Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

142 matches found

RedhatCVE
RedhatCVEadded 2026/01/09 10:8 a.m.5 views

CVE-2019-20384

Gentoo Portage through 2.3.84 allows local users to place a Trojan horse plugin in the /usr/lib64/nagios/plugins directory by leveraging access to the nagios user account, because this directory is writable in between a call to emake and a call to fowners...

5.5CVSS6.6AI score0.0009EPSS
Exploits1References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2005-4438

Malware in sbrugna...

7.2CVSS6.2AI score0.00058EPSS
Exploits0References4
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2005-3579

Malware in sbrugna...

7.2CVSS6.3AI score0.00055EPSS
Exploits0References6
EUVD
EUVDadded 2025/10/07 12:30 a.m.4 views

EUVD-2008-4375

Malware in sbrugna...

6.9CVSS6.1AI score0.00057EPSS
Exploits1References5
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2004-1105

Malware in sbrugna...

2.1CVSS6.4AI score0.00072EPSS
Exploits0References6
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2005-4275

Malware in sbrugna...

7.2CVSS6.3AI score0.00169EPSS
Exploits0References6
EUVD
EUVDadded 2025/10/07 12:30 a.m.21 views

EUVD-2014-0085

Malware in sbrugna...

9.3CVSS6.2AI score0.0047EPSS
Exploits1References10
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2005-3580

Malware in sbrugna...

7.2CVSS6.3AI score0.00055EPSS
Exploits0References6
EUVD
EUVDadded 2025/10/07 12:30 a.m.0 views

EUVD-2005-3581

Malware in sbrugna...

7.2CVSS6.2AI score0.00055EPSS
Exploits0References6
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2019-10936

Malware in sbrugna...

5.5CVSS5.6AI score0.0009EPSS
Exploits1References3
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2024-0149

Malicious code in bioql PyPI...

9.8CVSS9AI score0.00039EPSS
Exploits0References8
Snyk
Snykadded 2025/10/02 6:40 a.m.0 views

Improper Verification of Cryptographic Signature

Overview portage is a Portage is the package management and distribution system for Gentoo Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature in the checkfilesignaturegpgunwrapped function. Due to the lack of enforcing of the presence of VALIDSIG...

8.6CVSS6.9AI score
Exploits0References3
Snyk
Snykadded 2025/10/02 6:39 a.m.1 views

Command Injection

Overview portage is a Portage is the package management and distribution system for Gentoo Affected versions of this package are vulnerable to Command Injection due to evaluating untrusted timestamp fields in a Bash arithmetic context via command substitution. The bin/emerge-webrsync functions...

9.3CVSS7.3AI score
Exploits0References3
RedhatCVE
RedhatCVEadded 2025/05/22 11:40 a.m.4 views

CVE-2016-20021

In Gentoo Portage before 3.0.47, there is missing PGP validation of executed code: the standalone emerge-webrsync downloads a .gpgsig file but does not perform signature verification. Unless emerge-webrsync is used, Portage is not vulnerable...

9.8CVSS6.8AI score0.00039EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2024/09/22 12:0 a.m.8 views

GLSA-202409-01 : Portage: Unverified PGP Signatures

The remote host is affected by the vulnerability described in GLSA-202409-01 Portage: Unverified PGP Signatures Multiple vulnerabilities have been discovered in Portage. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description block directly...

9.8CVSS8.3AI score0.00039EPSS
Exploits0References3
Gentoo Linux
Gentoo Linuxadded 2024/09/22 12:0 a.m.12 views

Portage: Unverified PGP Signatures

Background Portage is the default Gentoo package management system. Description Multiple vulnerabilities have been discovered in Portage. Please review the CVE identifiers referenced below for details. Impact When using the webrsync mechanism to sync the tree the PGP signatures that protect the...

9.8CVSS7.3AI score0.00039EPSS
Exploits0
Veracode
Veracodeadded 2024/09/03 5:6 a.m.4 views

Man-in-the-middle(MitM) Attack

Gentoo Portage is vulnerable to a Man-in-the-Middle MitM attack. The vulnerability exists due to the failure of emerge-webrsync to perform PGP signature verification on downloaded .gpgsig files, allowing an attacker to inject malicious code during the file download process...

9.8CVSS9.4AI score0.00039EPSS
Exploits0References6Affected Software1
OSV
OSVadded 2024/01/12 3:30 a.m.4 views

GHSA-PW5X-X5JW-CCMH Gentoo Portage missing PGP validation of executed code

In Gentoo Portage before 3.0.47, there is missing PGP validation of executed code: the standalone emerge-webrsync downloads a .gpgsig file but does not perform signature verification...

9.8CVSS9.5AI score0.00039EPSS
Exploits0References8
Github Security Blog
Github Security Blogadded 2024/01/12 3:30 a.m.14 views

Gentoo Portage missing PGP validation of executed code

In Gentoo Portage before 3.0.47, there is missing PGP validation of executed code: the standalone emerge-webrsync downloads a .gpgsig file but does not perform signature verification...

9.8CVSS6.8AI score0.00039EPSS
Exploits0References8Affected Software1
NVD
NVDadded 2024/01/12 3:15 a.m.10 views

CVE-2016-20021

In Gentoo Portage before 3.0.47, there is missing PGP validation of executed code: the standalone emerge-webrsync downloads a .gpgsig file but does not perform signature verification. Unless emerge-webrsync is used, Portage is not vulnerable...

9.8CVSS9.5AI score0.00039EPSS
Exploits0References3
Rows per page
Query Builder