Lucene search
K
GentooMost viewed

3816 matches found

Gentoo Linux
Gentoo Linux
added 2004/10/07 12:0 a.m.55 views

Cyrus-SASL: Buffer overflow and SASL_PATH vulnerabilities

Background Cyrus-SASL is an implementation of the Simple Authentication and Security Layer. Description Cyrus-SASL contains a remote buffer overflow in the digestmda5.c file. Additionally, under certain conditions it is possible for a local user to exploit a vulnerability in the way the SASLPATH...

7.5CVSS7.4AI score0.03924EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2004/10/05 12:0 a.m.55 views

NetKit-telnetd: buffer overflows in telnet and telnetd

Background NetKit-telnetd is a standard Linux telnet client and server from the NetKit utilities. Description A possible buffer overflow exists in the parsing of option strings by the telnet daemon, where proper bounds checking is not applied when writing to a buffer. Additionaly, another possibl...

10CVSS7.2AI score0.37896EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2004/06/09 12:0 a.m.55 views

Apache: Buffer overflow in mod_ssl

Background Apache is the most popular Web server on the Internet. modssl provides Secure Sockets Layer encryption and authentication to Apache 1.3. Apache 2 contains the functionality of modssl. Description A bug in the function sslutiluuencodebinary in sslutil.c may lead to a remote buffer...

7.5CVSS7.2AI score0.37681EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2023/11/01 12:0 a.m.54 views

Netatalk: Multiple Vulnerabilities including root remote code execution

Background Netatalk is a kernel level implementation of the AppleTalk Protocol Suite, which allows Unix hosts to act as file, print, and time servers for Apple computers. It includes several script utilities, including etc2ps.sh. Description Multiple vulnerabilities have been discovered in...

10CVSS8AI score0.08525EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2023/10/08 12:0 a.m.54 views

c-ares: Multiple Vulnerabilities

Background c-ares is a C library for asynchronous DNS requests including name resolves. Description Multiple vulnerabilities have been discovered in c-ares. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround...

7.5CVSS7.4AI score0.01577EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2023/10/04 12:0 a.m.54 views

libvpx: Multiple Vulnerabilities

Background libvpx is the VP8 codec SDK used to encode and decode video streams, typically within a WebM format media file. Description Multiple vulnerabilities have been discovered in libvpx. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE...

8.8CVSS6.9AI score0.49013EPSS
Exploits3
Gentoo Linux
Gentoo Linux
added 2022/08/10 12:0 a.m.54 views

Spice Server: Multiple Vulnerabilities

Background Provides a complete open source solution for remote access to virtual machines in a seamless way so you can play videos, record audio, share USB devices and share folders without complications. Description Multiple vulnerabilities have been discovered in Spice Server, please review the...

5.3CVSS2.7AI score0.02703EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2022/08/10 12:0 a.m.54 views

Nextcloud: Multiple Vulnerabilities

Background Nextcloud is a personal cloud that runs on your own server. Description Multiple vulnerabilities have been discovered in Nextcloud. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no...

10CVSS3AI score0.02604EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2021/05/26 12:0 a.m.54 views

stunnel: Improper certificate validation

Background The stunnel program is designed to work as an SSL/TLS encryption wrapper between a client and a local or remote server. Description It was discovered that stunnel did not correctly verified the client certificate when options “redirect” and “verifyChain” are used. Impact A remote...

7.5CVSS7.7AI score0.01179EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2020/12/23 12:0 a.m.54 views

OpenSSL: Denial of service

Background OpenSSL is an Open Source toolkit implementing the Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1/v1.1/v1.2/v1.3 as well as a general purpose cryptography library. Description A null pointer dereference flaw was found in OpenSSL. Impact A remote attacker, able to...

5.9CVSS2.8AI score0.06968EPSS
Exploits3
Gentoo Linux
Gentoo Linux
added 2020/11/11 12:0 a.m.54 views

Blueman: Local privilege escalation

Background Blueman is a simple and intuitive GTK+ Bluetooth Manager. Description Where Polkit is not used and the default permissions have been changed on a specific rule file, control of a local DHCP daemon may be possible. Impact A local attacker may be able to achieve root privilege escalation...

7.1CVSS2.7AI score0.04539EPSS
Exploits4
Gentoo Linux
Gentoo Linux
added 2020/10/17 12:0 a.m.54 views

Mozilla Firefox, Mozilla Thunderbird: Multiple vulnerabilities

Background Mozilla Firefox is a popular open-source web browser from the Mozilla project. Mozilla Thunderbird is a popular open-source email client from the Mozilla project. Description Multiple vulnerabilities have been discovered in Mozilla Firefox and Mozilla Thunderbird. Please review the CVE...

8.8CVSS3AI score0.01961EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2020/09/13 12:0 a.m.54 views

Nextcloud Desktop Sync client: Multiple vulnerabilities

Background Nextcloud Desktop Sync client can synchronize one or more directories to Nextcloud server. Description Multiple vulnerabilities have been discovered in Nextcloud Desktop Sync client. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE...

7.8CVSS2AI score0.2245EPSS
Exploits3
Gentoo Linux
Gentoo Linux
added 2020/07/26 12:0 a.m.54 views

Samba: Multiple vulnerabilities

Background Samba is a suite of SMB and CIFS client/server programs. Description Multiple vulnerabilities have been discovered in Samba. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known...

7.8CVSS3.1AI score0.03874EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2020/04/01 12:0 a.m.54 views

ledger: Multiple vulnerabilities

Background Ledger is a powerful, double-entry accounting system that is accessed from the UNIX command-line. Description Multiple vulnerabilities have been discovered in ledger. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to process...

7.8CVSS5AI score0.01974EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2017/09/17 12:0 a.m.54 views

chkrootkit: Local privilege escalation

Background chkrootkit is a tool to locally check for signs of a rootkit. Description When /tmp is mounted without the noexec option chkrootkit will execute files in /tmp with root privileges. Impact A local attacker could possibly execute arbitrary code with root privileges. Workaround Users shou...

3.7CVSS7.1AI score0.03828EPSS
Exploits6
Gentoo Linux
Gentoo Linux
added 2017/02/20 12:0 a.m.54 views

OCaml: Buffer overflow and information disclosure

Background OCaml is a high-level, strongly-typed, functional, and object-oriented programming language from the ML family of languages. Description It was discovered that OCaml was vulnerable to a runtime bug that, on 64-bit platforms, causes size arguments to internal memmove calls to be...

9.1CVSS8.9AI score0.05267EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2017/02/19 12:0 a.m.54 views

GNU C Library: Multiple vulnerabilities

Background The GNU C library is the standard C library used by Gentoo Linux systems. Description Multiple vulnerabilities have been discovered in the GNU C Library. Please review the CVE identifiers referenced below for details. Impact A context-dependent attacker could possibly execute arbitrary...

9.8CVSS9.4AI score0.07629EPSS
Exploits6
Gentoo Linux
Gentoo Linux
added 2017/01/29 12:0 a.m.54 views

SQUASHFS: Multiple vulnerabilities

Background Squashfs is a compressed read-only filesystem for Linux. Squashfs is intended for general read-only filesystem use, for archival use i.e. in cases where a .tar.gz file may be used, and in constrained block device/memory systems e.g. embedded systems where low overhead is needed...

7.5CVSS7.6AI score0.0691EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2017/01/29 12:0 a.m.54 views

libXpm: Remote execution of arbitrary code

Background The X PixMap image format is an extension of the monochrome X BitMap format specified in the X protocol, and is commonly used in traditional X applications. Description An integer overflow was discovered in libXpm’s src/CrDatFrI.c file. On 64 bit systems, this allows an overflow to occ...

9.8CVSS9.9AI score0.07528EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2017/01/24 12:0 a.m.54 views

ADOdb: Multiple vulnerabilities

Background ADOdb is an abstraction library for PHP creating a common API for a wide range of database backends. Description Multiple vulnerabilities have been discovered in ADOdb. Please review the CVE identifiers referenced below for details. Impact A remote attacker, through the use of SQL...

9.8CVSS3.4AI score0.02984EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2017/01/11 12:0 a.m.54 views

7-Zip: Multiple vulnerabilities

Background 7-Zip is an open-source file archiver, an application used primarily to compress files. 7-Zip uses its own 7z archive format, but can read and write several other archive formats. Description Multiple vulnerabilities have been discovered in 7-Zip. Please review the CVE identifiers...

9.3CVSS4.1AI score0.14742EPSS
Exploits5
Gentoo Linux
Gentoo Linux
added 2017/01/02 12:0 a.m.54 views

musl: Integer overflow

Background musl is a “libc”, an implementation of the standard library functionality described in the ISO C and POSIX standards, plus common extensions, intended for use on Linux-based systems. Description A vulnerability was discovered in musl’s tretnfarunparallel function buffer overflow logic,...

9.8CVSS9.5AI score0.03362EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2016/12/04 12:0 a.m.54 views

libvirt: Directory traversal

Background libvirt is a C toolkit for manipulating virtual machines. Description Normally, only privileged users can coerce libvirt into creating or opening existing files using the virStorageVol APIs; and such users already have full privilege to create any domain XML. But in the case of...

2.5CVSS5.7AI score0.00451EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2016/04/02 12:0 a.m.54 views

Xalan-Java: Arbitrary code execution

Background Xalan-Java is an XSLT processor for transforming XML documents into HTML, text, or other XML document types. Description The TransformerFactory in Apache Xalan-Java does not properly restrict access to certain properties when FEATURESECUREPROCESSING is enabled. This can also be exploit...

7.5CVSS9.1AI score0.13809EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2014/12/26 12:0 a.m.54 views

Facter: Privilege escalation

Background Facter is a cross-platform Ruby library for retrieving facts from operating systems. Description Facter includes the current working directory in the search path. Impact A local attacker may be able to gain escalated privileges. Workaround There is no known workaround at this time...

6.2CVSS6.8AI score0.00537EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2014/08/31 12:0 a.m.54 views

OpenOffice, LibreOffice: Multiple vulnerabilities

Background OpenOffice is the open source version of StarOffice, a full office productivity suite. LibreOffice is a fork of OpenOffice. Description Multiple vulnerabilities have been discovered in OpenOffice and Libreoffice. Please review the CVE identifiers referenced below for details. Impact A...

10CVSS9AI score0.14092EPSS
Exploits9
Gentoo Linux
Gentoo Linux
added 2014/05/16 12:0 a.m.54 views

ClamAV: Multiple vulnerabilities

Background Clam AntiVirus ClamAV is an anti-virus toolkit for UNIX, designed especially for e-mail scanning on mail gateways. Description Multiple vulnerabilities have been discovered in ClamAV. Please review the CVE identifiers referenced below for details. Impact A remote attacker could send a...

9.8CVSS9.5AI score0.03547EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2012/09/23 12:0 a.m.54 views

libTIFF: Multiple vulnerabilities

Background libTIFF provides support for reading and manipulating TIFF Tagged Image File Format images. Description Multiple vulnerabilities have been discovered in libTIFF. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to open a...

9.3CVSS8.8AI score0.12854EPSS
Exploits8
Gentoo Linux
Gentoo Linux
added 2012/05/21 12:0 a.m.54 views

Chromium, V8: Multiple vulnerabilities

Background Chromium is an open source web browser project. V8 is Google’s open source JavaScript engine. Description Multiple vulnerabilities have been discovered in Chromium and V8. Please review the CVE identifiers and release notes referenced below for details. Impact A context-dependent...

10CVSS10AI score0.03344EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2011/10/18 12:0 a.m.54 views

Tor: Multiple vulnerabilities

Background Tor is an implementation of second generation Onion Routing, a connection-oriented anonymizing communication service. Description Multiple vulnerabilities have been discovered in Tor. Please review the CVE identifiers referenced below for details. Impact A remote unauthenticated attack...

6.8CVSS4.2AI score0.04444EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2011/10/10 12:0 a.m.54 views

GnuTLS: Multiple vulnerabilities

Background GnuTLS is an Open Source implementation of the TLS 1.2 and SSL 3.0 protocols. Description Multiple vulnerabilities have been discovered in GnuTLS. Please review the CVE identifiers referenced below for details. Impact An attacker could perform man-in-the-middle attacks to spoof arbitra...

7.5CVSS6.8AI score0.87264EPSS
Exploits14
Gentoo Linux
Gentoo Linux
added 2010/09/21 12:0 a.m.54 views

libxml2: Denial of service

Background libxml2 is a library to manipulate XML files. Description The following vulnerabilities were reported after a test with the Codenomicon XML fuzzing framework: Two use-after-free vulnerabilities are possible when parsing a XML file with Notation or Enumeration attribute types...

6.5CVSS7.3AI score0.03121EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2010/06/01 12:0 a.m.54 views

FreeType 1: User-assisted execution of arbitrary code

Background FreeType is a True Type Font rendering library. Description Multiple issues found in FreeType 2 were also discovered in FreeType 1. For details on these issues, please review the Gentoo Linux Security Advisories and CVE identifiers referenced below. Impact A remote attacker could entic...

7.5CVSS7.2AI score0.05833EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2009/12/01 12:0 a.m.54 views

OpenSSL: Multiple vulnerabilities

Background OpenSSL is an Open Source toolkit implementing the Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 as well as a general purpose cryptography library. Description Multiple vulnerabilities have been reported in OpenSSL: Marsh Ray of PhoneFactor and Martin Rex of SAP...

5.8CVSS7.7AI score0.87264EPSS
Exploits29
Gentoo Linux
Gentoo Linux
added 2008/09/07 12:0 a.m.54 views

VLC: Multiple vulnerabilities

Background VLC is a cross-platform media player and streaming server. Description g reported the following vulnerabilities: An integer overflow leading to a heap-based buffer overflow in the Open function in modules/demux/tta.c CVE-2008-3732. A signedness error leading to a stack-based buffer...

9.3CVSS7.4AI score0.13434EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2008/04/23 12:0 a.m.54 views

Openfire: Denial of service

Background Openfire formerly Wildfire is a Java implementation of a complete Jabber server. Description Openfire's connection manager in the file ConnectionManagerImpl.java cannot handle clients that fail to read messages, and has no limit on their session's send buffer. Impact Remote authenticat...

4CVSS6.2AI score0.01657EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2008/03/02 12:0 a.m.54 views

Adobe Acrobat Reader: Multiple vulnerabilities

Background Adobe Acrobat Reader is a PDF reader released by Adobe. Description Multiple vulnerabilities have been discovered in Adobe Acrobat Reader, including: A file disclosure when using file:// in PDF documents CVE-2007-1199 Multiple buffer overflows in unspecified Javascript methods...

9.8CVSS10AI score0.94222EPSS
Exploits11
Gentoo Linux
Gentoo Linux
added 2008/01/29 12:0 a.m.54 views

PostgreSQL: Multiple vulnerabilities

Background PostgreSQL is an open source object-relational database management system. Description If using the "expression indexes" feature, PostgreSQL executes index functions as the superuser during VACUUM and ANALYZE instead of the table owner, and allows SET ROLE and SET SESSION AUTHORIZATION...

7.2CVSS9.3AI score0.03855EPSS
Exploits3
Gentoo Linux
Gentoo Linux
added 2007/12/29 12:0 a.m.54 views

Mozilla Firefox, SeaMonkey: Multiple vulnerabilities

Background Mozilla Firefox is a cross-platform web browser from Mozilla. SeaMonkey is a free, cross-platform Internet suite. Description Jesse Ruderman and Petko D. Petkov reported that the jar protocol handler in Mozilla Firefox and Seamonkey does not properly check MIME types CVE-2007-5947...

9.3CVSS7.6AI score0.05443EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2006/06/07 12:0 a.m.54 views

AWStats: Remote execution of arbitrary code

Background AWStats is an advanced log file analyzer and statistics generator. Description Hendrik Weimer has found that if updating the statistics via the web frontend is enabled, it is possible to inject arbitrary code via a pipe character in the "migrate" parameter. Additionally, r0t has...

5.1CVSS6.7AI score0.58356EPSS
Exploits10
Gentoo Linux
Gentoo Linux
added 2005/03/19 12:0 a.m.54 views

KDE: Local Denial of service

Background KDE is a feature-rich graphical desktop environment for Linux and Unix-like Operating Systems. DCOP is KDE's simple IPC/RPC mechanism. Description Sebastian Krahmer discovered that it is possible to stall the dcopserver of other users. Impact An attacker could exploit this to cause a...

2.1CVSS6.3AI score0.00401EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2023/09/29 12:0 a.m.53 views

libsndfile: Multiple Vulnerabilities

Background libsndfile is a C library for reading and writing files containing sampled sound. Description Multiple vulnerabilities have been discovered in libsndfile. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details...

8.8CVSS7.4AI score0.03292EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2023/09/29 12:0 a.m.53 views

libarchive: Multiple Vulnerabilities

Background libarchive is a library for manipulating different streaming archive formats, including certain tar variants, several cpio formats, and both BSD and GNU ar variants. Description Multiple vulnerabilities have been discovered in libarchive. Please review the CVE identifiers referenced...

9.8CVSS9.6AI score0.01936EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2021/07/14 12:0 a.m.53 views

Pillow: Multiple vulnerabilities

Background Python Imaging Library fork Description Multiple vulnerabilities have been discovered in Pillow. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workaround at this time...

9.8CVSS3.6AI score0.04851EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2020/10/20 12:0 a.m.53 views

libxml2: Multiple vulnerabilities

Background libxml2 is the XML eXtended Markup Language C parser and toolkit initially developed for the Gnome project. Description Multiple vulnerabilities have been discovered in libxml2. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE...

7.5CVSS2.3AI score0.07836EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2020/08/27 12:0 a.m.53 views

Redis: Multiple vulnerabilities

Background Redis is an open source BSD licensed, in-memory data structure store, used as a database, cache and message broker. Description Multiple vulnerabilities have been discovered in Redis. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CV...

9.8CVSS2.2AI score0.03085EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2020/07/31 12:0 a.m.53 views

Mozilla Thunderbird: Multiple vulnerabilities

Background Mozilla Thunderbird is a popular open-source email client from the Mozilla project. Description Multiple vulnerabilities have been discovered in Mozilla Thunderbird. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for...

9.3CVSS2.7AI score0.0779EPSS
Exploits6
Gentoo Linux
Gentoo Linux
added 2020/07/27 12:0 a.m.53 views

Icinga: Root privilege escalation

Background Icinga is an open source computer system and network monitoring application. It was originally created as a fork of the Nagios system monitoring application in 2009. Description It was discovered that Icinga’s installed files have insecure permissions, possibly allowing root privilege...

7.8CVSS7.8AI score0.00311EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2020/03/25 12:0 a.m.53 views

BlueZ: Security bypass

Background Set of tools to manage Bluetooth devices for Linux. Description It was discovered that the HID and HOGP profiles implementations in BlueZ did not specifically require bonding between the device and the host. Impact A remote attacker with adjacent access could impersonate an existing HI...

7.1CVSS1.9AI score0.01033EPSS
Exploits0
Total number of security vulnerabilities3816