Lucene search
K
GentooMost viewed

3816 matches found

Gentoo Linux
Gentoo Linux
added 2007/09/23 12:0 a.m.49 views

BEA JRockit: Multiple vulnerabilities

Background BEA JRockit provides tools, utilities, and a complete runtime environment for developing and running applications using the Java programming language. Description An integer overflow vulnerability exists in the embedded ICC profile image parser CVE-2007-2788, an unspecified vulnerabili...

9.3CVSS9.9AI score0.18185EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2007/05/31 12:0 a.m.49 views

Sun JDK/JRE: Multiple vulnerabilities

Background The Sun Java Development Kit JDK and the Sun Java Runtime Environment JRE provide the Sun Java platform. Description An unspecified vulnerability involving an "incorrect use of system classes" was reported by the Fujitsu security team. Additionally, Chris Evans from the Google Security...

10CVSS7.3AI score0.18185EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2006/09/27 12:0 a.m.49 views

OpenSSH: Denial of service

Background OpenSSH is a free suite of applications for the SSH protocol, developed and maintained by the OpenBSD project. Description Tavis Ormandy of the Google Security Team discovered a Denial of Service vulnerability in the SSH protocol version 1 CRC compensation attack detector. Impact A...

7.8CVSS6.7AI score0.34666EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2006/08/01 12:0 a.m.49 views

Apache: Off-by-one flaw in mod_rewrite

Background The Apache HTTP server is one of the most popular web servers on the Internet. The Apache module modrewrite provides a rule-based engine to rewrite requested URLs on the fly. Description An off-by-one flaw has been found in Apache's modrewrite module by Mark Dowd of McAfee Avert Labs...

7.6CVSS6.8AI score0.96436EPSS
Exploits20
Gentoo Linux
Gentoo Linux
added 2004/08/05 12:0 a.m.49 views

libpng: Numerous vulnerabilities

Background libpng is a standard library used to process PNG Portable Network Graphics images. It is used by several other programs, including web browsers and potentially server processes. Description libpng contains numerous vulnerabilities including null pointer dereference errors and boundary...

10CVSS7.5AI score0.82537EPSS
Exploits3
Gentoo Linux
Gentoo Linux
added 2004/07/04 12:0 a.m.49 views

Pure-FTPd: Potential DoS when maximum connections is reached

Background Pure-FTPd is a fast, production-quality and standards-compliant FTP server. Description Pure-FTPd contains a bug in the acceptclient function handling the setup of new connections. Impact When the maximum number of connections is reached an attacker could exploit this vulnerability to...

5CVSS6.3AI score0.02349EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2004/03/17 12:0 a.m.49 views

Multiple OpenSSL Vulnerabilities

Background The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured, and Open Source toolkit implementing the Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 protocols as well as a full-strength general purpose cryptography library...

7.5CVSS7.6AI score0.10424EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2003/10/31 12:0 a.m.49 views

Apache: buffer overflows and a possible information disclosure

Background The Apache HTTP Server is one of the most popular web servers on the Internet. Description Multiple stack-based buffer overflows in modalias and modrewrite allow attackers who can create or edit configuration files including .htaccess files, to cause a denial of service and execute...

10CVSS7.1AI score0.1273EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2024/08/11 12:0 a.m.48 views

Ruby on Rails: Remote Code Execution

Background Ruby on Rails is a free web framework used to develop database-driven web applications. Description Multiple vulnerabilities have been discovered in Ruby on Rails. Please review the CVE identifiers referenced below for details. Impact When serialized columns that use YAML the default a...

9.8CVSS10AI score0.02386EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2024/02/19 12:0 a.m.48 views

intel-microcode: Multiple Vulnerabilities

Background Intel IA32/IA64 microcode update data. Description Multiple vulnerabilities have been discovered in NVIDIA Drivers. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workaround a...

6.8CVSS7.3AI score0.00407EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2023/12/20 12:0 a.m.48 views

Minecraft Server: Remote Code Execution

Background Minecraft Server is the official server for the sandbox video game. Description A vulnerability has been discovered in Minecraft Server. Please review the CVE identifier referenced below for details. Impact Vulnerable Minecraft Server versions include a bundled version of log4j which i...

7.5CVSS7.8AI score0.81147EPSS
Exploits9
Gentoo Linux
Gentoo Linux
added 2023/10/31 12:0 a.m.48 views

ConnMan: Multiple Vulnerabilities

Background ConnMan provides a daemon for managing Internet connections. Description Multiple vulnerabilities have been discovered in ConnMan. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no kno...

9.8CVSS7.6AI score0.02598EPSS
Exploits3
Gentoo Linux
Gentoo Linux
added 2022/10/31 12:0 a.m.48 views

RPM: Multiple Vulnerabilities

Background The Red Hat Package Manager RPM is a command line driven package management system capable of installing, uninstalling, verifying, querying, and updating computer software packages. Description Multiple vulnerabilities have been discovered in RPM. Please review the CVE identifiers...

6.7CVSS2.5AI score0.00491EPSS
Exploits3
Gentoo Linux
Gentoo Linux
added 2022/09/25 12:0 a.m.48 views

Logcheck: Root privilege escalation

Background Logcheck mails anomalies in the system logfiles to the administrator. Description The pkgpostinst phase of the Logcheck ebuilds recursively chown the /etc/logcheck and /var/lib/logcheck directories. If the logcheck adds hardlinks to other files in these directories, the chown call will...

9.8CVSS2.2AI score0.0093EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2020/11/16 12:0 a.m.48 views

MIT Kerberos 5: Denial of service

Background The MIT Kerberos 5 implementation provides a command line telnet client which is used for remote login via the telnet protocol. Description It was discovered that MIT Kerberos network authentication system, krb5, did not properly handle ASN.1-encoded Kerberos messages. Impact A remote...

7.5CVSS3.1AI score0.04365EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2020/08/29 12:0 a.m.48 views

GPL Ghostscript: Multiple vulnerabilities

Background Ghostscript is an interpreter for the PostScript language and for PDF. Description Multiple vulnerabilities have been discovered in GPL Ghostscript. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workarou...

9.8CVSS2.3AI score0.05186EPSS
Exploits25
Gentoo Linux
Gentoo Linux
added 2020/07/27 12:0 a.m.48 views

ReportLab: Arbitrary code execution

Background ReportLab is an Open Source Python library for generating PDFs and graphics. Description ReportLab was found to be mishandling XML documents and may evaluate the contents without checking for their safety. Impact A remote attacker could possibly execute arbitrary code with the privileg...

9.8CVSS3.2AI score0.10231EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2020/05/12 12:0 a.m.48 views

Mozilla Firefox: Multiple vulnerabilities

Background Mozilla Firefox is a popular open-source web browser from the Mozilla Project. Description Multiple vulnerabilities have been discovered in Mozilla Firefox. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to view a specially...

10CVSS4.5AI score0.05803EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2020/03/19 12:0 a.m.48 views

phpMyAdmin: SQL injection

Background phpMyAdmin is a web-based management tool for MySQL databases. Description PhpMyAdmin was vulnerable to an SQL injection attack through the designer feature. Impact An authenticated remote attacker, by specifying a specially crafted database/table name, could trigger an SQL injection...

9.8CVSS3.6AI score0.02579EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2019/08/15 12:0 a.m.48 views

ZeroMQ: Arbitrary code execution

Background Looks like an embeddable networking library but acts like a concurrency framework. Description A buffer overflow was discovered in ZeroMQ. Impact An attacker could possibly execute arbitrary code with the privileges of the process or cause a Denial of Service condition. Workaround Ther...

9.8CVSS4.7AI score0.42464EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2019/04/24 12:0 a.m.48 views

QEMU: Multiple vulnerabilities

Background QEMU is a generic and open source machine emulator and virtualizer. Description Multiple vulnerabilities have been discovered in QEMU. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no...

9.8CVSS2.8AI score0.04428EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2017/12/14 12:0 a.m.48 views

OpenSSL: Multiple vulnerabilities

Background OpenSSL is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security TLS and Secure Sockets Layer SSL protocols. Description Multiple vulnerabilities have been discovered in OpenSSL. Please review the referenced CVE identifiers for details. Impact A remote...

6.5CVSS7.5AI score0.78675EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2017/10/13 12:0 a.m.48 views

Graphite: Multiple vulnerabilities

Background Graphite is a “smart font” system developed specifically to handle the complexities of lesser-known languages of the world. Description Multiple vulnerabilities have been discovered in Graphite. Please review the referenced CVE identifiers for details. Impact A remote attacker could...

9.8CVSS10AI score0.05216EPSS
Exploits6
Gentoo Linux
Gentoo Linux
added 2017/08/21 12:0 a.m.48 views

evilvte: User-assisted execution of arbitrary code

Background VTE based, highly customizable terminal emulator Description Steve Kemp of Debian identified a flaw in evilvte which does not properly validate hypertext links. Please review the Debian bug report referenced below. Impact Remote attackers could execute arbitrary code by enticing a user...

2.4AI score
Exploits0
Gentoo Linux
Gentoo Linux
added 2017/03/28 12:0 a.m.48 views

Deluge: Remote execution of arbitrary code

Background Deluge is a BitTorrent client. Description A CSRF vulnerability was discovered in the web UI of Deluge. Impact A remote attacker could entice a user currently logged in into Deluge web UI to visit a malicious web page which uses forged requests to make Deluge download and install a...

8.8CVSS5.1AI score0.04036EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2017/01/29 12:0 a.m.48 views

Firewalld: Improper authentication methods

Background Firewalld provides a dynamically managed firewall with support for network/firewall zones to define the trust level of network connections or interfaces. Description A flaw in Firewalld allows any locally logged in user to tamper with or change firewall settings. This is due to how...

5.5CVSS1.3AI score0.00364EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2017/01/24 12:0 a.m.48 views

Firejail: Multiple vulnerabilities

Background A SUID program that reduces the risk of security breaches by restricting the running environment of untrusted applications using Linux namespaces and seccomp-bpf. Description Multiple vulnerabilities have been discovered in Firejail. Please review the CVE identifiers referenced below f...

9CVSS8.7AI score0.01937EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2017/01/11 12:0 a.m.48 views

Vim, gVim: Remote execution of arbitrary code

Background Vim is an efficient, highly configurable improved version of the classic ‘vi’ text editor. gVim is the GUI version of Vim. Description Vim and gVim do not properly validate values for the ‘filetype’, ‘syntax’, and ‘keymap’ options. Impact A remote attacker could entice a user to open a...

7.8CVSS7.3AI score0.25314EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2016/12/13 12:0 a.m.48 views

elfutils: Heap-based buffer overflow

Background Elfutils provides a library and utilities to access, modify and analyse ELF objects. Description An integer overflow, in the checksection function of dwarfbeginelf.c, in the libdw library can lead to a heap-based buffer overflow. Impact A remote attacker could entice a user to open a...

6.8CVSS7.1AI score0.04031EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2016/12/08 12:0 a.m.48 views

SQLite: Multiple vulnerabilities

Background SQLite is a C library that implements an SQL database engine. Description Multiple vulnerabilities have been discovered in SQLite. Please review the CVE identifiers referenced below for details. Impact A remote attacker could possibly execute arbitrary code with the privileges of the...

7.5CVSS8.2AI score0.39286EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2016/11/15 12:0 a.m.48 views

libpng: Multiple vulnerabilities

Background libpng is a standard library used to process PNG Portable Network Graphics images. It is used by several other programs, including web browsers and potentially server processes. Description Multiple vulnerabilities were found in libpng. Please review the referenced CVE’s for additional...

9.3CVSS8.4AI score0.10339EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2015/05/31 12:0 a.m.48 views

phpMyAdmin: Multiple vulnerabilities

Background phpMyAdmin is a web-based management tool for MySQL databases. Description Multiple vulnerabilities have been discovered in phpMyAdmin. Please review the CVE identifiers referenced below for details. Impact A remote authenticated attacker could exploit these vulnerabilities to include...

6.5CVSS7AI score0.02725EPSS
Exploits3
Gentoo Linux
Gentoo Linux
added 2014/06/30 12:0 a.m.48 views

Openfire: Multiple vulnerabilities

Background Openfire is a real time collaboration RTC server. Description Multiple vulnerabilities have been discovered in Openfire. Please review the CVE identifiers referenced below for details. Impact A remote attacker could possibly cause a Denial of Service condition or bypass security...

7.8CVSS6.9AI score0.03774EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2014/06/26 12:0 a.m.48 views

polkit, Spice-Gtk, systemd, HPLIP, libvirt: Privilege escalation

Background polkit is a toolkit for managing policies relating to unprivileged processes communicating with privileged processes. Description polkit has a race condition which potentially allows a process to change its UID/EUID via suid or pkexec before authentication is completed. Impact A local...

7.2CVSS7.1AI score0.00419EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2014/05/23 12:0 a.m.48 views

LibYAML: Arbitrary code execution

Background LibYAML is a YAML 1.1 parser and emitter written in C. Description The yamlparserscanuriescapes function does not properly expand strings passed as input, which can result in a heap-based buffer overflow. Impact An attacker could provide a specially-crafted YAML document, which, when...

6.8CVSS8.1AI score0.09264EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2014/05/18 12:0 a.m.48 views

Pidgin: Multiple vulnerabilities

Background Pidgin is a GTK Instant Messenger client for a variety of instant messaging protocols. Description Multiple vulnerabilities have been discovered in Pidgin. Please review the CVE identifiers referenced below for details. Impact A remote attacker could possibly execute arbitrary code wit...

10CVSS7.8AI score0.14809EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2014/04/07 12:0 a.m.48 views

Crack: Arbitrary code execution

Background Crack is a really simple JSON and XML parsing Ruby gem, ripped from Merb and Rails. Description An XML parameter parsing vulnerability has been discovered in Crack. Impact A remote attacker could execute arbitrary code with the privileges of the process, cause a Denial of Service...

7.5CVSS7.3AI score0.04952EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2013/09/12 12:0 a.m.48 views

pip: Multiple vulnerabilities

Background pip is a tool for installing and managing Python packages. Description Multiple vulnerabilities have been discovered in pip. Please review the CVE identifiers referenced below for details. Impact A remote attacker could conduct a Man-in-the-Middle attack to cause pip to execute arbitra...

6.8CVSS7.3AI score0.06217EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2013/08/28 12:0 a.m.48 views

Wireshark: Multiple vulnerabilities

Background Wireshark is a versatile network protocol analyzer. Description Multiple vulnerabilities have been discovered in Wireshark. Please review the CVE identifiers referenced below for details. Impact A remote attacker could possibly execute arbitrary code with the privileges of the process ...

8.3CVSS8AI score0.60643EPSS
Exploits28
Gentoo Linux
Gentoo Linux
added 2013/04/08 12:0 a.m.48 views

NVIDIA Drivers: Privilege escalation

Background The NVIDIA drivers provide X11 and GLX support for NVIDIA graphic boards. Description Two vulnerabilities have been discovered in NVIDIA drivers: A vulnerability has been found in the way NVIDIA drivers handle read/write access to GPU device nodes, allowing access to arbitrary system...

7.2CVSS7.3AI score0.04807EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2012/11/08 12:0 a.m.48 views

MantisBT: Multiple vulnerabilities

Background MantisBT is a PHP/MySQL/Web based bugtracking system. Description Multiple vulnerabilities have been discovered in MantisBT. Please review the CVE identifiers referenced below for details. Impact A remote attacker could exploit these vulnerabilities to conduct directory traversal...

7.5CVSS7.1AI score0.09296EPSS
Exploits18
Gentoo Linux
Gentoo Linux
added 2010/09/07 12:0 a.m.48 views

Adobe Reader: Multiple vulnerabilities

Background Adobe Reader formerly Adobe Acrobat Reader is a closed-source PDF reader. Description Multiple vulnerabilities were discovered in Adobe Reader. For further information please consult the CVE entries and the Adobe Security Bulletins referenced below. Impact A remote attacker might entic...

10CVSS9.7AI score0.88246EPSS
Exploits74
Gentoo Linux
Gentoo Linux
added 2010/01/13 12:0 a.m.48 views

net-snmp: Authorization bypass

Background net-snmp bundles software for generating and retrieving SNMP data. Description The netsnmpudpfmtaddr function snmplib/snmpUDPDomain.c, when using TCP wrappers for client authorization, does not properly parse hosts.allow rules. Impact A remote, unauthenticated attacker could bypass the...

5CVSS6.9AI score0.0292EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2009/08/07 12:0 a.m.48 views

Adobe products: Multiple vulnerabilities

Background Adobe Flash Player is a closed-source playback software for Flash SWF files. Adobe Reader is a closed-source PDF reader that plays Flash content as well. Description Multiple vulnerabilities have been reported in Adobe Flash Player: lakehu of Tencent Security Center reported an...

9.3CVSS8.9AI score0.25006EPSS
Exploits6
Gentoo Linux
Gentoo Linux
added 2009/04/07 12:0 a.m.48 views

OpenSSL: Denial of service

Background OpenSSL is an Open Source toolkit implementing the Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 as well as a general purpose cryptography library. Description The ASN1STRINGprintex function does not properly check the provided length of a BMPString or...

5CVSS3.3AI score0.06194EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2009/03/25 12:0 a.m.48 views

pam_krb5: Privilege escalation

Background pamkrb5 is a a Kerberos v5 PAM module. Description The following vulnerabilities were discovered: pamkrb5 does not properly initialize the Kerberos libraries for setuid use CVE-2009-0360. Derek Chan reported that calls to pamsetcred are not properly handled when running setuid...

6.2CVSS9.8AI score0.00695EPSS
Exploits7
Gentoo Linux
Gentoo Linux
added 2008/05/20 12:0 a.m.48 views

Mozilla products: Multiple vulnerabilities

Background Mozilla Firefox is an open-source web browser and Mozilla Thunderbird an open-source email client, both from the Mozilla Project. The SeaMonkey project is a community effort to deliver production-quality releases of code derived from the application formerly known as the 'Mozilla...

9.3CVSS10AI score0.08633EPSS
Exploits10
Gentoo Linux
Gentoo Linux
added 2007/06/19 12:0 a.m.48 views

Mozilla products: Multiple vulnerabilities

Background Mozilla Firefox is an open-source web browser from the Mozilla Project, and Mozilla Thunderbird an email client. The SeaMonkey project is a community effort to deliver production-quality releases of code derived from the application formerly known as the 'Mozilla Application Suite'...

9.3CVSS6.9AI score0.07831EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2007/04/03 12:0 a.m.48 views

MIT Kerberos 5: Arbitrary remote code execution

Background MIT Kerberos 5 is a suite of applications that implement the Kerberos network protocol. Description The Kerberos telnet daemon fails to properly handle usernames allowing unauthorized access to any account CVE-2007-0956. The Kerberos administration daemon, the KDC and possibly other...

10CVSS7.7AI score0.29842EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2007/03/18 12:0 a.m.48 views

ulogd: Remote execution of arbitrary code

Background ulogd is a userspace daemon for netfilter related logging. Description SUSE reported unspecified buffer overflows in ulogd involving the calculation of string lengths. Impact A remote attacker could trigger a possible buffer overflow through unspecified vectors, potentially leading to...

10CVSS7.3AI score0.02555EPSS
Exploits0
Total number of security vulnerabilities3816