73 matches found
EUVD-2005-0458
Malware in sbrugna...
GLSA-202509-05 : Plex Media Server: Incorrect resource transfer
The remote host is affected by the vulnerability described in GLSA-202509-05 Plex Media Server: Incorrect resource transfer A vulnerability has been discovered in glibc. Please review the CVE identifier referenced below for details. Tenable has extracted the preceding description block directly...
GLSA-202507-06 : openh264: Heap Overflow
The remote host is affected by the vulnerability described in GLSA-202507-06 openh264: Heap Overflow A vulnerability has been discovered in openh264. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description block directly from the Gentoo Linu...
GLSA-202507-05 : NTP: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202507-05 NTP: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in NTP. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description block directly from the...
CVE-2020-36657
uptimed before 0.4.6-r1 on Gentoo allows local users with access to the uptimed user account to gain root privileges by creating a hard link within the /var/spool/uptimed directory, because there is an unsafe chown -R call...
GLSA-202505-08 : Spidermonkey: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202505-08 Spidermonkey: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in Spidermonkey. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description block...
GLSA-202505-05 : Orc: Arbitrary Code Execution
The remote host is affected by the vulnerability described in GLSA-202505-05 Orc: Arbitrary Code Execution Please review the CVE identifier referenced below for details. Tenable has extracted the preceding description block directly from the Gentoo Linux security advisory. Note that Nessus has no...
GLSA-202501-07 : libgsf: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202501-07 libgsf: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in libgsf. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description block directly fro...
GLSA-202412-20 : NVIDIA Drivers: Privilege Escalation
The remote host is affected by the vulnerability described in GLSA-202412-20 NVIDIA Drivers: Privilege Escalation A vulnerability has been discovered in NVIDIA Drivers. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description block directly...
GLSA-202412-10 : Dnsmasq: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202412-10 Dnsmasq: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in Dnsmasq. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description block directly...
GLSA-202408-03 : libXpm: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202408-03 libXpm: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in libXpm. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description block directly fro...
CVE-2018-25078
man-db before 2.8.5 on Gentoo allows local users with access to the man user account to gain root privileges because /usr/bin/mandb is executed by root but not owned by root. Also, the owner can strip the setuid and setgid bits...
GLSA-202101-36 : ImageMagick: Command injection
The remote host is affected by the vulnerability described in GLSA-202101-36 ImageMagick: Command injection A flaw in ImageMagicks handling of password protected PDFs was discovered. Impact : A remote attacker could entice a user to open a specially crafted PDF using ImageMagick possibly resultin...
GLSA-201709-20 : Postfix: Privilege escalation
The remote host is affected by the vulnerability described in GLSA-201709-20 Postfix: Privilege escalation By default, Berkeley DB reads a DBCONFIG configuration file from the current working directory. This is an undocumented behavior. Impact : A local attacker, by using a specially crafted...
evilvte: User-assisted execution of arbitrary code
Background VTE based, highly customizable terminal emulator Description Steve Kemp of Debian identified a flaw in evilvte which does not properly validate hypertext links. Please review the Debian bug report referenced below. Impact Remote attackers could execute arbitrary code by enticing a user...
IcedTea: Multiple vulnerabilities
Background IcedTea’s aim is to provide OpenJDK in a form suitable for easy configuration, compilation and distribution with the primary goal of allowing inclusion in GNU/Linux distributions. Description Various OpenJDK attack vectors in IcedTea, such as 2D, Corba, Hotspot, Libraries, and JAXP,...
Gentoo Security Advisory GLSA 201511-02
Gentoo Linux Local Security Checks GLSA 201511-02 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...
Gentoo Security Advisory GLSA 201406-32
Gentoo Linux Local Security Checks GLSA 201406-32 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...
Gentoo Security Advisory GLSA 201309-19
Gentoo Linux Local Security Checks GLSA 201309-19 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...
Linux Kernel 2.6 - UDEV Local Privilege Escalation Exploit
No description provided by source. !/bin/sh Linux 2.6 bug found by Sebastian Krahmer lame sploit using LD technique by kcope in 2009 tested on debian-etch,ubuntu,gentoo do a 'cat /proc/net/netlink' and set the first arg to this script to the pid of the netlink socket the pid is udevdpid - 1 most ...