Lucene search
K
GentooMost viewed

3816 matches found

Gentoo Linux
Gentoo Linux
added 2018/05/14 12:0 a.m.398 views

mpv: Remote code execution

Background Video player based on MPlayer/mplayer2 Description A vulnerability was discovered in mpv with the handling of HTML documents containing VIDEO elements. Additionally, mpv accepts arbitrary URLs in a src attribute without a protocol whitelist in player/lua/ytdlhook.lua. Impact A remote...

8.8CVSS2.6AI score0.02642EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2018/05/08 12:0 a.m.381 views

rsync: Arbitrary command execution

Background File transfer program to keep remote files into sync. Description A vulnerability was discovered in rsync’s parsearguments function in options.c. Impact Remote attackers could possibly execute arbitrary commands with the privilege of the process. Workaround There is no known workaround...

7.5CVSS8.2AI score0.06337EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2018/05/02 12:0 a.m.376 views

Chromium, Google Chrome: Multiple vulnerabilities

Background Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web. Google Chrome is one fast, simple, and secure browser for all your devices. Description Multiple vulnerabilities have been discovered in Chromium and...

8.8CVSS2.3AI score0.01495EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2019/08/18 12:0 a.m.330 views

MariaDB, MySQL: Multiple vulnerabilities

Background MariaDB is an enhanced, drop-in replacement for MySQL. MySQL is a popular multi-threaded, multi-user SQL server. MySQL is a popular multi-threaded, multi-user SQL server Description Multiple vulnerabilities have been discovered in MariaDB and MySQL. Please review the CVE identifiers...

9.8CVSS3.3AI score0.28007EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2021/05/26 12:0 a.m.325 views

nginx: Remote code execution

Background nginx is a robust, small, and high performance HTTP and reverse proxy server. Description It was discovered that nginx did not properly handle DNS responses when “resolver” directive is used. Impact A remote attacker, able to provide DNS responses to a nginx instance, could cause the...

7.7CVSS7.5AI score0.52838EPSS
Exploits10
Gentoo Linux
Gentoo Linux
added 2019/09/07 12:0 a.m.322 views

Exim: Multiple vulnerabilities

Background Exim is a message transfer agent MTA designed to be a a highly configurable, drop-in replacement for sendmail. Description Multiple vulnerabilities have been discovered in Exim. Please review the CVE identifiers referenced below for details. Impact A remote attacker, by connecting to t...

10CVSS2AI score0.35736EPSS
Exploits3
Gentoo Linux
Gentoo Linux
added 2019/08/18 12:0 a.m.302 views

Adobe Flash Player: Multiple vulnerabilities

Background The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Description Multiple vulnerabilities have been discovered in Adobe Flash Player. Please review the CVE identifiers referenced below for details. Impact A remote attacke...

10CVSS3.5AI score0.06376EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2019/08/31 12:0 a.m.297 views

libofx: Multiple vulnerabilities

Background A library to support the Open Financial eXchange XML format Description Multiple vulnerabilities have been discovered in libofx. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to process a specially crafted file using an...

8.8CVSS4AI score0.02393EPSS
Exploits4
Gentoo Linux
Gentoo Linux
added 2019/08/31 12:0 a.m.292 views

Nautilus: Security bypass

Background Default file manager for the GNOME desktop Description A vulnerability was discovered in Nautilus which allows an attacker to escape the sandbox. Impact A local attacker could possibly bypass sandbox protection. Workaround There is no known workaround at this time. Resolution All...

7.8CVSS4AI score0.00348EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2019/08/18 12:0 a.m.286 views

hostapd and wpa_supplicant: Denial of service

Background wpasupplicant is a WPA Supplicant with support for WPA and WPA2 IEEE 802.11i / RSN. hostapd is a user space daemon for access point and authentication servers. Description A vulnerability was discovered in hostapd’s and wpasupplicant’s eapserver/eapserverpwd.c and eappeer/eappwd.c file...

5.9CVSS7AI score0.03252EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2019/08/18 12:0 a.m.272 views

VLC: Multiple vulnerabilities

Background VLC is a cross-platform media player and streaming server. Description Multiple vulnerabilities have been discovered in VLC. Please review the CVE identifiers referenced below for details. Impact Remote attackers, by enticing a user to execute a specially crafted media file, could caus...

9.8CVSS5AI score0.05295EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2019/08/31 12:0 a.m.266 views

Dovecot: Multiple vulnerabilities

Background Dovecot is an open source IMAP and POP3 email server. Description Multiple vulnerabilities have been discovered in Dovecot. Please review the CVE identifiers referenced below for details. Impact An unauthenticated remote attacker could send a specially crafted mail or use crafted IMAP...

9.8CVSS3.9AI score0.62579EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2019/08/18 12:0 a.m.264 views

Patch: Multiple vulnerabilities

Background Patch takes a patch file containing a difference listing produced by the diff program and applies those differences to one or more original files, producing patched versions. Description Multiple vulnerabilities have been discovered in Patch. Please review the CVE identifiers reference...

9.3CVSS3.7AI score0.0453EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2019/08/31 12:0 a.m.263 views

GNOME desktop library: Security bypass

Background Library with common API for various GNOME modules. Description A vulnerability was discovered in the GNOME desktop library which allows an attacker to escape the sandbox. Impact A local attacker could possibly bypass sandbox protection. Workaround There is no known workaround at this...

9CVSS4.1AI score0.01952EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2007/02/13 12:0 a.m.263 views

ProFTPD: Local privilege escalation

Background ProFTPD is a powerful, configurable, and free FTP daemon. Description A flaw exists in the modctrls module of ProFTPD, normally used to allow FTP server administrators to configure the daemon at runtime. Impact An FTP server administrator permitted to interact with modctrls could...

6.6CVSS7.3AI score0.02298EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2019/03/10 12:0 a.m.255 views

Keepalived: Multiple vulnerabilities

Background Keepalived is a strong & robust keepalive facility to the Linux Virtual Server project. Description Multiple vulnerabilities have been discovered in keepalived. Please review the CVE identifiers referenced below for details. Impact A remote attacker could send a specially crafted reque...

9.8CVSS7.6AI score0.03746EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2017/01/02 12:0 a.m.242 views

memcached: Multiple vulnerabilities

Background memcached is a high-performance, distributed memory object caching system Description Multiple integer overflow vulnerabilities were discovered in memcached. Please review the CVE identifiers and Cisco TALOS reports referenced below for details. Impact A remote attacker could abuse...

9.8CVSS9.8AI score0.45703EPSS
Exploits4
Gentoo Linux
Gentoo Linux
added 2019/03/20 12:0 a.m.229 views

OpenSSH: Multiple vulnerabilities

Background OpenSSH is a complete SSH protocol implementation that includes SFTP client and server support. Description Multiple vulnerabilities have been discovered in OpenSSH. Please review the CVE identifiers referenced below for details. Impact A remote attacker could overwrite arbitrary files...

6.8CVSS2.9AI score0.58204EPSS
Exploits10
Gentoo Linux
Gentoo Linux
added 2018/05/02 12:0 a.m.217 views

Python: Buffer overflow

Background Python is an interpreted, interactive, object-oriented programming language. Description A buffer overflow was discovered in Python’s PyStringDecodeEscape function in stringobject.c. Impact Remote attackers, by enticing a user to process a specially crafted file, could execute arbitrar...

9.8CVSS10AI score0.07944EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2018/05/02 12:0 a.m.215 views

hesiod: Root privilege escalation

Background DNS functionality to access to DB of information that changes infrequently. Description Multiple vulnerabilities have been discovered in hesiod that have remained unaddressed. Please review the referenced CVE identifiers for details. Impact A remote or local attacker may be able to...

10CVSS3.2AI score0.0683EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2019/03/10 12:0 a.m.210 views

Zsh: User-assisted execution of arbitrary code

Background A shell designed for interactive use, although it is also a powerful scripting language. Description Two input validation errors have been discovered in how Zsh parses scripts: Parsing a malformed shebang line could cause Zsh to call a program listed in the second line CVE-2018-0502...

9.8CVSS8.4AI score0.02723EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2018/01/17 12:0 a.m.209 views

rsync: Multiple vulnerabilities

Background File transfer program to keep remote files into sync. Description Multiple vulnerabilities have been discovered in rsync. Please review the CVE identifiers referenced below for details. Impact A remote attacker could bypass intended access restrictions or cause a Denial of Service...

9.8CVSS8.1AI score0.05163EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2016/11/15 12:0 a.m.209 views

xinetd: Privilege escalation

Background xinetd is a secure replacement for inetd. Description Xinetd does not enforce the user and group configuration directives for TCPMUX services, which causes these services to be run as root. Impact Attackers could escalate privileges outside of the running process. Workaround There is n...

7.6CVSS6.5AI score0.06391EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2018/11/23 12:0 a.m.202 views

Chromium: Multiple vulnerabilities

Background Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web. Description Multiple vulnerabilities have been discovered in Chromium and Google Chrome. Please review the referenced CVE identifiers and Google Chrom...

9.6CVSS1.2AI score0.83898EPSS
Exploits10
Gentoo Linux
Gentoo Linux
added 2014/06/13 12:0 a.m.191 views

lighttpd: Multiple vulnerabilities

Background lighttpd is a lightweight high-performance web server. Description Multiple vulnerabilities have been discovered in lighttpd. Please review the CVE identifiers referenced below for details. Impact A remote attacker could create a Denial of Service condition. Futhermore, a remote attack...

9.8CVSS9.9AI score0.61665EPSS
Exploits18
Gentoo Linux
Gentoo Linux
added 2018/11/24 12:0 a.m.190 views

GPL Ghostscript: Multiple vulnerabilities

Background Ghostscript is an interpreter for the PostScript language and for PDF. Description Multiple vulnerabilities have been discovered in GPL Ghostscript. Please review the CVE identifiers referenced below for additional information. Impact A context-dependent attacker could entice a user to...

9.8CVSS3.4AI score0.92499EPSS
Exploits17
Gentoo Linux
Gentoo Linux
added 2022/08/04 12:0 a.m.188 views

Icinga Web 2: Multiple Vulnerabilities

Background Icinga Web 2 is a frontend for icinga2. Description Multiple vulnerabilities have been discovered in Icinga Web 2. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workaround at...

8.8CVSS3.5AI score0.89378EPSS
Exploits14
Gentoo Linux
Gentoo Linux
added 2017/11/10 12:0 a.m.183 views

hostapd and wpa_supplicant: Key Reinstallation (KRACK) attacks

Background wpasupplicant is a WPA Supplicant with support for WPA and WPA2 IEEE 802.11i / RSN. hostapd is a user space daemon for access point and authentication servers. Description WiFi Protected Access WPA and WPA2 and it’s associated technologies are all vulnerable to the KRACK attacks. Pleas...

8.1CVSS7.8AI score0.04575EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2019/03/19 12:0 a.m.182 views

NTP: Multiple vulnerabilities

Background NTP contains software for the Network Time Protocol. Description Multiple vulnerabilities have been discovered in NTP. Please review the CVE identifiers referenced below for details. Impact An attacker could cause a Denial of Service condition, escalate privileges, or remotely execute...

9.8CVSS3.3AI score0.29037EPSS
Exploits7
Gentoo Linux
Gentoo Linux
added 2013/09/24 12:0 a.m.180 views

ProFTPD: Multiple vulnerabilities

Background ProFTPD is an advanced and very configurable FTP server. Description Multiple vulnerabilities have been discovered in ProFTPD. Please review the CVE identifiers referenced below for details. Impact A context-dependent attacker could possibly execute arbitrary code with the privileges o...

10CVSS8AI score0.91303EPSS
Exploits35
Gentoo Linux
Gentoo Linux
added 2018/11/24 12:0 a.m.179 views

Exiv2: Multiple vulnerabilities

Background Exiv2 is a C++ library and a command line utility to manage image metadata. Description Multiple vulnerabilities have been discovered in Exiv2. Please review the CVE identifiers referenced below for details. Impact A remote attacker could cause a Denial of Service condition or obtain...

9.8CVSS3.9AI score0.0296EPSS
Exploits18
Gentoo Linux
Gentoo Linux
added 2013/09/23 12:0 a.m.179 views

Apache HTTP Server: Multiple vulnerabilities

Background Apache HTTP Server is one of the most popular web servers on the Internet. Description Multiple vulnerabilities have been found in Apache HTTP Server. Please review the CVE identifiers and research paper referenced below for details. Impact A remote attacker could send a specially...

5.1CVSS7.8AI score0.71634EPSS
Exploits6
Gentoo Linux
Gentoo Linux
added 2019/04/22 12:0 a.m.174 views

Apache: Privilege escalation

Background The Apache HTTP server is one of the most popular web servers on the Internet. Description A vulnerability was discovered in Apache with MPM event, worker, or prefork. Impact An attacker could escalate privileges. Workaround There is no known workaround at this time. Resolution All...

7.8CVSS2.2AI score0.65005EPSS
Exploits8
Gentoo Linux
Gentoo Linux
added 2019/03/14 12:0 a.m.174 views

BIND: Multiple vulnerabilities

Background BIND Berkeley Internet Name Domain is a Name Server. Description Multiple vulnerabilities have been discovered in BIND. Please review the CVE identifiers referenced below for details. Impact BIND can improperly permit recursive query service to unauthorized clients possibly resulting i...

7.5CVSS2.5AI score0.59353EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2019/03/10 12:0 a.m.174 views

Mozilla Firefox: Multiple vulnerabilities

Background Mozilla Firefox is a popular open-source web browser from the Mozilla Project. Description Multiple vulnerabilities have been discovered in Mozilla Firefox. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to view a specially...

10CVSS4.7AI score0.12658EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2019/03/14 12:0 a.m.173 views

OpenSSL: Multiple vulnerabilities

Background OpenSSL is an Open Source toolkit implementing the Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 as well as a general purpose cryptography library. Description Multiple vulnerabilities have been discovered in OpenSSL. Please review the CVE identifiers referenced...

5.9CVSS6.8AI score0.17139EPSS
Exploits4
Gentoo Linux
Gentoo Linux
added 2018/11/24 12:0 a.m.173 views

Mozilla Thunderbird: Multiple vulnerabilities

Background Mozilla Thunderbird is a popular open-source email client from the Mozilla project. Description Multiple vulnerabilities have been discovered in Mozilla Thunderbird. Please review the referenced Mozilla Foundation Security Advisories and CVE identifiers below for details. Impact A remo...

9.8CVSS3AI score0.21288EPSS
Exploits12
Gentoo Linux
Gentoo Linux
added 2019/03/10 12:0 a.m.172 views

cURL: Multiple vulnerabilities

Background A command line tool and library for transferring data with URLs. Description Multiple vulnerabilities have been discovered in cURL. Please review the CVE identifiers referenced below for details. Impact Remote attackers could cause a Denial of Service condition. Workaround There is no...

10CVSS3AI score0.12771EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2006/06/14 12:0 a.m.171 views

DokuWiki: PHP code injection

Background DokuWiki is a simple to use wiki targeted at developer teams, workgroups and small companies. Description Stefan Esser discovered that the DokuWiki spell checker fails to properly sanitize PHP's "complex curly syntax". Impact A unauthenticated remote attacker may execute arbitrary PHP...

7.5CVSS7.4AI score0.13925EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2019/06/06 12:0 a.m.169 views

Exim: Remote command execution

Background Exim is a message transfer agent MTA designed to be a a highly configurable, drop-in replacement for sendmail. Description A vulnerability was discovered in how Exim validates recipient addresses in the delivermessage function. Impact A remote attacker could execute arbitrary commands ...

10CVSS3.3AI score0.99961EPSS
Exploits27
Gentoo Linux
Gentoo Linux
added 2016/06/26 12:0 a.m.168 views

sudo: Unauthorized privilege escalation in sudoedit

Background sudo su “do” allows a system administrator to delegate authority to give certain users or groups of users the ability to run some or all commands as root or another user while providing an audit trail of the commands and their arguments. Description sudoedit in sudo is vulnerable to th...

7.2CVSS7.8AI score0.01458EPSS
Exploits5
Gentoo Linux
Gentoo Linux
added 2019/03/14 12:0 a.m.167 views

XRootD: Remote code execution

Background A project that aims at giving high performance, scalable, and fault tolerant access to data repositories of many kinds. Description A shell command injection was discovered in XRootD. Impact A remote attacker could execute arbitrary code. Workaround There is no known workaround at this...

10CVSS3.3AI score0.06467EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2019/03/14 12:0 a.m.164 views

Oracle JDK/JRE: Multiple vulnerabilities

Background Java Platform, Standard Edition Java SE lets you develop and deploy Java applications on desktops and servers, as well as in today’s demanding embedded environments. Java offers the rich user interface, performance, versatility, portability, and security that today’s applications...

8.3CVSS8.9AI score0.15141EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2018/11/24 12:0 a.m.164 views

Asterisk: Multiple vulnerabilities

Background A Modular Open Source PBX System. Description Multiple vulnerabilities have been discovered in Asterisk. Please review the referenced CVE identifiers for details. Impact A remote attacker could cause a Denial of Service condition or conduct information gathering. Workaround There is no...

8.8CVSS3AI score0.75351EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2017/08/26 12:0 a.m.164 views

AutoTrace: Multiple vulnerabilities

Background AutoTrace converts bitmap to vector graphics. Description Heap-based buffer overflows have been discovered in the pstoeditsuffixtableinit and pnmloadrawpbm functions of AutoTrace. Impact Remote attackers, by enticing a user to process a crafted bmp image file, could cause a Denial of...

9.8CVSS4.8AI score0.02461EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2021/07/17 12:0 a.m.161 views

Apache: Multiple vulnerabilities

Background The Apache HTTP server is one of the most popular web servers on the Internet. Description Multiple vulnerabilities have been discovered in Apache. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaroun...

9.8CVSS2AI score0.68067EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2017/08/26 12:0 a.m.161 views

jbig2dec: User-assisted execution of arbitrary code

Background jbig2dec is a decoder implementation of the JBIG2 image compression format. Description Integer overflow errors have been discovered in the jbig2decodesymboldict, jbig2buildhuffmantable, and jbig2imagecompose functions of jbig2dec. Impact A remote attacker, by enticing a user to open a...

7.8CVSS6.1AI score0.01672EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2019/03/28 12:0 a.m.160 views

Apache: Multiple vulnerabilities

Background The Apache HTTP server is one of the most popular web servers on the Internet. Description Multiple vulnerabilities have been discovered in Apache. Please review the CVE identifiers referenced below for details. Impact A remote attacker can possibly cause a Denial of Service condition ...

9.8CVSS2AI score0.59942EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2022/09/29 12:0 a.m.159 views

Mozilla Thunderbird: Multiple Vulnerabilities

Background Mozilla Thunderbird is a popular open-source email client from the Mozilla project. Description Multiple vulnerabilities have been discovered in Mozilla Thunderbird. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for...

8.8CVSS2.7AI score0.01342EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2020/03/15 12:0 a.m.155 views

runC: Multiple vulnerabilities

Background RunC is a CLI tool for spawning and running containers according to the OCI specification. Description Multiple vulnerabilities have been discovered in runC. Please review the CVE identifiers referenced below for details. Impact An attacker, by running a malicious Docker image, could...

9.3CVSS3.1AI score0.9857EPSS
Exploits34
Total number of security vulnerabilities3816