Lucene search
K
GentooMost viewed

3816 matches found

Gentoo Linux
Gentoo Linux
added 2016/12/31 12:0 a.m.52 views

Pillow: Multiple vulnerabilities

Background The friendly PIL fork. Description Multiple vulnerabilities have been discovered in Pillow. Please review the CVE identifiers referenced below for details. Impact A local attacker could perform symlink attacks to overwrite arbitrary files with the privileges of the user running the...

10CVSS8AI score0.07871EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2016/12/31 12:0 a.m.52 views

Icinga: Privilege escalation

Background Icinga is an open source computer system and network monitoring application. It was originally created as a fork of the Nagios system monitoring application in 2009. Description Icinga daemon was found to perform unsafe operations when handling the log file. Impact A local attacker, wh...

7.8CVSS8.4AI score0.04885EPSS
Exploits9
Gentoo Linux
Gentoo Linux
added 2016/12/31 12:0 a.m.52 views

Openfire: Multiple vulnerabilities

Background Openfire formerly Wildfire is a cross-platform real-time collaboration server based on the XMPP Jabber protocol. Description Multiple vulnerabilities have been discovered in Openfire. Please review the CVE identifiers referenced below for details. Impact A remote attacker could bypass...

6.8CVSS5.3AI score0.64818EPSS
Exploits6
Gentoo Linux
Gentoo Linux
added 2016/12/13 12:0 a.m.52 views

Node.js: Multiple vulnerabilities

Background Node.js is a JavaScript runtime built on Chrome’s V8 JavaScript engine. Description Multiple vulnerabilities have been discovered in Node.js. Please review the CVE identifiers referenced below for details. Impact A remote attacker could possibly cause a Denial of Service condition, or...

7.5CVSS7.8AI score0.07013EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2016/12/11 12:0 a.m.52 views

SoX: User-assisted execution of arbitrary code

Background SoX is a command line utility that can convert various formats of computer audio files in to other formats. Description A heap-based buffer overflow can be triggered when processing a malicious NIST Sphere or WAV audio file. Impact A remote attacker could coerce the victim to run SoX...

7.5CVSS7.1AI score0.07709EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2016/11/20 12:0 a.m.52 views

MIT Kerberos 5: Multiple vulnerabilities

Background MIT Kerberos 5 is a suite of applications that implement the Kerberos network protocol. Description Multiple vulnerabilities have been discovered in MIT Kerberos 5. Please review the CVE identifiers referenced below for details. Impact A remote attacker could possibly cause a Denial of...

7.1CVSS8.1AI score0.06243EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2016/11/15 12:0 a.m.52 views

tnftp: Arbitrary code execution

Background tnftp is a NetBSD FTP client with several advanced features. Description The fetchurl function in usr.bin/ftp/fetch.c allows remote attackers to execute arbitrary commands via a Impact A remote attacker could possibly execute arbitrary code with the privileges of the process. Workaroun...

7.5CVSS5.8AI score0.69115EPSS
Exploits8
Gentoo Linux
Gentoo Linux
added 2016/10/11 12:0 a.m.52 views

Subversion, Serf: Multiple Vulnerabilities

Background Subversion is a version control system intended to eventually replace CVS. Like CVS, it has an optional client-server architecture where the server can be an Apache server running modsvn, or an ssh program as in CVS’s :ext: method. In addition to supporting the features found in CVS,...

9CVSS8.3AI score0.57037EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2016/10/11 12:0 a.m.52 views

BIND: Multiple vulnerabilities

Background BIND Berkeley Internet Name Domain is a Name Server. Description Multiple vulnerabilities have been discovered in BIND. Please review the CVE identifiers referenced below for details. Impact A remote attacker could cause a Denial of Service condition through multiple attack vectors...

8.6CVSS7.8AI score0.89482EPSS
Exploits8
Gentoo Linux
Gentoo Linux
added 2015/09/24 12:0 a.m.52 views

cURL: Multiple vulnerabilities

Background cURL is a tool and libcurl is a library for transferring data with URL syntax. Description Multiple vulnerabilities have been discovered in cURL. Please review the CVE identifiers referenced below for details. Impact A remote attacker could possibly obtain sensitive information, or cau...

9CVSS9.3AI score0.3763EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2015/09/24 12:0 a.m.52 views

Cacti: Multiple vulnerabilities

Background Cacti is a complete frontend to rrdtool Description Multiple vulnerabilities have been discovered in cacti. Please review the CVE identifiers referenced below for details. Impact A remote attacker could possibly execute arbitrary code with the privileges of the process, or cause a Deni...

7.5CVSS9.6AI score0.04957EPSS
Exploits6
Gentoo Linux
Gentoo Linux
added 2015/08/15 12:0 a.m.52 views

Adobe Flash Player: Multiple vulnerabilities

Background The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Description Multiple vulnerabilities have been discovered in Adobe Flash Player. Please review the CVE identifiers referenced below for details. Impact A remote attacke...

10CVSS7.9AI score0.93688EPSS
Exploits10
Gentoo Linux
Gentoo Linux
added 2014/09/19 12:0 a.m.52 views

Chromium: Multiple vulnerabilities

Background Chromium is an open-source web browser project. Description Multiple vulnerabilities have been discovered in Chromium. Please review the CVE identifiers referenced below for details. Impact A remote attacker may be able to cause a Denial of Service condition or possibly have other...

7.5CVSS7.2AI score0.01452EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2014/06/26 12:0 a.m.52 views

spice-gtk: Privilege escalation

Background spice-gtk is a set of GObject and Gtk objects for connecting to Spice servers and a client GUI. Description spice-gtk does not properly sanitize the DBUSSYSTEMBUSADDRESS environment variable. Impact A local attacker may be able to gain escalated privileges. Workaround There is no known...

6.9CVSS6.4AI score0.01093EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2013/09/27 12:0 a.m.52 views

Mozilla Products: Multiple vulnerabilities

Background Mozilla Firefox is an open-source web browser and Mozilla Thunderbird an open-source email client, both from the Mozilla Project. The SeaMonkey project is a community effort to deliver production-quality releases of code derived from the application formerly known as the ‘Mozilla...

10CVSS9.9AI score0.73364EPSS
Exploits60
Gentoo Linux
Gentoo Linux
added 2013/09/24 12:0 a.m.52 views

MoinMoin: Multiple vulnerabilities

Background MoinMoin is a Python WikiEngine. Description Multiple vulnerabilities have been discovered in MoinMoin. Please review the CVE identifiers referenced below for details. Impact A remote attacker may be able to execute arbitrary code with the privileges of the process, overwrite arbitrary...

6.4CVSS6.8AI score0.30566EPSS
Exploits10
Gentoo Linux
Gentoo Linux
added 2012/10/18 12:0 a.m.52 views

MoinMoin: Multiple vulnerabilities

Background MoinMoin is a Python WikiEngine. Description Multiple vulnerabilities have been discovered in MoinMoin. Please review the CVE identifiers referenced below for details. Impact These vulnerabilities in MoinMoin allow remote users to inject arbitrary web script or HTML, to obtain sensitiv...

7.5CVSS6.8AI score0.02657EPSS
Exploits3
Gentoo Linux
Gentoo Linux
added 2010/06/01 12:0 a.m.52 views

SILC: Multiple vulnerabilities

Background SILC Secure Internet Live Conferencing protocol Toolkit is a software development kit for use in clients, and SILC Client is an IRSSI-based text client. Description Multiple vulnerabilities were discovered in SILC Toolkit and SILC Client. For further information please consult the CVE...

7.5CVSS7.3AI score0.04827EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2009/04/23 12:0 a.m.52 views

CUPS: Multiple vulnerabilities

Background CUPS, the Common Unix Printing System, is a full-featured print server. Description The following issues were reported in CUPS: iDefense reported an integer overflow in the cupsImageReadTIFF function in the "imagetops" filter, leading to a heap-based buffer overflow CVE-2009-0163. Aaro...

6.8CVSS8.5AI score0.04246EPSS
Exploits3
Gentoo Linux
Gentoo Linux
added 2008/12/14 12:0 a.m.52 views

Dovecot: Multiple vulnerabilities

Background Dovecot is an IMAP and POP3 server written with security primarily in mind. Description Several vulnerabilities were found in Dovecot: The "k" right in the aclplugin does not work as expected CVE-2008-4577, CVE-2008-4578 The dovecot.conf is world-readable, providing improper protection...

7.5CVSS7.9AI score0.06203EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2008/04/18 12:0 a.m.52 views

Adobe Flash Player: Multiple vulnerabilities

Background The Adobe Flash Player is a renderer for the popular SWF file format, which is commonly used to provide interactive websites, digital experiences and mobile content. Description Multiple vulnerabilities have been discovered in Adobe Flash: Secunia Research and Zero Day Initiative...

9.3CVSS8.3AI score0.92501EPSS
Exploits4
Gentoo Linux
Gentoo Linux
added 2008/03/24 12:0 a.m.52 views

MIT Kerberos 5: Multiple vulnerabilities

Background MIT Kerberos 5 is a suite of applications that implement the Kerberos network protocol. kadmind is the MIT Kerberos 5 administration daemon, KDC is the Key Distribution Center. Description Two vulnerabilities were found in the Kerberos 4 support in KDC: A global variable is not set for...

10CVSS10AI score0.10141EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2008/03/04 12:0 a.m.52 views

Win32 binary codecs: Multiple vulnerabilities

Background Win32 binary codecs provide support for video and audio playback. Description Multiple buffer overflow, heap overflow, and integer overflow vulnerabilities were discovered in the Quicktime plugin when processing MOV, FLC, SGI, H.264 and FPX files. Impact A remote attacker could entice ...

9.3CVSS7.6AI score0.41916EPSS
Exploits12
Gentoo Linux
Gentoo Linux
added 2007/08/14 12:0 a.m.52 views

Mozilla products: Multiple vulnerabilities

Background Mozilla Firefox is an open-source web browser from the Mozilla Project, and Mozilla Thunderbird an email client. The SeaMonkey project is a community effort to deliver production-quality releases of code derived from the application formerly known as the 'Mozilla Application Suite'...

9.3CVSS6.4AI score0.05447EPSS
Exploits5
Gentoo Linux
Gentoo Linux
added 2005/12/12 12:0 a.m.52 views

Openswan, IPsec-Tools: Vulnerabilities in ISAKMP Protocol implementation

Background Openswan is an implementation of IPsec for Linux. IPsec-Tools is a port of KAME's implementation of the IPsec utilities, including racoon, an Internet Key Exchange daemon. Internet Key Exchange version 1 IKEv1, a derivate of ISAKMP, is an important part of IPsec. IPsec is widely used t...

7.8CVSS6.3AI score0.07453EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2005/08/24 12:0 a.m.52 views

TikiWiki, eGroupWare: Arbitrary command execution through XML-RPC

Background TikiWiki is a full featured Free Software Wiki, CMS and Groupware written in PHP. eGroupWare is a web-based collaboration software suite. Both TikiWiki and eGroupWare include a PHP library to handle XML-RPC requests. Description The XML-RPC library shipped in TikiWiki and eGroupWare...

7.5CVSS6.6AI score0.05091EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2005/07/13 12:0 a.m.52 views

Bugzilla: Unauthorized access and information disclosure

Background Bugzilla is a web-based bug-tracking system used by many projects. Description Bugzilla allows any user to modify the flags of any bug CAN-2005-2173. Bugzilla inserts bugs into the database before marking them as private, in connection with MySQL replication this could lead to a race...

5CVSS6.3AI score0.00928EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2004/12/19 12:0 a.m.52 views

kdelibs, kdebase: Multiple vulnerabilities

Background KDE is a feature-rich graphical desktop environment for Linux and Unix-like Operating Systems. The KDE core libraries kdebase and kdelibs provide native support for many protocols. Konqueror is the KDE web browser and filemanager. Description Daniel Fabian discovered that the KDE core...

7.5CVSS3AI score0.0272EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2004/09/22 12:0 a.m.52 views

FreeRADIUS: Multiple Denial of Service vulnerabilities

Background FreeRADIUS is an open source RADIUS authentication server implementation. Description There are undisclosed defects in the way FreeRADIUS handles incorrect received packets. Impact A remote attacker could send specially-crafted packets to the FreeRADIUS server to deny service to other...

5CVSS6.6AI score0.03651EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2004/03/28 12:0 a.m.52 views

Multiple remote overflows and vulnerabilities in Ethereal

Background Quote from http://www.ethereal.com "Ethereal is used by network professionals around the world for troubleshooting, analysis, software and protocol development, and education. It has all of the standard features you would expect in a protocol analyzer, and several features not seen in...

7.5CVSS7.9AI score0.67092EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2023/09/29 12:0 a.m.51 views

Pacemaker: Multiple Vulnerabilities

Background Pacemaker is an Open Source, High Availability resource manager suitable for both small and large clusters. Description Multiple vulnerabilities have been discovered in Pacemaker. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE...

9CVSS7.4AI score0.02002EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2023/05/30 12:0 a.m.51 views

squashfs-tools: Multiple Vulnerabilities

Background Squashfs is a compressed read-only filesystem for Linux. Squashfs is intended for general read-only filesystem use, for archival use i.e. in cases where a .tar.gz file may be used, and in constrained block device/memory systems e.g. embedded systems where low overhead is needed...

8.1CVSS7.3AI score0.025EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2023/01/11 12:0 a.m.51 views

Mbed TLS: Multiple Vulnerabilities

Background Mbed TLS previously PolarSSL is an “easy to understand, use, integrate and expand” implementation of the TLS and SSL protocols and the respective cryptographic algorithms and support code required. Description Multiple vulnerabilities have been discovered in Mbed TLS. Please review the...

9.8CVSS7.6AI score0.02569EPSS
Exploits6
Gentoo Linux
Gentoo Linux
added 2022/10/31 12:0 a.m.51 views

libgcrypt: Multiple Vulnerabilities

Background libgcrypt is a general purpose cryptographic library derived out of GnuPG. Description Multiple vulnerabilities have been discovered in libgcrypt. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround...

7.5CVSS7.7AI score0.02342EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2022/10/16 12:0 a.m.51 views

libxml2: Multiple Vulnerabilities

Background libxml2 is the XML C parser and toolkit developed for the GNOME project. Description Multiple vulnerabilities have been discovered in libxml2. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround The...

7.5CVSS2.5AI score0.0601EPSS
Exploits5
Gentoo Linux
Gentoo Linux
added 2021/05/26 12:0 a.m.51 views

Dnsmasq: DNS cache poisoning

Background Dnsmasq is a lightweight and easily-configurable DNS forwarder and DHCP server. Description It was discovered that Dnsmasq, when configured with --server=@ or similar e.g. through dbus, configured a fixed UDP port for all outgoing queries to the specified upstream DNS server. Impact An...

4.3CVSS5AI score0.01988EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2021/05/26 12:0 a.m.51 views

Ceph: Multiple vulnerabilities

Background Ceph is a distributed network file system designed to provide excellent performance, reliability, and scalability. Description Multiple vulnerabilities have been discovered in Ceph. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE...

8.8CVSS2.8AI score0.0211EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2021/04/30 12:0 a.m.51 views

Git: User-assisted execution of arbitrary code

Background Git is a distributed version control system designed. Description It was discovered that Git could be fooled into running remote code during a clone on case-insensitive file systems with support for symbolic links, if Git is configured globally to apply delay-capable clean/smudge filte...

8CVSS8.2AI score0.88644EPSS
Exploits5
Gentoo Linux
Gentoo Linux
added 2021/01/22 12:0 a.m.51 views

KDE Connect: Denial of service

Background KDE Connect is a project that enables all your devices to communicate with each other. Description Multiple issues causing excessive resource consumption were found in KDE Connect. Impact An attacker could cause a possible Denial of Service condition. Workaround There is no known...

5.5CVSS3.5AI score0.00551EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2020/10/20 12:0 a.m.51 views

Ark: Arbitrary code execution

Background Ark is a graphical file compression/decompression utility with support for multiple formats. Description It was discovered that Ark incorrectly handled symbolic links in tar archive files. Impact A remote attacker could entice a user to open a specially crafted archive using Ark,...

4.3CVSS3.5AI score0.01496EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2020/08/27 12:0 a.m.51 views

Mozilla Firefox, Mozilla Thunderbird: Multiple vulnerabilities

Background Mozilla Firefox is a popular open-source web browser from the Mozilla Project. Mozilla Thunderbird is a popular open-source email client from the Mozilla project. Description Multiple vulnerabilities have been discovered in Mozilla Firefox and Mozilla Thunderbird. Please review the CVE...

8.8CVSS2.9AI score0.01378EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2020/07/31 12:0 a.m.51 views

WebKitGTK+: Multiple vulnerabilities

Background WebKitGTK+ is a full-featured port of the WebKit rendering engine, suitable for projects requiring any kind of web integration, from hybrid HTML/CSS applications to full-fledged web browsers. Description Multiple vulnerabilities have been discovered in WebKitGTK+. Please review the CVE...

9.8CVSS1.9AI score0.04138EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2020/07/27 12:0 a.m.51 views

Libreswan: Denial of service

Background Libreswan is a free software implementation of the most widely supported and standarized VPN protocol based on “IPsec” and the Internet Key Exchange “IKE”. Description As a result of a bug in handling certain bogus encrypted IKEv1, while building a log message that the packet has been...

7.5CVSS7.7AI score0.03288EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2020/06/15 12:0 a.m.51 views

json-c: Multiple vulnerabilities

Background json-c is a JSON implementation in C. Description Multiple vulnerabilities have been discovered in json-c. Please review the CVE identifiers referenced below for details. Impact A remote/local attacker could send a specially crafted file possibly resulting in a Denial of Service...

7.8CVSS8.3AI score0.01888EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2020/05/14 12:0 a.m.51 views

VLC: Buffer overflow

Background VLC is a cross-platform media player and streaming server. Description A buffer overflow in DecodeBlock in sdlimage.c was discovered. Impact A remote user could craft a specifically crafted image file that could execute arbitrary code or cause denial of service. Workaround The user...

7.8CVSS5.1AI score0.01925EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2017/10/29 12:0 a.m.51 views

Oracle JDK/JRE: Multiple vulnerabilities

Background Java Platform, Standard Edition Java SE lets you develop and deploy Java applications on desktops and servers, as well as in today’s demanding embedded environments. Java offers the rich user interface, performance, versatility, portability, and security that today’s applications...

9.6CVSS8.1AI score0.16181EPSS
Exploits8
Gentoo Linux
Gentoo Linux
added 2017/08/17 12:0 a.m.51 views

TNEF: Multiple vulnerabilities

Background TNEF is a program for unpacking MIME attachments of type “application/ms-tnef”. Description Multiple vulnerabilities have been discovered in TNEF. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to process a specially crafted...

9.8CVSS8.4AI score0.01934EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2017/05/18 12:0 a.m.51 views

GStreamer plug-ins: User-assisted execution of arbitrary code

Background The GStreamer plug-ins provide decoders to the GStreamer open source media framework. Description Multiple vulnerabilities have been discovered in various GStreamer plug-ins. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user or...

9.8CVSS8.1AI score0.09267EPSS
Exploits5
Gentoo Linux
Gentoo Linux
added 2017/02/19 12:0 a.m.51 views

NTFS-3G: Privilege escalation

Background NTFS-3G is a stable, full-featured, read-write NTFS driver for various operating systems. Description The NTFS-3G driver does not properly clear environment variables before invoking mount or umount. This flaw is similar to the vulnerability described in “GLSA-201701-19” and...

7.8CVSS7.8AI score0.02277EPSS
Exploits9
Gentoo Linux
Gentoo Linux
added 2017/01/21 12:0 a.m.51 views

Quagga: Multiple vulnerabilities

Background Quagga is a free routing daemon replacing Zebra supporting RIP, OSPF and BGP. Description Multiple vulnerabilities have been discovered in Quagga. Please review the CVE identifiers referenced below for details. Impact A remote attacker could send a specially crafted packet possibly...

9.8CVSS9.6AI score0.04642EPSS
Exploits0
Total number of security vulnerabilities3816