Lucene search
K
GentooMost viewed

3816 matches found

Gentoo Linux
Gentoo Linux
added 2008/07/21 12:0 a.m.51 views

BitchX: Multiple vulnerabilities

Background BitchX is an IRC client. Description bannedit reported a boundary error when handling overly long IRC MODE messages CVE-2007-4584. Nico Golde reported an insecure creation of a temporary file within the ehostname function CVE-2007-5839. Impact A remote attacker could entice a user to...

10CVSS6.8AI score0.14686EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2007/08/16 12:0 a.m.51 views

Lighttpd: Multiple vulnerabilities

Background Lighttpd is a lightweight HTTP web server. Description Stefan Esser discovered errors with evidence of memory corruption in the code parsing the headers. Several independent researchers also reported errors involving the handling of HTTP headers, the modauth and modscgi modules, and th...

8.3CVSS7.3AI score0.08072EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2006/11/17 12:0 a.m.51 views

libpng: Denial of service

Background libpng is a free ANSI C library used to process and manipulate PNG images. Description Tavis Ormandy of the Gentoo Linux Security Audit Team discovered that a vulnerability exists in the sPLT chunk handling code of libpng, a large sPLT chunk may cause an application to attempt to read...

2.6CVSS6.4AI score0.01729EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2006/08/03 12:0 a.m.51 views

Mozilla Firefox: Multiple vulnerabilities

Background Mozilla Firefox is a redesign of the Mozilla Navigator component. The goal is to produce a cross-platform stand-alone browser application. Description The following vulnerabilities have been reported: Benjamin Smedberg discovered that chrome URL's could be made to reference remote file...

7.5CVSS7.3AI score0.78359EPSS
Exploits11
Gentoo Linux
Gentoo Linux
added 2006/01/04 12:0 a.m.51 views

KPdf, KWord: Multiple overflows in included Xpdf code

Background KPdf is a KDE-based PDF viewer included in the kdegraphics package. KWord is a KDE-based word processor also included in the koffice package. Description KPdf and KWord both include Xpdf code to handle PDF files. This Xpdf code is vulnerable to several heap overflows GLSA 200512-08 as...

10CVSS9.2AI score0.0614EPSS
Exploits5
Gentoo Linux
Gentoo Linux
added 2005/09/17 12:0 a.m.51 views

Py2Play: Remote execution of arbitrary Python code

Background Py2Play is a peer-to-peer network game engine written in Python. Pickling is a Python feature allowing to serialize Python objects into string representations called pickles that can be sent over the network. Description Arc Riley discovered that Py2Play uses Python pickles to send...

7.5CVSS6.8AI score0.0189EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2005/09/05 12:0 a.m.51 views

OpenTTD: Format string vulnerabilities

Background OpenTTD is an open source clone of the simulation game "Transport Tycoon Deluxe" by Microprose. Description Alexey Dobriyan discovered several format string vulnerabilities in OpenTTD. Impact A remote attacker could exploit these vulnerabilities to crash the OpenTTD server or client an...

7.5CVSS7.5AI score0.02916EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2004/05/13 12:0 a.m.51 views

Utempter symlink vulnerability

Background Utempter is an application that allows non-privileged apps to write utmp login info, which otherwise needs root access. Description Utempter contains a vulnerability that may allow local users to overwrite arbitrary files via a symlink attack. Impact This vulnerability may allow...

2.1CVSS6.3AI score0.01095EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2004/04/19 12:0 a.m.51 views

Multiple format string vulnerabilities in cadaver

Background According to http://www.webdav.org/cadaver, cadaver is a command-line WebDAV client for Unix. It supports file upload, download, on-screen display, namespace operations move/copy, collection creation and deletion, and locking operations. Description Cadaver code includes the neon...

6.8CVSS7.2AI score0.11056EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2023/12/23 12:0 a.m.50 views

FFmpeg: Multiple Vulnerabilities

Background FFmpeg is a complete solution to record, convert and stream audio and video. Description Multiple vulnerabilities have been discovered in FFmpeg. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround...

9.8CVSS7.3AI score0.0347EPSS
Exploits3
Gentoo Linux
Gentoo Linux
added 2023/05/30 12:0 a.m.50 views

squashfs-tools: Multiple Vulnerabilities

Background Squashfs is a compressed read-only filesystem for Linux. Squashfs is intended for general read-only filesystem use, for archival use i.e. in cases where a .tar.gz file may be used, and in constrained block device/memory systems e.g. embedded systems where low overhead is needed...

8.1CVSS7.3AI score0.025EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2022/10/16 12:0 a.m.50 views

libxml2: Multiple Vulnerabilities

Background libxml2 is the XML C parser and toolkit developed for the GNOME project. Description Multiple vulnerabilities have been discovered in libxml2. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround The...

7.5CVSS2.5AI score0.0601EPSS
Exploits5
Gentoo Linux
Gentoo Linux
added 2020/11/11 12:0 a.m.50 views

Wireshark: Multiple vulnerabilities

Background Wireshark is a network protocol analyzer formerly known as ethereal. Description Multiple vulnerabilities have been discovered in Wireshark. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There...

7.5CVSS3.4AI score0.03116EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2020/10/20 12:0 a.m.50 views

Ark: Arbitrary code execution

Background Ark is a graphical file compression/decompression utility with support for multiple formats. Description It was discovered that Ark incorrectly handled symbolic links in tar archive files. Impact A remote attacker could entice a user to open a specially crafted archive using Ark,...

4.3CVSS3.5AI score0.01496EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2020/10/20 12:0 a.m.50 views

libjpeg-turbo: Information disclosure

Background libjpeg-turbo is a MMX, SSE, and SSE2 SIMD accelerated JPEG library. Description It was discovered that libjpeg-turbo incorrectly handled certain PPM files. Impact A remote attacker could entice a user to open a specially crafted PPM file using an application linked against...

8.1CVSS2.9AI score0.03205EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2020/09/29 12:0 a.m.50 views

Xen: Buffer overflow

Background Xen is a bare-metal hypervisor. Description An out-of-bounds read/write access issue was found in the USB emulator when using QEMU. Impact A remote attacker could possibly execute arbitrary code with the privileges of the process or cause a Denial of Service condition. Workaround There...

5CVSS4.1AI score0.05447EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2020/08/27 12:0 a.m.50 views

Mozilla Firefox, Mozilla Thunderbird: Multiple vulnerabilities

Background Mozilla Firefox is a popular open-source web browser from the Mozilla Project. Mozilla Thunderbird is a popular open-source email client from the Mozilla project. Description Multiple vulnerabilities have been discovered in Mozilla Firefox and Mozilla Thunderbird. Please review the CVE...

8.8CVSS2.9AI score0.01378EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2020/07/31 12:0 a.m.50 views

WebKitGTK+: Multiple vulnerabilities

Background WebKitGTK+ is a full-featured port of the WebKit rendering engine, suitable for projects requiring any kind of web integration, from hybrid HTML/CSS applications to full-fledged web browsers. Description Multiple vulnerabilities have been discovered in WebKitGTK+. Please review the CVE...

9.8CVSS1.9AI score0.04138EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2020/07/27 12:0 a.m.50 views

GLib Networking: Improper certificate validation

Background Network-related giomodules for glib Description GTlsClientConnection skips hostname verification of the server’s TLS certificate if the application fails to specify the expected server identity. Impact There may be a breach of integrity or confidentiality in connections made using GLib...

6.5CVSS6.9AI score0.01933EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2020/07/27 12:0 a.m.50 views

Libreswan: Denial of service

Background Libreswan is a free software implementation of the most widely supported and standarized VPN protocol based on “IPsec” and the Internet Key Exchange “IKE”. Description As a result of a bug in handling certain bogus encrypted IKEv1, while building a log message that the packet has been...

7.5CVSS7.7AI score0.03288EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2020/06/15 12:0 a.m.50 views

json-c: Multiple vulnerabilities

Background json-c is a JSON implementation in C. Description Multiple vulnerabilities have been discovered in json-c. Please review the CVE identifiers referenced below for details. Impact A remote/local attacker could send a specially crafted file possibly resulting in a Denial of Service...

7.8CVSS8.3AI score0.01888EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2019/08/15 12:0 a.m.50 views

Chromium, Google Chrome: Multiple vulnerabilities

Background Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web. Google Chrome is one fast, simple, and secure browser for all your devices. Description Multiple vulnerabilities have been discovered in Chromium and...

9.6CVSS1.8AI score0.34292EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2019/08/15 12:0 a.m.50 views

GNU Wget: Arbitrary code execution

Background GNU Wget is a free software package for retrieving files using HTTP, HTTPS and FTP, the most widely-used Internet protocols. Description A buffer overflow was discovered in GNU’s Wget. Impact An attacker could possibly execute arbitrary code with the privileges of the process or cause ...

9.8CVSS10AI score0.05751EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2017/11/11 12:0 a.m.50 views

GNU Wget: Multiple vulnerabilities

Background GNU Wget is a free software package for retrieving files using HTTP, HTTPS and FTP, the most widely-used Internet protocols. Description Multiple vulnerabilities have been discovered in Wget. Please review the referenced CVE identifiers for details. Impact A remote attacker, by enticin...

9.3CVSS9.6AI score0.79855EPSS
Exploits3
Gentoo Linux
Gentoo Linux
added 2017/06/06 12:0 a.m.50 views

Git: Security bypass

Background Git is a free and open source distributed version control system designed to handle everything from small to very large projects with speed and efficiency. Description Timo Schmid discovered that the Git restricted shell incorrectly filtered allowed commands. Impact A remote attacker...

8.8CVSS2.1AI score0.12387EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2017/06/06 12:0 a.m.50 views

FileZilla: Buffer overflow

Background FileZilla is an open source FTP client. Description FileZilla is affected by the same vulnerability as reported in “GLSA 201703-03” because the package included a vulnerable copy of PuTTY. Please read the GLSA for PuTTY referenced below for details. Impact A remote attacker, utilizing...

9.8CVSS9.8AI score0.21816EPSS
Exploits4
Gentoo Linux
Gentoo Linux
added 2017/02/17 12:0 a.m.50 views

ImageMagick: Multiple vulnerabilities

Background ImageMagick is a collection of tools and libraries for many image formats. Description Multiple vulnerabilities have been discovered in ImageMagick. Please review the CVE identifiers referenced below for details. Impact A remote attacker, by enticing a user to process a specially craft...

9.8CVSS9AI score0.05959EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2016/12/13 12:0 a.m.50 views

TigerVNC: Integer overflow

Background TigerVNC is a high-performance VNC server/client. Description TigerVNC is impacted by the same vulnerability as found in CVE-2014-6051. An integer overflow, leading to a heap-based buffer overflow, was found in the way screen sizes were handled. Impact A remote attacker, utilizing a...

7.5CVSS9.3AI score0.08272EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2016/12/11 12:0 a.m.50 views

Docker: Privilege escalation

Background Docker is the world’s leading software containerization platform. Description Docker does not properly distinguish between numeric UIDs and string usernames. Impact Local attackers could possibly escalate their privileges. Workaround There is no known workaround at this time. Resolutio...

7.8CVSS7.8AI score0.00388EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2016/12/05 12:0 a.m.50 views

nghttp2: Denial of service

Background Nghttp2 is an implementation of HTTP/2 and its header compression algorithm HPACK in C. Description Nghttpd, nghttp, and libnghttp2asio applications do not limit the memory usage for the incoming HTTP header field. If a peer sends a specially crafted HTTP/2 HEADERS frame and CONTINUATI...

3.3CVSS2.4AI score0.00886EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2016/12/04 12:0 a.m.50 views

LinuxCIFS utils: Buffer overflow

Background The LinuxCIFS utils are a collection of tools for managing Linux CIFS Client Filesystems. Description A stack-based buffer overflow was discovered in cifskey.c or cifscreds.c in LinuxCIFS, as used in “pamcifscreds.” Impact A remote attacker could exploit this vulnerability to cause an...

10CVSS7AI score0.05178EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2016/10/29 12:0 a.m.50 views

Adobe Flash Player: Multiple vulnerabilities

Background The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Description Multiple vulnerabilities have been discovered in Adobe Flash Player. Please review the CVE identifiers referenced below for details. Impact A remote attacke...

9.3CVSS3.2AI score0.25198EPSS
Exploits6
Gentoo Linux
Gentoo Linux
added 2016/01/26 12:0 a.m.50 views

Adobe Flash Player: Multiple vulnerabilities

Background The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Description Multiple vulnerabilities have been discovered in Adobe Flash Player. Please review the CVE identifiers referenced below for details. Impact A remote attacke...

10CVSS10AI score0.67922EPSS
Exploits21
Gentoo Linux
Gentoo Linux
added 2015/03/18 12:0 a.m.50 views

Python: Multiple vulnerabilities

Background Python is an interpreted, interactive, object-oriented programming language. Description Multiple vulnerabilities have been discovered in Python. Please review the CVE identifiers referenced below for details. Impact A context-dependent attacker may be able to execute arbitrary code or...

7.5CVSS9.5AI score0.28319EPSS
Exploits12
Gentoo Linux
Gentoo Linux
added 2015/02/07 12:0 a.m.50 views

Libav: Multiple vulnerabilities

Background Libav is a complete solution to record, convert and stream audio and video. Description Multiple vulnerabilities have been discovered in Libav. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to open a specially crafted media...

9.3CVSS8.3AI score0.05739EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2014/12/24 12:0 a.m.50 views

libvirt: Denial of service

Background libvirt is a C toolkit for manipulating virtual machines. Description Multiple vulnerabilities have been discovered in libvirt. Please review the CVE identifiers referenced below for details. Impact A context-dependent attacker may be able to cause Denial of Service. Workaround There i...

4CVSS6.8AI score0.01461EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2014/08/30 12:0 a.m.50 views

Chromium: Multiple vulnerabilities

Background Chromium is an open-source web browser project. Description Multiple vulnerabilities have been discovered in Chromium. Please review the CVE identifiers referenced below for details. Impact A remote attacker could conduct a number of attacks which include: cross site scripting attacks,...

10CVSS7.5AI score0.09758EPSS
Exploits14
Gentoo Linux
Gentoo Linux
added 2014/06/15 12:0 a.m.50 views

memcached: Multiple vulnerabilities

Background memcached is a high-performance, distributed memory object caching system Description memcached authentication could be bypassed when using SASL due to a flaw related to SASL authentication state. Also several heap-based buffer overflows due to integer conversions when parsing certain...

10CVSS10AI score0.22317EPSS
Exploits7
Gentoo Linux
Gentoo Linux
added 2014/04/08 12:0 a.m.50 views

OpenSSL: Information Disclosure

Background OpenSSL is an Open Source toolkit implementing the Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 as well as a general purpose cryptography library. Description Multiple vulnerabilities have been found in OpenSSL: OpenSSL incorrectly handles memory in the TLS...

7.5CVSS7.9AI score0.99999EPSS
Exploits89
Gentoo Linux
Gentoo Linux
added 2014/01/06 12:0 a.m.50 views

Python: Multiple vulnerabilities

Background Python is an interpreted, interactive, object-oriented programming language. Description Multiple vulnerabilities have been discovered in Python. Please review the CVE identifiers referenced below for details. Impact A remote attacker could possibly cause a Denial of Service condition ...

5CVSS8.1AI score0.14643EPSS
Exploits7
Gentoo Linux
Gentoo Linux
added 2013/11/10 12:0 a.m.50 views

GIMP: Multiple vulnerabilities

Background GIMP is the GNU Image Manipulation Program. Description Multiple vulnerabilities have been discovered in GIMP. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to open a specially crafted KiSS palette, GIF image or XWD file...

7.5CVSS7.5AI score0.06813EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2013/10/28 12:0 a.m.50 views

MediaWiki: Multiple vulnerabilities

Background The MediaWiki wiki web application as used on wikipedia.org. Description Multiple vulnerabilities have been discovered in MediaWiki. Please review the CVE identifiers referenced below for details. Impact A remote attacker may be able to execute arbitrary code, perform man-in-the-middle...

7.5CVSS7.3AI score0.02683EPSS
Exploits4
Gentoo Linux
Gentoo Linux
added 2013/10/17 12:0 a.m.50 views

PolarSSL: Multiple vulnerabilities

Background PolarSSL is a cryptographic library for embedded systems. Description Multiple vulnerabilities have been discovered in PolarSSL. Please review the CVE identifiers referenced below for details. Impact A remote attacker might be able to cause Denial of Service, conduct a man-in-the middl...

7.4CVSS7.5AI score0.35584EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2013/09/26 12:0 a.m.50 views

klibc: Command Injection

Background klibc is a minimalistic libc used for making an initramfs. Description The ipconfig utility in klibc writes DHCP options to /tmp/net-$DEVICE.conf, and this file is later sourced by other scripts to get defined variables. The options written to this file are not properly escaped. Impact...

10CVSS3AI score0.20533EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2012/04/17 12:0 a.m.50 views

PolicyKit: Multiple vulnerabilities

Background PolicyKit is a toolkit for controlling privileges for system-wide services. Description Multiple vulnerabilities have been found in PolicyKit: Error messages in the pkexec utility disclose the existence of local files CVE-2010-0750. The pkexec utility initially checks the effective use...

6.9CVSS7.3AI score0.05246EPSS
Exploits18
Gentoo Linux
Gentoo Linux
added 2011/11/01 12:0 a.m.50 views

Chromium, V8: Multiple vulnerabilities

Background Chromium is an open-source web browser project. V8 is Google's open source JavaScript engine. Description Multiple vulnerabilities have been discovered in Chromium and V8. Please review the CVE identifiers and release notes referenced below for details. Impact A local attacker could ga...

7.5CVSS9.2AI score0.0369EPSS
Exploits7
Gentoo Linux
Gentoo Linux
added 2011/10/13 12:0 a.m.50 views

Adobe Flash Player: Multiple vulnerabilities

Background The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Description Multiple vulnerabilities have been discovered in Adobe Flash Player. Please review the CVE identifiers and Adobe Security Advisories and Bulletins reference...

10CVSS4.1AI score0.9941EPSS
Exploits59
Gentoo Linux
Gentoo Linux
added 2011/10/10 12:0 a.m.50 views

Bugzilla: Multiple vulnerabilities

Background Bugzilla is the bug-tracking system from the Mozilla project. Description Multiple vulnerabilities have been discovered in Bugzilla. Please review the CVE identifiers referenced below for details. Impact A remote attacker could conduct cross-site scripting attacks, conduct script...

7.5CVSS9.5AI score0.02713EPSS
Exploits5
Gentoo Linux
Gentoo Linux
added 2009/04/14 12:0 a.m.50 views

F-PROT Antivirus: Multiple Denial of Service vulnerabilities

Background F-PROT Antivirus is a multi-platform virus scanner for workstations and mail servers. Description The following vulnerabilities were found: Multiple errors when processing UPX, ASPack or Microsoft Office files CVE-2008-3243. Infinite Sergio Alvarez of n.runs AG reported an invalid memo...

5CVSS6.7AI score0.03059EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2008/07/31 12:0 a.m.50 views

Linux Audit: Buffer overflow

Background Linux Audit is a set of userspace utilities for storing and processing auditing records. Description A stack-based buffer overflow has been reported in the auditlogusercommand function in the file lib/auditlogging.c when processing overly long arguments. Impact A local attacker could...

4.1CVSS7.3AI score0.01047EPSS
Exploits0
Total number of security vulnerabilities3816