Lucene search
K
GentooMost viewed

3816 matches found

Gentoo Linux
Gentoo Linux
added 2017/01/10 12:0 a.m.55 views

Python: Multiple vulnerabilities

Background Python is an interpreted, interactive, object-oriented programming language. Description Multiple vulnerabilities have been discovered in Python. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to open a specially crafted ind...

10CVSS8.9AI score0.2548EPSS
Exploits4
Gentoo Linux
Gentoo Linux
added 2016/12/31 12:0 a.m.55 views

Xen: Multiple vulnerabilities

Background Xen is a bare-metal hypervisor. Description Multiple vulnerabilities have been discovered in Xen. Please review the CVE identifiers referenced below for details. Impact A local attacker could possibly execute arbitrary code with the privileges of the process, could gain privileges on t...

8.8CVSS8.3AI score0.00509EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2014/12/26 12:0 a.m.55 views

Facter: Privilege escalation

Background Facter is a cross-platform Ruby library for retrieving facts from operating systems. Description Facter includes the current working directory in the search path. Impact A local attacker may be able to gain escalated privileges. Workaround There is no known workaround at this time...

6.2CVSS6.8AI score0.00537EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2014/05/18 12:0 a.m.55 views

Munin: Multiple vulnerabilities

Background Munin is an open source server monitoring tool. Description Multiple vulnerabilities have been discovered in Munin. Please review the CVE identifiers referenced below for details. Impact A local attacker could perform symlink attacks to overwrite arbitrary files with the privileges of...

9.3CVSS6.8AI score0.02368EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2012/09/24 12:0 a.m.55 views

PHP: Multiple vulnerabilities

Background PHP is a widely-used general-purpose scripting language that is especially suited for Web development and can be embedded into HTML. Description Multiple vulnerabilities have been discovered in PHP. Please review the CVE identifiers referenced below for details. Impact A remote attacke...

10CVSS10.4AI score0.99998EPSS
Exploits71
Gentoo Linux
Gentoo Linux
added 2012/06/24 12:0 a.m.55 views

mini_httpd: Arbitrary code execution

Background minihttpd is a small webserver with optional SSL and IPv6 support. Description minihttpd does not properly check for shell escapes when parsing HTTP requests. Impact A remote attacker could send specially crafted HTTP requests, possibly resulting in execution of arbitrary code with the...

5CVSS7.1AI score0.1027EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2011/10/18 12:0 a.m.55 views

Tor: Multiple vulnerabilities

Background Tor is an implementation of second generation Onion Routing, a connection-oriented anonymizing communication service. Description Multiple vulnerabilities have been discovered in Tor. Please review the CVE identifiers referenced below for details. Impact A remote unauthenticated attack...

6.8CVSS4.2AI score0.04444EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2009/12/20 12:0 a.m.55 views

Ruby on Rails: Multiple vulnerabilities

Background Ruby on Rails is a web-application and persistence framework. Description The following vulnerabilities were discovered: sameer reported that lib/actioncontroller/cgiprocess.rb removes the :cookieonly attribute from the default session options CVE-2007-6077, due to an incomplete fix fo...

9.8CVSS10AI score0.0808EPSS
Exploits5
Gentoo Linux
Gentoo Linux
added 2008/12/14 12:0 a.m.55 views

POV-Ray: User-assisted execution of arbitrary code

Background POV-Ray is a well known open-source ray tracer. Description POV-Ray uses a statically linked copy of libpng to view and output PNG files. The version shipped with POV-Ray is vulnerable to CVE-2008-3964, CVE-2008-1382, CVE-2006-3334, CVE-2006-0481, CVE-2004-0768. A bug in POV-Ray's buil...

7.5CVSS8.7AI score0.05514EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2008/03/02 12:0 a.m.55 views

Firebird: Multiple vulnerabilities

Background Firebird is a multi-platform, open source relational database. Description Firebird does not properly handle certain types of XDR requests, resulting in an integer overflow CVE-2008-0387. Furthermore, it is vulnerable to a buffer overflow when processing usernames CVE-2008-0467. Impact...

10CVSS7.3AI score0.45873EPSS
Exploits7
Gentoo Linux
Gentoo Linux
added 2004/10/07 12:0 a.m.55 views

Cyrus-SASL: Buffer overflow and SASL_PATH vulnerabilities

Background Cyrus-SASL is an implementation of the Simple Authentication and Security Layer. Description Cyrus-SASL contains a remote buffer overflow in the digestmda5.c file. Additionally, under certain conditions it is possible for a local user to exploit a vulnerability in the way the SASLPATH...

7.5CVSS7.4AI score0.03924EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2004/10/05 12:0 a.m.55 views

NetKit-telnetd: buffer overflows in telnet and telnetd

Background NetKit-telnetd is a standard Linux telnet client and server from the NetKit utilities. Description A possible buffer overflow exists in the parsing of option strings by the telnet daemon, where proper bounds checking is not applied when writing to a buffer. Additionaly, another possibl...

10CVSS7.2AI score0.37896EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2023/11/01 12:0 a.m.54 views

Netatalk: Multiple Vulnerabilities including root remote code execution

Background Netatalk is a kernel level implementation of the AppleTalk Protocol Suite, which allows Unix hosts to act as file, print, and time servers for Apple computers. It includes several script utilities, including etc2ps.sh. Description Multiple vulnerabilities have been discovered in...

10CVSS8AI score0.08525EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2023/10/08 12:0 a.m.54 views

c-ares: Multiple Vulnerabilities

Background c-ares is a C library for asynchronous DNS requests including name resolves. Description Multiple vulnerabilities have been discovered in c-ares. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround...

7.5CVSS7.4AI score0.01577EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2022/08/10 12:0 a.m.54 views

Spice Server: Multiple Vulnerabilities

Background Provides a complete open source solution for remote access to virtual machines in a seamless way so you can play videos, record audio, share USB devices and share folders without complications. Description Multiple vulnerabilities have been discovered in Spice Server, please review the...

5.3CVSS2.7AI score0.02703EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2022/08/10 12:0 a.m.54 views

Nextcloud: Multiple Vulnerabilities

Background Nextcloud is a personal cloud that runs on your own server. Description Multiple vulnerabilities have been discovered in Nextcloud. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no...

10CVSS3AI score0.02604EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2020/11/11 12:0 a.m.54 views

Blueman: Local privilege escalation

Background Blueman is a simple and intuitive GTK+ Bluetooth Manager. Description Where Polkit is not used and the default permissions have been changed on a specific rule file, control of a local DHCP daemon may be possible. Impact A local attacker may be able to achieve root privilege escalation...

7.1CVSS2.7AI score0.04539EPSS
Exploits4
Gentoo Linux
Gentoo Linux
added 2020/10/17 12:0 a.m.54 views

Mozilla Firefox, Mozilla Thunderbird: Multiple vulnerabilities

Background Mozilla Firefox is a popular open-source web browser from the Mozilla project. Mozilla Thunderbird is a popular open-source email client from the Mozilla project. Description Multiple vulnerabilities have been discovered in Mozilla Firefox and Mozilla Thunderbird. Please review the CVE...

8.8CVSS3AI score0.01961EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2020/09/13 12:0 a.m.54 views

Nextcloud Desktop Sync client: Multiple vulnerabilities

Background Nextcloud Desktop Sync client can synchronize one or more directories to Nextcloud server. Description Multiple vulnerabilities have been discovered in Nextcloud Desktop Sync client. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE...

7.8CVSS2AI score0.2245EPSS
Exploits3
Gentoo Linux
Gentoo Linux
added 2020/04/01 12:0 a.m.54 views

ledger: Multiple vulnerabilities

Background Ledger is a powerful, double-entry accounting system that is accessed from the UNIX command-line. Description Multiple vulnerabilities have been discovered in ledger. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to process...

7.8CVSS5AI score0.01974EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2018/03/26 12:0 a.m.54 views

BusyBox: Multiple vulnerabilities

Background BusyBox is a set of tools for embedded systems and is a replacement for GNU Coreutils. Description Multiple vulnerabilities have been discovered in BusyBox. Please review the CVE identifiers referenced below for details. Impact A remote attacker could possibly execute arbitrary code wi...

8.8CVSS8.6AI score0.0624EPSS
Exploits14
Gentoo Linux
Gentoo Linux
added 2017/11/10 12:0 a.m.54 views

Chromium, Google Chrome: Multiple vulnerabilities

Background Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web. Google Chrome is one fast, simple, and secure browser for all your devices Description Multiple vulnerabilities have been discovered in Chromium and...

9.8CVSS8.7AI score0.04889EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2017/09/17 12:0 a.m.54 views

chkrootkit: Local privilege escalation

Background chkrootkit is a tool to locally check for signs of a rootkit. Description When /tmp is mounted without the noexec option chkrootkit will execute files in /tmp with root privileges. Impact A local attacker could possibly execute arbitrary code with root privileges. Workaround Users shou...

3.7CVSS7.1AI score0.03828EPSS
Exploits6
Gentoo Linux
Gentoo Linux
added 2017/02/19 12:0 a.m.54 views

GNU C Library: Multiple vulnerabilities

Background The GNU C library is the standard C library used by Gentoo Linux systems. Description Multiple vulnerabilities have been discovered in the GNU C Library. Please review the CVE identifiers referenced below for details. Impact A context-dependent attacker could possibly execute arbitrary...

9.8CVSS9.4AI score0.07629EPSS
Exploits6
Gentoo Linux
Gentoo Linux
added 2017/01/29 12:0 a.m.54 views

libXpm: Remote execution of arbitrary code

Background The X PixMap image format is an extension of the monochrome X BitMap format specified in the X protocol, and is commonly used in traditional X applications. Description An integer overflow was discovered in libXpm’s src/CrDatFrI.c file. On 64 bit systems, this allows an overflow to occ...

9.8CVSS9.9AI score0.07528EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2017/01/29 12:0 a.m.54 views

SQUASHFS: Multiple vulnerabilities

Background Squashfs is a compressed read-only filesystem for Linux. Squashfs is intended for general read-only filesystem use, for archival use i.e. in cases where a .tar.gz file may be used, and in constrained block device/memory systems e.g. embedded systems where low overhead is needed...

7.5CVSS7.6AI score0.0691EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2017/01/24 12:0 a.m.54 views

ADOdb: Multiple vulnerabilities

Background ADOdb is an abstraction library for PHP creating a common API for a wide range of database backends. Description Multiple vulnerabilities have been discovered in ADOdb. Please review the CVE identifiers referenced below for details. Impact A remote attacker, through the use of SQL...

9.8CVSS3.4AI score0.02984EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2017/01/11 12:0 a.m.54 views

7-Zip: Multiple vulnerabilities

Background 7-Zip is an open-source file archiver, an application used primarily to compress files. 7-Zip uses its own 7z archive format, but can read and write several other archive formats. Description Multiple vulnerabilities have been discovered in 7-Zip. Please review the CVE identifiers...

9.3CVSS4.1AI score0.14742EPSS
Exploits5
Gentoo Linux
Gentoo Linux
added 2017/01/02 12:0 a.m.54 views

musl: Integer overflow

Background musl is a “libc”, an implementation of the standard library functionality described in the ISO C and POSIX standards, plus common extensions, intended for use on Linux-based systems. Description A vulnerability was discovered in musl’s tretnfarunparallel function buffer overflow logic,...

9.8CVSS9.5AI score0.03362EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2016/12/04 12:0 a.m.54 views

libvirt: Directory traversal

Background libvirt is a C toolkit for manipulating virtual machines. Description Normally, only privileged users can coerce libvirt into creating or opening existing files using the virStorageVol APIs; and such users already have full privilege to create any domain XML. But in the case of...

2.5CVSS5.7AI score0.00451EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2016/04/02 12:0 a.m.54 views

Xalan-Java: Arbitrary code execution

Background Xalan-Java is an XSLT processor for transforming XML documents into HTML, text, or other XML document types. Description The TransformerFactory in Apache Xalan-Java does not properly restrict access to certain properties when FEATURESECUREPROCESSING is enabled. This can also be exploit...

7.5CVSS9.1AI score0.13809EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2014/08/31 12:0 a.m.54 views

OpenOffice, LibreOffice: Multiple vulnerabilities

Background OpenOffice is the open source version of StarOffice, a full office productivity suite. LibreOffice is a fork of OpenOffice. Description Multiple vulnerabilities have been discovered in OpenOffice and Libreoffice. Please review the CVE identifiers referenced below for details. Impact A...

10CVSS9AI score0.14092EPSS
Exploits9
Gentoo Linux
Gentoo Linux
added 2014/05/16 12:0 a.m.54 views

ClamAV: Multiple vulnerabilities

Background Clam AntiVirus ClamAV is an anti-virus toolkit for UNIX, designed especially for e-mail scanning on mail gateways. Description Multiple vulnerabilities have been discovered in ClamAV. Please review the CVE identifiers referenced below for details. Impact A remote attacker could send a...

9.8CVSS9.5AI score0.03547EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2012/09/23 12:0 a.m.54 views

libTIFF: Multiple vulnerabilities

Background libTIFF provides support for reading and manipulating TIFF Tagged Image File Format images. Description Multiple vulnerabilities have been discovered in libTIFF. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to open a...

9.3CVSS8.8AI score0.12854EPSS
Exploits8
Gentoo Linux
Gentoo Linux
added 2012/05/21 12:0 a.m.54 views

Chromium, V8: Multiple vulnerabilities

Background Chromium is an open source web browser project. V8 is Google’s open source JavaScript engine. Description Multiple vulnerabilities have been discovered in Chromium and V8. Please review the CVE identifiers and release notes referenced below for details. Impact A context-dependent...

10CVSS10AI score0.03344EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2011/10/10 12:0 a.m.54 views

GnuTLS: Multiple vulnerabilities

Background GnuTLS is an Open Source implementation of the TLS 1.2 and SSL 3.0 protocols. Description Multiple vulnerabilities have been discovered in GnuTLS. Please review the CVE identifiers referenced below for details. Impact An attacker could perform man-in-the-middle attacks to spoof arbitra...

7.5CVSS6.8AI score0.87264EPSS
Exploits14
Gentoo Linux
Gentoo Linux
added 2010/09/21 12:0 a.m.54 views

libxml2: Denial of service

Background libxml2 is a library to manipulate XML files. Description The following vulnerabilities were reported after a test with the Codenomicon XML fuzzing framework: Two use-after-free vulnerabilities are possible when parsing a XML file with Notation or Enumeration attribute types...

6.5CVSS7.3AI score0.03121EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2010/06/01 12:0 a.m.54 views

FreeType 1: User-assisted execution of arbitrary code

Background FreeType is a True Type Font rendering library. Description Multiple issues found in FreeType 2 were also discovered in FreeType 1. For details on these issues, please review the Gentoo Linux Security Advisories and CVE identifiers referenced below. Impact A remote attacker could entic...

7.5CVSS7.2AI score0.05833EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2009/12/01 12:0 a.m.54 views

OpenSSL: Multiple vulnerabilities

Background OpenSSL is an Open Source toolkit implementing the Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 as well as a general purpose cryptography library. Description Multiple vulnerabilities have been reported in OpenSSL: Marsh Ray of PhoneFactor and Martin Rex of SAP...

5.8CVSS7.7AI score0.87264EPSS
Exploits29
Gentoo Linux
Gentoo Linux
added 2008/09/07 12:0 a.m.54 views

VLC: Multiple vulnerabilities

Background VLC is a cross-platform media player and streaming server. Description g reported the following vulnerabilities: An integer overflow leading to a heap-based buffer overflow in the Open function in modules/demux/tta.c CVE-2008-3732. A signedness error leading to a stack-based buffer...

9.3CVSS7.4AI score0.13434EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2008/04/23 12:0 a.m.54 views

Openfire: Denial of service

Background Openfire formerly Wildfire is a Java implementation of a complete Jabber server. Description Openfire's connection manager in the file ConnectionManagerImpl.java cannot handle clients that fail to read messages, and has no limit on their session's send buffer. Impact Remote authenticat...

4CVSS6.2AI score0.01657EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2008/03/02 12:0 a.m.54 views

Adobe Acrobat Reader: Multiple vulnerabilities

Background Adobe Acrobat Reader is a PDF reader released by Adobe. Description Multiple vulnerabilities have been discovered in Adobe Acrobat Reader, including: A file disclosure when using file:// in PDF documents CVE-2007-1199 Multiple buffer overflows in unspecified Javascript methods...

9.8CVSS10AI score0.94222EPSS
Exploits11
Gentoo Linux
Gentoo Linux
added 2008/01/29 12:0 a.m.54 views

PostgreSQL: Multiple vulnerabilities

Background PostgreSQL is an open source object-relational database management system. Description If using the "expression indexes" feature, PostgreSQL executes index functions as the superuser during VACUUM and ANALYZE instead of the table owner, and allows SET ROLE and SET SESSION AUTHORIZATION...

7.2CVSS9.3AI score0.03855EPSS
Exploits3
Gentoo Linux
Gentoo Linux
added 2007/12/29 12:0 a.m.54 views

Mozilla Firefox, SeaMonkey: Multiple vulnerabilities

Background Mozilla Firefox is a cross-platform web browser from Mozilla. SeaMonkey is a free, cross-platform Internet suite. Description Jesse Ruderman and Petko D. Petkov reported that the jar protocol handler in Mozilla Firefox and Seamonkey does not properly check MIME types CVE-2007-5947...

9.3CVSS7.6AI score0.05443EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2006/06/07 12:0 a.m.54 views

AWStats: Remote execution of arbitrary code

Background AWStats is an advanced log file analyzer and statistics generator. Description Hendrik Weimer has found that if updating the statistics via the web frontend is enabled, it is possible to inject arbitrary code via a pipe character in the "migrate" parameter. Additionally, r0t has...

5.1CVSS6.7AI score0.58356EPSS
Exploits10
Gentoo Linux
Gentoo Linux
added 2005/03/19 12:0 a.m.54 views

KDE: Local Denial of service

Background KDE is a feature-rich graphical desktop environment for Linux and Unix-like Operating Systems. DCOP is KDE's simple IPC/RPC mechanism. Description Sebastian Krahmer discovered that it is possible to stall the dcopserver of other users. Impact An attacker could exploit this to cause a...

2.1CVSS6.3AI score0.00401EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2024/02/04 12:0 a.m.53 views

Xen: Multiple Vulnerabilities

Background Xen is a bare-metal hypervisor. Description Multiple vulnerabilities have been discovered in Xen. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workaround at this time...

8.8CVSS7.9AI score0.04947EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2023/09/29 12:0 a.m.53 views

libsndfile: Multiple Vulnerabilities

Background libsndfile is a C library for reading and writing files containing sampled sound. Description Multiple vulnerabilities have been discovered in libsndfile. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details...

8.8CVSS7.4AI score0.03292EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2023/09/29 12:0 a.m.53 views

libarchive: Multiple Vulnerabilities

Background libarchive is a library for manipulating different streaming archive formats, including certain tar variants, several cpio formats, and both BSD and GNU ar variants. Description Multiple vulnerabilities have been discovered in libarchive. Please review the CVE identifiers referenced...

9.8CVSS9.6AI score0.01936EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2022/12/19 12:0 a.m.53 views

curl: Multiple Vulnerabilities

Background A command line tool and library for transferring data with URLs. Description Multiple vulnerabilities have been discovered in curl. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no...

9.8CVSS7.7AI score0.3197EPSS
Exploits23
Total number of security vulnerabilities3816