Lucene search
K
GentooMost viewed

3816 matches found

Gentoo Linux
Gentoo Linux
added 2022/07/29 12:0 a.m.75 views

HashiCorp Vault: Multiple Vulnerabilities

Background HashiCorp Vault is a tool for managing secrets. Description Multiple vulnerabilities have been discovered in HashiCorp Vault. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known...

8.8CVSS1.7AI score0.01407EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2021/03/31 12:0 a.m.75 views

SQLite: Remote code execution

Background SQLite is a C library that implements an SQL database engine. Description It was discovered that SQLite incorrectly handled certain sub-queries. Impact A remote attacker could possibly execute arbitrary code with the privileges of the process, or cause a Denial of Service condition...

5.5CVSS4.1AI score0.00496EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2021/01/11 12:0 a.m.75 views

NodeJS: Multiple vulnerabilities

Background Node.js is a JavaScript runtime built on Chrome’s V8 JavaScript engine. Description Multiple vulnerabilities have been discovered in NodeJS. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There...

9.3CVSS8AI score0.54164EPSS
Exploits5
Gentoo Linux
Gentoo Linux
added 2020/03/30 12:0 a.m.75 views

FFmpeg: Multiple vulnerabilities

Background FFmpeg is a complete, cross-platform solution to record, convert and stream audio and video. Description Multiple vulnerabilities have been discovered in FFmpeg. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user or automated...

9.8CVSS4.2AI score0.03032EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2018/11/28 12:0 a.m.75 views

OpenSSL: Multiple vulnerabilities

Background OpenSSL is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security TLS and Secure Sockets Layer SSL protocols. Description Multiple vulnerabilities have been discovered in OpenSSL. Please review the referenced CVE identifiers for details. Impact A remote...

6.5CVSS3.3AI score0.19295EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2017/09/17 12:0 a.m.75 views

Subversion: Arbitrary code execution

Background Subversion is a version control system intended to eventually replace CVS. Like CVS, it has an optional client-server architecture where the server can be an Apache server running modsvn, or an ssh program as in CVS’s :ext: method. In addition to supporting the features found in CVS,...

9.8CVSS10AI score0.18892EPSS
Exploits3
Gentoo Linux
Gentoo Linux
added 2015/10/18 12:0 a.m.75 views

BIND: Denial of service

Background BIND Berkeley Internet Name Domain is a Name Server. Description A vulnerability has been discovered in BIND’s named utility leading to a Denial of Service condition. Impact A remote attacker may be able to cause Denial of Service condition via specially constructed zone data. Workarou...

7.8CVSS7.9AI score0.91284EPSS
Exploits12
Gentoo Linux
Gentoo Linux
added 2015/04/07 12:0 a.m.75 views

Mozilla Products: Multiple vulnerabilities

Background Mozilla Firefox is an open-source web browser and Mozilla Thunderbird an open-source email client, both from the Mozilla Project. The SeaMonkey project is a community effort to deliver production-quality releases of code derived from the application formerly known as the ‘Mozilla...

10CVSS10AI score0.84424EPSS
Exploits64
Gentoo Linux
Gentoo Linux
added 2005/05/09 12:0 a.m.75 views

TCPDump: Decoding routines Denial of Service vulnerability

Background TCPDump is a tool for network monitoring and data acquisition. Description TCPDump improperly handles and decodes ISIS CAN-2005-1278, BGP CAN-2005-1267, CAN-2005-1279, LDP CAN-2005-1279 and RSVP CAN-2005-1280 packets. TCPDump might loop endlessly after receiving malformed packets. Impa...

5CVSS6.5AI score0.18721EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2022/01/31 12:0 a.m.74 views

Chromium, Google Chrome: Multiple vulnerabilities

Background Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web. Google Chrome is one, fast, simple, and secure browser for all your devices. Description Multiple vulnerabilities have been discovered in Chromium and...

9.6CVSS8.2AI score0.85352EPSS
Exploits75
Gentoo Linux
Gentoo Linux
added 2020/11/11 12:0 a.m.74 views

MariaDB: Remote code execution

Background MariaDB is an enhanced, drop-in replacement for MySQL. Description It was discovered that MariaDB did not properly validate the content of a packet received from a server. Impact A remote attacker could send a specially crafted packet to WSREP service, possibly resulting in execution o...

9CVSS5.1AI score0.05539EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2020/11/11 12:0 a.m.74 views

Chromium, Google Chrome: Multiple vulnerabilities

Background Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web. Google Chrome is one fast, simple, and secure browser for all your devices. Description Multiple vulnerabilities have been discovered in Chromium and...

9.6CVSS8.5AI score0.5063EPSS
Exploits5
Gentoo Linux
Gentoo Linux
added 2017/10/23 12:0 a.m.74 views

Go: Multiple vulnerabilities

Background Go is an open source programming language that makes it easy to build simple, reliable, and efficient software. Description Multiple vulnerabilities have been discovered in Go. Please review the references below for details. Impact Remote attackers could execute arbitrary Go commands o...

9.8CVSS8.9AI score0.08944EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2017/08/17 12:0 a.m.74 views

BIND: Multiple vulnerabilities

Background BIND Berkeley Internet Name Domain is a Name Server. Description Multiple vulnerabilities have been discovered in BIND. Please review the CVE identifiers referenced below for details. Impact A remote attacker could send a specially crafted DNS request to the BIND resolver resulting in ...

7.8CVSS7.7AI score0.40556EPSS
Exploits5
Gentoo Linux
Gentoo Linux
added 2017/07/09 12:0 a.m.74 views

libcroco: Multiple vulnerabilities

Background libcroco is a standalone CSS2 parsing and manipulation library. Description Multiple vulnerabilities have been discovered in libcroco. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to open a specially crafted CSS file...

7.8CVSS4AI score0.02001EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2014/12/11 12:0 a.m.74 views

Adobe Flash Player: Multiple vulnerabilities

Background The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Description Multiple vulnerabilities have been discovered in Adobe Flash Player. Please review the CVE identifiers referenced below for details. Impact A remote attacke...

10CVSS7.7AI score0.20356EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2014/12/11 12:0 a.m.74 views

Multiple packages, Multiple vulnerabilities fixed in 2011

Background For more information on the packages listed in this GLSA, please see their homepage referenced in the ebuild. Description Vulnerabilities have been discovered in the packages listed below. Please review the CVE identifiers in the Reference section for details. FMOD Studio PEAR Mail LVM...

10CVSS9.6AI score0.61319EPSS
Exploits41
Gentoo Linux
Gentoo Linux
added 2014/10/04 12:0 a.m.74 views

Bash: Multiple vulnerabilities

Background Bash is the standard GNU Bourne Again SHell. Description Florian Weimer, Todd Sabin, Michal Zalewski et al. discovered further parsing flaws in Bash. The unaffected Gentoo packages listed in this GLSA contain the official patches to fix the issues tracked as CVE-2014-6277, CVE-2014-718...

10CVSS9.2AI score0.99621EPSS
Exploits39
Gentoo Linux
Gentoo Linux
added 2014/05/15 12:0 a.m.74 views

X.Org X Server: Multiple vulnerabilities

Background The X Window System is a graphical windowing system based on a client/server model. Description Multiple vulnerabilities have been discovered in X.Org X Server. Please review the CVE identifiers referenced below for details. Impact A context-dependent attacker could execute arbitrary...

6.8CVSS10AI score0.04077EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2012/02/21 12:0 a.m.74 views

Quagga: Multiple vulnerabilities

Background Quagga is a free routing daemon replacing Zebra supporting RIP, OSPF and BGP. Description Multiple vulnerabilities have been discovered in Quagga. Please review the CVE identifiers referenced below for details. Impact A BGP peer could send a Route-Refresh message with specially-crafted...

7.5CVSS10.6AI score0.13426EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2021/05/26 12:0 a.m.73 views

MariaDB: Multiple vulnerabilities

Background MariaDB is an enhanced, drop-in replacement for MySQL. Description Multiple vulnerabilities have been discovered in MariaDB. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known...

9CVSS7.3AI score0.38179EPSS
Exploits9
Gentoo Linux
Gentoo Linux
added 2021/05/26 12:0 a.m.73 views

OpenSMTPD: Multiple vulnerabilities

Background OpenSMTPD is a lightweight but featured SMTP daemon from OpenBSD. Description Multiple vulnerabilities have been discovered in OpenSMTPD. Please review the CVE identifiers referenced below for details. Impact A remote attacker, by connecting to the SMTP listener daemon, could possibly...

7.5CVSS2.4AI score0.03578EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2021/05/26 12:0 a.m.73 views

SpamAssassin: Arbitrary command execution

Background SpamAssassin is an extensible email filter used to identify junk email. Description It was discovered that SpamAssassin incorrectly handled certain CF files. Impact A remote attacker could entice a user or automated system to process a specially crafted CF file using SpamAssassin,...

10CVSS3.7AI score0.06132EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2021/01/26 12:0 a.m.73 views

Mutt: Denial of service

Background Mutt is a small but very powerful text-based mail client. Description A memory leak could occur when a crafted email message is received. Impact An attacker could cause a possible Denial of Service condition. Workaround There is no known workaround at this time. Resolution All Mutt use...

6.5CVSS4.1AI score0.02796EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2021/01/26 12:0 a.m.73 views

sudo: Multiple vulnerabilities

Background sudo su “do” allows a system administrator to delegate authority to give certain users or groups of users the ability to run some or all commands as root or another user while providing an audit trail of the commands and their arguments. Description Multiple vulnerabilities have been...

7.8CVSS8.3AI score0.99295EPSS
Exploits84
Gentoo Linux
Gentoo Linux
added 2020/07/26 12:0 a.m.73 views

WebKitGTK+: Multiple vulnerabilities

Background WebKitGTK+ is a full-featured port of the WebKit rendering engine, suitable for projects requiring any kind of web integration, from hybrid HTML/CSS applications to full-fledged web browsers. Description Multiple vulnerabilities have been discovered in WebKitGTK+. Please review the CVE...

10CVSS1.9AI score0.77246EPSS
Exploits5
Gentoo Linux
Gentoo Linux
added 2020/06/13 12:0 a.m.73 views

Adobe Flash Player: Arbitrary code execution

Background The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Description An unspecified flaw has been discovered in Adobe Flash Player. Impact This flaw can be exploited by attackers for remote code execution. Workaround There is...

10CVSS3.8AI score0.0756EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2020/03/30 12:0 a.m.73 views

libxls: Multiple vulnerabilities

Background libxls is a C library for reading Excel files in the nasty old binary OLE format, plus a command-line tool for converting XLS to CSV. Description Multiple vulnerabilities have been discovered in libxls. Please review the CVE identifiers referenced below for details. Impact A remote...

8.8CVSS3.6AI score0.02097EPSS
Exploits7
Gentoo Linux
Gentoo Linux
added 2020/03/13 12:0 a.m.73 views

Ruby: Multiple vulnerabilities

Background Ruby is an interpreted object-oriented programming language. The elaborate standard library includes an HTTP server “WEBRick” and a class for XML parsing “REXML”. Description Multiple vulnerabilities have been discovered in Ruby. Please review the CVE identifiers referenced below for...

8.1CVSS8.4AI score0.05128EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2018/04/22 12:0 a.m.73 views

librelp: Remote code execution

Background A reliable logging program. Description A buffer overflow was discovered in librelp with the handling of x509 certificates. Impact A remote attacker, by sending a specially crafted x509 certificate, could execute arbitrary code. Workaround There is no known workaround at this time...

9.8CVSS5.9AI score0.09662EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2018/03/22 12:0 a.m.73 views

WebKitGTK+: Multiple Vulnerabilities

Background WebKitGTK+ is a full-featured port of the WebKit rendering engine, suitable for projects requiring any kind of web integration, from hybrid HTML/CSS applications to full-fledged web browsers. Description Multiple vulnerabilities have been discovered in WebKitGTK+. Please review the...

8.8CVSS8.7AI score0.06468EPSS
Exploits3
Gentoo Linux
Gentoo Linux
added 2018/01/15 12:0 a.m.73 views

PolarSSL: Multiple vulnerabilities

Background PolarSSL is a cryptographic library for embedded systems. Description Multiple vulnerabilities have been discovered in PolarSSL. Please review the CVE identifiers referenced below for details. Impact A remote attacker might be able to execute arbitrary code, cause Denial of Service...

7.5CVSS7.9AI score0.03246EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2017/10/22 12:0 a.m.73 views

Adobe Flash Player: Remote execution of arbitrary code

Background The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Description A critical type confusion vulnerability was discovered in Adobe Flash Player. Impact A remote attacker could execute arbitrary code. Workaround There is no...

8.8CVSS8.5AI score0.12104EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2017/10/08 12:0 a.m.73 views

Munin: Arbitrary file write

Background Munin is an open source server monitoring tool. Description When Munin is compiled with CGI graphics enabled then the files accessible to the www-data user can be overwritten. Impact A local attacker, by setting multiple upperlimit GET parameters, could overwrite files accessible to th...

5.5CVSS5.7AI score0.00421EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2017/07/08 12:0 a.m.73 views

Game Music Emu: Multiple vulnerabilities

Background Game Music Emu is a multi-purpose console music emulator and player library. Description Multiple vulnerabilities have been discovered in Game Music Emu. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to open a specially...

10CVSS3.9AI score0.04364EPSS
Exploits5
Gentoo Linux
Gentoo Linux
added 2017/05/07 12:0 a.m.73 views

Mozilla Network Security Service (NSS): Multiple vulnerabilities

Background The Mozilla Network Security Service NSS is a library implementing security features like SSL v.2/v.3, TLS, PKCS 5, PKCS 7, PKCS 11, PKCS 12, S/MIME and X.509 certificates. Description Multiple vulnerabilities have been discovered in NSS. Please review the CVE identifiers referenced...

9.8CVSS9.3AI score0.04741EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2010/06/01 12:0 a.m.73 views

Transmission: Multiple vulnerabilities

Background Transmission is a cross-platform BitTorrent client. Description Multiple stack-based buffer overflows in the trmagnetParse function in libtransmission/magnet.c have been discovered. Impact A remote attacker could cause a Denial of Service or possibly execute arbitrary code via a crafte...

6.8CVSS7.6AI score0.03782EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2009/07/12 12:0 a.m.73 views

Apache: Multiple vulnerabilities

Background The Apache HTTP server is one of the most popular web servers on the Internet. Description Multiple vulnerabilities have been discovered in the Apache HTTP server: Jonathan Peatfield reported that the "Options=IncludesNoEXEC" argument to the "AllowOverride" directive is not processed...

7.1CVSS8.7AI score0.17111EPSS
Exploits8
Gentoo Linux
Gentoo Linux
added 2023/10/26 12:0 a.m.72 views

Ubiquiti UniFi: remote code execution via bundled log4j

Background Ubiquiti UniFi is a Management Controller for Ubiquiti Networks UniFi APs. Description A bundled version of log4j could facilitate remote code execution. Please review the CVE identifier referenced below for details. Impact An attacker with permission to modify the logging configuratio...

9CVSS7.8AI score0.99977EPSS
Exploits41
Gentoo Linux
Gentoo Linux
added 2022/10/16 12:0 a.m.72 views

OpenSSL: Multiple Vulnerabilities

Background OpenSSL is an Open Source toolkit implementing the Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 as well as a general purpose cryptography library. Description Multiple vulnerabilities have been discovered in OpenSSL. Please review the CVE identifiers referenced...

10CVSS2.3AI score0.87816EPSS
Exploits8
Gentoo Linux
Gentoo Linux
added 2021/07/09 12:0 a.m.72 views

InspIRCd: Information disclosure

Background InspIRCd is a modular Internet Relay Chat IRC server written in C++ which was created from scratch to be stable, modern and lightweight. Description InspIRCd incorrectly handled malformed PONG messages, resulting in access of freed memory. Impact A remote attacker could send crafted...

4.3CVSS2.4AI score0.0089EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2021/05/26 12:0 a.m.72 views

Nextcloud Desktop Client: User-assisted execution of arbitrary code

Background The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with your computer. Description It was discovered that Nextcloud Desktop Client did not validate URLs. Impact A remote attacker could entice a user to connect to a malicious Nextcloud server to cause the...

8.8CVSS3.2AI score0.04698EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2021/05/26 12:0 a.m.72 views

GNU Screen: User-assisted execution of arbitrary code

Background GNU Screen is a full-screen window manager that multiplexes a physical terminal between several processes, typically interactive shells. Description It was discovered that GNU screen did not properly handle certain UTF-8 character sequences. Impact A remote attacker could entice a user...

9.8CVSS2.9AI score0.09147EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2020/12/07 12:0 a.m.72 views

Chromium, Google Chrome: Multiple vulnerabilities

Background Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web. Google Chrome is one fast, simple, and secure browser for all your devices. Description Multiple vulnerabilities have been discovered in Chromium and...

9.6CVSS2AI score0.99595EPSS
Exploits16
Gentoo Linux
Gentoo Linux
added 2020/10/28 12:0 a.m.72 views

Mozilla Firefox, Mozilla Thunderbird: Multiple vulnerabilities

Background Mozilla Firefox is a popular open-source web browser from the Mozilla project. Mozilla Thunderbird is a popular open-source email client from the Mozilla project. Description Multiple vulnerabilities have been discovered in Mozilla Firefox and Mozilla Thunderbird. Please review the CVE...

9.8CVSS3AI score0.0262EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2020/10/23 12:0 a.m.72 views

FreeType: Arbitrary code execution

Background FreeType is a high-quality and portable font engine. Description A flaw in FreeType’s handling of embedded PNG bitmaps was discovered where the image height and width was not checked to be within bounds. Impact A remote attacker could entice a user to open a specially crafted font file...

9.6CVSS7.8AI score0.5063EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2017/10/08 12:0 a.m.72 views

Pacemaker: Multiple vulnerabilities

Background Pacemaker is an Open Source, High Availability resource manager suitable for both small and large clusters. Description Multiple vulnerabilities have been discovered in Pacemaker. Please review the referenced CVE identifiers for details. Impact A remote attacker could execute arbitrary...

8.8CVSS8.3AI score0.03EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2017/06/06 12:0 a.m.72 views

QEMU: Multiple vulnerabilities

Background QEMU is a generic and open source machine emulator and virtualizer. Description Multiple vulnerabilities have been discovered in QEMU. Please review the CVE identifiers referenced below for details. Impact A remote attacker might cause a Denial of Service or gain escalated privileges...

9.9CVSS3AI score0.04544EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2017/02/20 12:0 a.m.72 views

Redis: Multiple vulnerabilities

Background Redis is an open source BSD licensed, in-memory data structure store, used as a database, cache and message broker. Description Multiple vulnerabilities have been discovered in Redis. Please review the CVE identifiers referenced below for details. Impact A remote attacker, able to...

10CVSS7.7AI score0.14834EPSS
Exploits5
Gentoo Linux
Gentoo Linux
added 2017/01/23 12:0 a.m.72 views

zlib: Multiple vulnerabilities

Background zlib is a widely used free and patent unencumbered data compression library. Description Multiple vulnerabilities have been discovered in zlib. Please review the CVE identifiers referenced below for details. Impact An attacker could cause a Denial of Service condition. Workaround There...

9.8CVSS2.8AI score0.07489EPSS
Exploits0
Total number of security vulnerabilities3816