traversal vulnerability in GNUMP3D before 2.9.6 allows remote attackers to read arbitrary files via crafted sequences such as "/.//..//////././", which is collapsed into "/.././" after ".." and "//" sequences are removed. Published: October 30, 2005; 3:02:00 PM -0500	V3.x:(not available) V2.0: 5.0 MEDIUM