Lucene search
K
GentooMost viewed

3816 matches found

Gentoo Linux
Gentoo Linux
•added 2020/07/31 12:0 a.m.•53 views

Mozilla Thunderbird: Multiple vulnerabilities

Background Mozilla Thunderbird is a popular open-source email client from the Mozilla project. Description Multiple vulnerabilities have been discovered in Mozilla Thunderbird. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for...

9.3CVSS2.7AI score0.0779EPSS
Exploits6
Gentoo Linux
Gentoo Linux
•added 2020/07/27 12:0 a.m.•53 views

Icinga: Root privilege escalation

Background Icinga is an open source computer system and network monitoring application. It was originally created as a fork of the Nagios system monitoring application in 2009. Description It was discovered that Icinga’s installed files have insecure permissions, possibly allowing root privilege...

7.8CVSS7.8AI score0.00311EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2019/08/15 12:0 a.m.•53 views

CUPS: Multiple vulnerabilities

Background CUPS, the Common Unix Printing System, is a full-featured print server. Description Multiple vulnerabilities have been discovered in CUPS. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There i...

9.3CVSS2.8AI score0.00878EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2018/01/17 12:0 a.m.•53 views

Poppler: Multiple vulnerabilities

Background Poppler is a PDF rendering library based on the xpdf-3.0 code base. Description Multiple vulnerabilities have been discovered in Poppler. Please review the CVE identifiers referenced below for details. Impact A remote attacker, by enticing a user to open a specially crafted PDF, could...

8.8CVSS7.9AI score0.04415EPSS
Exploits3
Gentoo Linux
Gentoo Linux
•added 2017/11/11 12:0 a.m.•53 views

LXC: Remote security bypass

Background LinuX Containers userspace utilities Description Previous versions of lxc-attach ran a shell or the specified command without allocating a pseudo terminal making it vulnerable to input faking via a TIOCSTI ioctl call. Impact Remote attackers can escape the container and perform...

8.6CVSS8.6AI score0.01531EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2017/05/07 12:0 a.m.•53 views

Chromium: Multiple vulnerabilities

Background Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web. Description Multiple vulnerabilities have been discovered in the Chromium web browser. Please review the CVE identifiers referenced below for details...

8.8CVSS8.7AI score0.03362EPSS
Exploits1
Gentoo Linux
Gentoo Linux
•added 2017/01/23 12:0 a.m.•53 views

DirectFB: Multiple vulnerabilities

Background DirectFB Direct Frame Buffer is a set of graphics APIs implemented on top of the Linux Frame Buffer fbdev abstraction layer. Description Multiple vulnerabilities have been discovered in DirectFB. Please review the CVE identifiers referenced below for details. Impact Remote attackers...

10CVSS7.5AI score0.06776EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2017/01/17 12:0 a.m.•53 views

file: Multiple vulnerabilities

Background file is a utility that guesses a file format by scanning binary data for patterns. Description Multiple vulnerabilities have been discovered in file. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user or automated system to...

7.5CVSS9.1AI score0.14013EPSS
Exploits1
Gentoo Linux
Gentoo Linux
•added 2017/01/11 12:0 a.m.•53 views

flex: Potential insecure code generation

Background flex is a programming tool used to generate scanners programs which recognize lexical patterns in text. Description A heap-based buffer overflow in the yygetnextbuffer function in Flex might allow context-dependent attackers to cause a denial of service or possibly execute arbitrary co...

9.8CVSS5AI score0.08767EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2016/11/15 12:0 a.m.•53 views

Xen: Multiple vulnerabilities

Background Xen is a bare-metal hypervisor. Description Multiple vulnerabilities have been discovered in Xen. Please review the CVE identifiers referenced below for details. Impact A malicious guest administrator could escalate their privileges on the host system or cause a Denial of Service...

8.8CVSS3.4AI score0.00425EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2016/10/06 12:0 a.m.•53 views

Groovy: Arbitrary code execution

Background A multi-faceted language for the Java platform Description Groovy’s MethodClosure class, in runtime/MethodClosure.java, is vulnerable to a crafted serialized object. Impact Remote attackers could potentially execute arbitrary code, or cause Denial of Service condition Workaround A...

9.8CVSS8.1AI score0.42983EPSS
Exploits4
Gentoo Linux
Gentoo Linux
•added 2016/07/20 12:0 a.m.•53 views

Commons-BeanUtils: Arbitrary code execution

Background Commons-beanutils provides easy-to-use wrappers around Reflection and Introspection APIs Description Apache Commons BeanUtils does not suppress the class property, which allows for the manipulation of the ClassLoader. Impact Remote attackers could potentially execute arbitrary code wit...

7.5CVSS9.4AI score0.96121EPSS
Exploits4
Gentoo Linux
Gentoo Linux
•added 2014/12/15 12:0 a.m.•53 views

Apache Tomcat: Multiple vulnerabilities

Background Apache Tomcat is a Servlet-3.0/JSP-2.2 Container. Description Multiple vulnerabilities have been discovered in Tomcat. Please review the CVE identifiers referenced below for details. Impact A remote attacker may be able to cause a Denial of Service condition as well as obtain sensitive...

7.5CVSS7.8AI score0.83175EPSS
Exploits24
Gentoo Linux
Gentoo Linux
•added 2014/06/22 12:0 a.m.•53 views

nginx: Arbitrary code execution

Background nginx is a robust, small, and high performance HTTP and reverse proxy server. Description A bug in the SPDY implementation in nginx was found which might cause a heap memory buffer overflow in a worker process by using a specially crafted request. The SPDY implementation is not enabled...

7.5CVSS9.6AI score0.09293EPSS
Exploits1
Gentoo Linux
Gentoo Linux
•added 2014/05/03 12:0 a.m.•53 views

Adobe Flash Player: Multiple vulnerabilities

Background The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Description Multiple vulnerabilities have been discovered in Adobe Flash Player. Please review the CVE identifiers referenced below for details. Impact A remote attacke...

10CVSS7.5AI score0.94569EPSS
Exploits17
Gentoo Linux
Gentoo Linux
•added 2014/01/21 12:0 a.m.•53 views

sudo: Privilege escalation

Background sudo allows a system administrator to give users the ability to run commands as other users. Access to commands may also be granted on a range to hosts. Description Multiple vulnerabilities have been found in sudo: sudo does not correctly validate the controlling terminal on a system...

6.9CVSS8.4AI score0.03176EPSS
Exploits8
Gentoo Linux
Gentoo Linux
•added 2013/11/28 12:0 a.m.•53 views

Perl: Multiple vulnerabilities

Background Perl is Larry Wall’s Practical Extraction and Report Language. Description Multiple vulnerabilities have been discovered in Perl. Please review the CVE identifiers referenced below for details. Impact A local attacker could cause a Denial of Service condition or perform symlink attacks...

6.9CVSS8.4AI score0.08878EPSS
Exploits6
Gentoo Linux
Gentoo Linux
•added 2013/11/13 12:0 a.m.•53 views

FreeRADIUS: Multiple vulnerabilities

Background FreeRADIUS is an open source RADIUS authentication server. Description Multiple vulnerabilities have been discovered in FreeRADIUS. Please review the CVE identifiers referenced below for details. Impact A remote attacker could possibly execute arbitrary code with the privileges of the...

6.8CVSS7.9AI score0.0565EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2012/04/17 12:0 a.m.•53 views

Adobe Flash Player: Multiple vulnerabilities

Background The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Description Multiple vulnerabilities have been discovered in Adobe Flash Player. Please review the CVE identifiers referenced below for details. Impact A remote attacke...

10CVSS10AI score0.9203EPSS
Exploits17
Gentoo Linux
Gentoo Linux
•added 2011/10/22 12:0 a.m.•53 views

Cyrus IMAP Server: Multiple vulnerabilities

Background The Cyrus IMAP Server is an efficient, highly-scalable IMAP e-mail server. Description Multiple vulnerabilities have been discovered in the Cyrus IMAP Server. Please review the CVE identifiers referenced below for details. Impact An unauthenticated local or remote attacker may be able ...

7.5CVSS6.8AI score0.05365EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2011/10/09 12:0 a.m.•53 views

Wireshark: Multiple vulnerabilities

Background Wireshark is a versatile network protocol analyzer. Description Multiple vulnerabilities have been discovered in Wireshark. Please review the CVE identifiers referenced below for details. Impact A remote attacker could send specially crafted packets on a network being monitored by...

10CVSS7.3AI score0.41744EPSS
Exploits46
Gentoo Linux
Gentoo Linux
•added 2008/03/10 12:0 a.m.•53 views

PDFlib: Multiple buffer overflows

Background PDFlib is a library for generating PDF on the fly. Description poplix reported multiple boundary errors in the pdcfsearchfopen function when processing overly long filenames. Impact A remote attacker could send specially crafted content to a vulnerable application using PDFlib, possibl...

5.7CVSS7.1AI score0.06674EPSS
Exploits1
Gentoo Linux
Gentoo Linux
•added 2007/11/01 12:0 a.m.•53 views

OpenSSH: Security bypass

Background OpenSSH is a complete SSH protocol implementation that includes an SFTP client and server support. Description Jan Pechanec discovered that OpenSSH uses a trusted X11 cookie when it cannot create an untrusted one. Impact An attacker could bypass the SSH client security policy and gain...

7.5CVSS6.6AI score0.02374EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2006/10/16 12:0 a.m.•53 views

Seamonkey: Multiple vulnerabilities

Background The SeaMonkey project is a community effort to deliver production-quality releases of code derived from the application formerly known as 'Mozilla Application Suite'. Description A number of vulnerabilities have been found and fixed in Seamonkey. For details please consult the referenc...

10CVSS7.2AI score0.14074EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2005/03/25 12:0 a.m.•53 views

Mozilla Suite: Multiple vulnerabilities

Background The Mozilla Suite is a popular all-in-one web browser that includes a mail and news reader. Description The following vulnerabilities were found and fixed in the Mozilla Suite: Mark Dowd from ISS X-Force reported an exploitable heap overrun in the GIF processing of obsolete Netscape...

7.5CVSS7.3AI score0.20398EPSS
Exploits11
Gentoo Linux
Gentoo Linux
•added 2004/09/20 12:0 a.m.•53 views

Mozilla, Firefox, Thunderbird, Epiphany: New releases fix vulnerabilities

Background Mozilla is a popular web browser that includes a mail and newsreader. Epiphany is a web browser that uses Gecko, the Mozilla rendering engine. Mozilla Firefox and Mozilla Thunderbird are respectively the next-generation browser and mail client from the Mozilla project. Description...

10CVSS7.1AI score0.10139EPSS
Exploits3
Gentoo Linux
Gentoo Linux
•added 2004/05/26 12:0 a.m.•53 views

Apache 1.3: Multiple vulnerabilities

Background The Apache HTTP Server Project is an effort to develop and maintain an open-source HTTP server for modern operating systems. The goal of this project is to provide a secure, efficient and extensible server that provides services in tune with the current HTTP standards. Description On...

7.5CVSS7AI score0.11549EPSS
Exploits7
Gentoo Linux
Gentoo Linux
•added 2024/05/05 12:0 a.m.•52 views

Apache Commons BCEL: Remote Code Execution

Background The Byte Code Engineering Library Apache Commons BCEL™ is intended to give users a convenient way to analyze, create, and manipulate binary Java class files those ending with .class. Description A vulnerability has been discovered in U-Boot tools. Please review the CVE identifier...

9.8CVSS8.2AI score0.17673EPSS
Exploits2
Gentoo Linux
Gentoo Linux
•added 2024/01/07 12:0 a.m.•52 views

Mozilla Firefox: Multiple Vulnerabilities

Background Mozilla Firefox is a popular open-source web browser from the Mozilla project. Description Multiple vulnerabilities have been discovered in Mozilla Firefox. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details...

9.8CVSS7.9AI score0.99735EPSS
Exploits11
Gentoo Linux
Gentoo Linux
•added 2023/05/30 12:0 a.m.•52 views

OpenImageIO: Multiple Vulnerabilities

Background OpenImageIO is a library for reading and writing images. Description Multiple vulnerabilities have been discovered in OpenImageIO. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no kno...

9.8CVSS7.4AI score0.01962EPSS
Exploits26
Gentoo Linux
Gentoo Linux
•added 2023/01/11 12:0 a.m.•52 views

NTFS-3G: Multiple Vulnerabilities

Background NTFS-3G is a stable, full-featured, read-write NTFS driver for various operating systems. Description Multiple vulnerabilities have been discovered in NTFS-3G. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for detail...

7.8CVSS7.7AI score0.00488EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2023/01/11 12:0 a.m.•52 views

protobuf-java: Denial of Service

Background protobuf-java contains the Java bindings for Google's Protocol Buffers. Description Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields causes objects to be converted back and forth between mutable and immutable forms, resulting in...

7.5CVSS3.8AI score0.01048EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2022/12/19 12:0 a.m.•52 views

curl: Multiple Vulnerabilities

Background A command line tool and library for transferring data with URLs. Description Multiple vulnerabilities have been discovered in curl. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no...

9.8CVSS7.7AI score0.3197EPSS
Exploits23
Gentoo Linux
Gentoo Linux
•added 2022/10/31 12:0 a.m.•52 views

Lighttpd: Denial of Service

Background Lighttpd is a lightweight high-performance web server. Description Lighttpd's modwstunnel does not initialize a handler function pointer if an invalid HTTP request websocket handshake is received. Impact An attacker can trigger a denial of service via making Lighttpd try to call an...

7.5CVSS1.6AI score0.02714EPSS
Exploits5
Gentoo Linux
Gentoo Linux
•added 2022/08/14 12:0 a.m.•52 views

libarchive: Multiple Vulnerabilities

Background libarchive is a library for manipulating different streaming archive formats, including certain tar variants, several cpio formats, and both BSD and GNU ar variants. Description Multiple vulnerabilities have been discovered in libarchive. Please review the CVE identifiers referenced...

7.8CVSS3AI score0.02845EPSS
Exploits1
Gentoo Linux
Gentoo Linux
•added 2021/05/26 12:0 a.m.•52 views

Nettle: Denial of service

Background Nettle is a cryptographic library that is designed to fit easily in almost any context: In cryptographic toolkits for object-oriented languages, such as C++, Python, or Pike, in applications like lsh or GnuPG, or even in kernel space. Description It was discovered that Nettle incorrect...

8.1CVSS8.1AI score0.01607EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2020/08/08 12:0 a.m.•52 views

Ark: Arbitrary code execution

Background Ark is a graphical file compression/decompression utility with support for multiple formats. Description A maliciously crafted archive with “../” in the file paths could install files anywhere in the user’s home directory upon extraction. Impact A remote attacker could entice a user to...

4.3CVSS4.4AI score0.01706EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2020/07/28 12:0 a.m.•52 views

rsync: Multiple vulnerabilities

Background File transfer program to keep remote files into sync. Description Multiple vulnerabilities have been discovered in rsync within bundled zlib. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround Ther...

9.8CVSS2.4AI score0.07489EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2020/07/27 12:0 a.m.•52 views

OCaml: Arbitrary code execution

Background OCaml is a high-level, strongly-typed, functional, and object-oriented programming language from the ML family of languages Description The camlbadeserialize function in byterun/bigarray.c in the standard library of OCaml has an integer overflow. Impact A remote attacker could possibly...

9.8CVSS5.2AI score0.04216EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2020/07/27 12:0 a.m.•52 views

Sarg: Local privilege escalation

Background Sarg Squid Analysis Report Generator is a tool that provides many informations about the Squid web proxy server users activities: time, sites, traffic, etc. Description A flaw in Sarg’s handling of temporary directories was discovered. Impact A local attacker may be able to escalate...

7CVSS6.8AI score0.0025EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2020/07/27 12:0 a.m.•52 views

rssh: Multiple vulnerabilities

Background rssh is a restricted shell, allowing only a few commands like scp or sftp. It is often used as a complement to OpenSSH to provide limited access to users. Description Multiple vulnerabilities have been discovered in rssh. Please review the CVE identifiers referenced below for details...

9.8CVSS1.8AI score0.04869EPSS
Exploits5
Gentoo Linux
Gentoo Linux
•added 2020/07/27 12:0 a.m.•52 views

spice: Arbitrary code execution

Background Provides a complete open source solution for remote access to virtual machines in a seamless way so you can play videos, record audio, share USB devices, and share folders without complications. Description A flaw in spice’s memory handling code has been discovered, allowing an out of...

7.5CVSS8.2AI score0.01208EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2020/03/26 12:0 a.m.•52 views

Adobe Flash Player: Remote execution of arbitrary code

Background The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Description A critical type confusion vulnerability was discovered in Adobe Flash Player. Impact A remote attacker could possibly execute arbitrary code with the...

9.3CVSS3.7AI score0.0978EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2017/11/11 12:0 a.m.•52 views

GNU Wget: Multiple vulnerabilities

Background GNU Wget is a free software package for retrieving files using HTTP, HTTPS and FTP, the most widely-used Internet protocols. Description Multiple vulnerabilities have been discovered in Wget. Please review the referenced CVE identifiers for details. Impact A remote attacker, by enticin...

9.3CVSS9.6AI score0.79855EPSS
Exploits3
Gentoo Linux
Gentoo Linux
•added 2017/06/06 12:0 a.m.•52 views

FileZilla: Buffer overflow

Background FileZilla is an open source FTP client. Description FileZilla is affected by the same vulnerability as reported in “GLSA 201703-03” because the package included a vulnerable copy of PuTTY. Please read the GLSA for PuTTY referenced below for details. Impact A remote attacker, utilizing...

9.8CVSS9.8AI score0.21816EPSS
Exploits4
Gentoo Linux
Gentoo Linux
•added 2017/06/06 12:0 a.m.•52 views

FreeType: Multiple vulnerabilities

Background FreeType is a high-quality and portable font engine. Description Multiple vulnerabilities have been discovered in FreeType. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to use a specially crafted font file using FreeType,...

9.8CVSS9.7AI score0.04188EPSS
Exploits1
Gentoo Linux
Gentoo Linux
•added 2017/02/20 12:0 a.m.•52 views

Adobe Flash Player: Multiple vulnerabilities

Background The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Description Multiple vulnerabilities have been discovered in Adobe Flash Player. Please review the CVE identifiers referenced below for details. Impact A remote attacke...

9.3CVSS9.2AI score0.32676EPSS
Exploits32
Gentoo Linux
Gentoo Linux
•added 2017/01/17 12:0 a.m.•52 views

Pidgin: Multiple vulnerabilities

Background Pidgin is a client for a variety of instant messaging protocols. Description Multiple vulnerabilities have been discovered in Pidgin. Please review the CVE identifiers referenced below for details. Impact A remote attacker might send specially crafted data using the MXit protocol,...

9.8CVSS8.1AI score0.04554EPSS
Exploits17
Gentoo Linux
Gentoo Linux
•added 2016/12/31 12:0 a.m.•52 views

Pillow: Multiple vulnerabilities

Background The friendly PIL fork. Description Multiple vulnerabilities have been discovered in Pillow. Please review the CVE identifiers referenced below for details. Impact A local attacker could perform symlink attacks to overwrite arbitrary files with the privileges of the user running the...

10CVSS8AI score0.07871EPSS
Exploits2
Gentoo Linux
Gentoo Linux
•added 2016/12/31 12:0 a.m.•52 views

Openfire: Multiple vulnerabilities

Background Openfire formerly Wildfire is a cross-platform real-time collaboration server based on the XMPP Jabber protocol. Description Multiple vulnerabilities have been discovered in Openfire. Please review the CVE identifiers referenced below for details. Impact A remote attacker could bypass...

6.8CVSS5.3AI score0.64818EPSS
Exploits6
Total number of security vulnerabilities3816