Lucene search
K
GentooMost viewed

3816 matches found

Gentoo Linux
Gentoo Linux
added 2003/11/15 12:0 a.m.48 views

kdebase: KDM vulnerabilities

Background KDM is the desktop manager included with the K Desktop Environment. Description Firstly, versions of KDM =kde-base/kde-3.1.4' emerge '=kde-base/kde-3.1.4' emerge clean...

10CVSS6.8AI score0.02678EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2024/05/04 12:0 a.m.47 views

ImageMagick: Multiple Vulnerabilities

Background ImageMagick is a software suite to create, edit, and compose bitmap images, that can also read, write, and convert images in many other formats. Description Multiple vulnerabilities have been discovered in ImageMagick. Please review the CVE identifiers referenced below for details...

7.8CVSS7.1AI score0.89855EPSS
Exploits37
Gentoo Linux
Gentoo Linux
added 2023/12/23 12:0 a.m.47 views

SABnzbd: Remote Code Execution

Background Free and easy binary newsreader with web interface. Description A vulnerability has been discovered in SABnzbd. Please review the CVE identifier referenced below for details. Impact A design flaw was discovered in SABnzbd that could allow remote code execution. Manipulating the...

9.8CVSS8.5AI score0.01731EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2023/12/22 12:0 a.m.47 views

Exiv2: Multiple Vulnerabilities

Background Exiv2 is a C++ library and set of tools for parsing, editing and saving Exif and IPTC metadata from images. Exif, the Exchangeable image file format, specifies the addition of metadata tags to JPEG, TIFF and RIFF files. Description Multiple vulnerabilities have been discovered in Exiv2...

8.8CVSS7.7AI score0.02555EPSS
Exploits7
Gentoo Linux
Gentoo Linux
added 2022/09/25 12:0 a.m.47 views

Oracle JDK/JRE: Multiple vulnerabilities

Background Java Platform, Standard Edition Java SE lets you develop and deploy Java applications on desktops and servers, as well as in today's demanding embedded environments. Java offers the rich user interface, performance, versatility, portability, and security that today's applications...

8.3CVSS2AI score0.0623EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2022/08/14 12:0 a.m.47 views

GNU Binutils: Multiple Vulnerabilities

Background The GNU Binutils are a collection of tools to create, modify and analyse binary files. Many of the files use BFD, the Binary File Descriptor library, to do low-level manipulation. Description Multiple vulnerabilities have been discovered in GNU Binutils. Please review the CVE identifie...

7.8CVSS1.8AI score0.03412EPSS
Exploits4
Gentoo Linux
Gentoo Linux
added 2020/07/28 12:0 a.m.47 views

FFmpeg: Multiple vulnerabilities

Background FFmpeg is a complete, cross-platform solution to record, convert and stream audio and video. Description Multiple vulnerabilities have been discovered in FFmpeg. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for...

10CVSS3.2AI score0.03756EPSS
Exploits4
Gentoo Linux
Gentoo Linux
added 2020/07/27 12:0 a.m.47 views

Okular: Local restricted command execution

Background Okular is a universal document viewer based on KPDF. Description A logic error was discovered in Okular, which results in trusting action links within a PDF, possibly allowing execution of a binary. Impact A remote attacker could entice a user to open a specially crafted PDF using...

6.8CVSS4.6AI score0.01452EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2020/07/27 12:0 a.m.47 views

DjVu: Multiple vulnerabilities

Background DjVu is a web-centric format and software platform for distributing documents and images. Description Multiple vulnerabilities have been discovered in DjVu. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details...

5.5CVSS2.6AI score0.0185EPSS
Exploits4
Gentoo Linux
Gentoo Linux
added 2020/04/30 12:0 a.m.47 views

FontForge: Multiple vulnerabilities

Background FontForge is a PostScript font editor and converter. Description Multiple vulnerabilities have been discovered in FontForge. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to open a specially crafted font using FontForge,...

9.8CVSS3.8AI score0.02653EPSS
Exploits3
Gentoo Linux
Gentoo Linux
added 2020/03/30 12:0 a.m.47 views

GNU Screen: Buffer overflow

Background GNU Screen is a full-screen window manager that multiplexes a physical terminal between several processes, typically interactive shells. Description A buffer overflow was found in the way GNU Screen treated the special escape OSC 49. Impact A remote attacker, by writing a specially...

9.8CVSS4.9AI score0.0264EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2019/08/15 12:0 a.m.47 views

ZeroMQ: Arbitrary code execution

Background Looks like an embeddable networking library but acts like a concurrency framework. Description A buffer overflow was discovered in ZeroMQ. Impact An attacker could possibly execute arbitrary code with the privileges of the process or cause a Denial of Service condition. Workaround Ther...

9.8CVSS4.7AI score0.42464EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2019/04/24 12:0 a.m.47 views

QEMU: Multiple vulnerabilities

Background QEMU is a generic and open source machine emulator and virtualizer. Description Multiple vulnerabilities have been discovered in QEMU. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no...

9.8CVSS2.8AI score0.04428EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2018/03/28 12:0 a.m.47 views

Mozilla Thunderbird: Multiple vulnerabilities

Background Mozilla Thunderbird is a popular open-source email client from the Mozilla project. Description Multiple vulnerabilities have been discovered in Mozilla Thunderbird. Please review the referenced Mozilla Foundation Security Advisories and CVE identifiers below for details. Impact A remo...

10CVSS9.1AI score0.07439EPSS
Exploits17
Gentoo Linux
Gentoo Linux
added 2017/12/14 12:0 a.m.47 views

OpenSSL: Multiple vulnerabilities

Background OpenSSL is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security TLS and Secure Sockets Layer SSL protocols. Description Multiple vulnerabilities have been discovered in OpenSSL. Please review the referenced CVE identifiers for details. Impact A remote...

6.5CVSS7.5AI score0.78675EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2017/10/13 12:0 a.m.47 views

Graphite: Multiple vulnerabilities

Background Graphite is a “smart font” system developed specifically to handle the complexities of lesser-known languages of the world. Description Multiple vulnerabilities have been discovered in Graphite. Please review the referenced CVE identifiers for details. Impact A remote attacker could...

9.8CVSS10AI score0.05216EPSS
Exploits6
Gentoo Linux
Gentoo Linux
added 2017/06/06 12:0 a.m.47 views

MuPDF: Multiple vulnerabilities

Background A lightweight PDF, XPS, and E-book viewer. Description Multiple vulnerabilities have been discovered in MuPDF. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to process a specially crafted PDF document or image using MuPDF,...

7.8CVSS7.3AI score0.15181EPSS
Exploits7
Gentoo Linux
Gentoo Linux
added 2017/05/09 12:0 a.m.47 views

FFmpeg: Multiple vulnerabilities

Background FFmpeg is a complete, cross-platform solution to record, convert and stream audio and video. Description Multiple vulnerabilities have been discovered in FFmpeg. Please review the CVE identifiers referenced below for details. gst-plugins-libav is affected because this package is bundli...

5.5CVSS8.2AI score0.01119EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2017/02/19 12:0 a.m.47 views

MuPDF: Multiple vulnerabilities

Background A lightweight PDF, XPS, and E-book viewer. Description Multiple vulnerabilities have been discovered in MuPDF. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to open a specially crafted PDF document using MuPDF possibly...

9.8CVSS8AI score0.03772EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2017/01/31 12:0 a.m.47 views

Ansible: Remote execution of arbitrary code

Background Ansible is a radically simple IT automation platform. Description An input validation vulnerability was found in Ansible’s handling of data sent from client systems. Impact An attacker with control over a client system being managed by Ansible and the ability to send facts back to the...

9.3CVSS7.7AI score0.1765EPSS
Exploits5
Gentoo Linux
Gentoo Linux
added 2017/01/29 12:0 a.m.47 views

Ark: Unintended execution of scripts and executable files

Background Ark is a graphical file compression/decompression utility with support for multiple formats. Description A vulnerability was discovered in how Ark handles executable files while browsing a compressed archive. A user could unintentionally execute a malicious script which has the...

7.8CVSS8.1AI score0.03118EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2016/12/06 12:0 a.m.47 views

util-linux: Arbitrary code execution

Background util-linux is a suite of Linux programs including mount and umount, programs used to mount and unmount filesystems. Description A command injection flaw was discovered in util-linux’s “blkid” utility. It uses caching files /dev/.blkid.tab or /run/blkid/blkid.tab to store info about the...

7.8CVSS6.6AI score0.00648EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2016/12/02 12:0 a.m.47 views

GnuPG: RNG output is predictable

Background The GNU Privacy Guard, GnuPG, is a free replacement for the PGP suite of cryptographic software. Description A long standing bug since 1998 in Libgcrypt see “GLSA 201610-04” below and GnuPG allows an attacker to predict the output from the standard RNG. Please review the “Entropy Loss...

5.3CVSS6AI score0.03597EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2016/11/01 12:0 a.m.47 views

OpenVPN: Multiple vulnerabilities

Background OpenVPN is a multi-platform, full-featured SSL VPN solution. Description Multiple vulnerabilities have been discovered in OpenVPN. Please review the CVE identifiers referenced below for details. Impact A remote attacker may be able to recover plaintext from encrypted communications...

5.9CVSS3AI score0.0594EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2015/02/15 12:0 a.m.47 views

libpng: User-assisted execution of arbitrary code

Background libpng is a standard library used to process PNG Portable Network Graphics images. It is used by several programs, including web browsers and potentially server processes. Description Two vulnerabilities have been discovered in libpng: The pnguserversioncheck function contains an...

10CVSS8.2AI score0.03889EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2015/02/07 12:0 a.m.47 views

BIND: Multiple Vulnerabilities

Background BIND Berkeley Internet Name Domain is a Name Server. Description Multiple vulnerabilities have been discovered in BIND. Please review the CVE identifiers referenced below for details. Impact A remote attacker can cause a denial of service condition by the lack of GeoIP databases, or vi...

7.8CVSS8.9AI score0.65683EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2014/12/26 12:0 a.m.47 views

policycoreutils: Privilege escalation

Background policycoreutils is a collection of SELinux policy utilities. Description The seunshare utility is owned by root with 4755 permissions which can be exploited by a setuid system call. Impact A local attacker may be able to gain escalated privileges. Workaround There is no known workaroun...

6.9CVSS6.7AI score0.00357EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2014/06/01 12:0 a.m.47 views

D-Bus, GLib: Privilege escalation

Background D-Bus is a daemon providing a framework for applications to communicate with one another. GLib is a library providing a number of GNOME’s core objects and functions. Description When libdbus is used in a setuid program, a user can gain escalated privileges by leveraging the...

6.9CVSS6.1AI score0.04514EPSS
Exploits4
Gentoo Linux
Gentoo Linux
added 2014/05/23 12:0 a.m.47 views

LibYAML: Arbitrary code execution

Background LibYAML is a YAML 1.1 parser and emitter written in C. Description The yamlparserscanuriescapes function does not properly expand strings passed as input, which can result in a heap-based buffer overflow. Impact An attacker could provide a specially-crafted YAML document, which, when...

6.8CVSS8.1AI score0.09264EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2014/05/18 12:0 a.m.47 views

Pidgin: Multiple vulnerabilities

Background Pidgin is a GTK Instant Messenger client for a variety of instant messaging protocols. Description Multiple vulnerabilities have been discovered in Pidgin. Please review the CVE identifiers referenced below for details. Impact A remote attacker could possibly execute arbitrary code wit...

10CVSS7.8AI score0.14809EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2014/05/17 12:0 a.m.47 views

ImageMagick: Multiple vulnerabilities

Background ImageMagick is a collection of tools and libraries for manipulating various image formats. Description Multiple vulnerabilities have been discovered in ImageMagick. Please review the CVE identifiers referenced below for details. Note that CVE-2012-1185 and CVE-2012-1186 were issued due...

8.8CVSS8.9AI score0.29677EPSS
Exploits6
Gentoo Linux
Gentoo Linux
added 2014/05/17 12:0 a.m.47 views

Rack: Multiple vulnerabilities

Background Rack is a modular Ruby web server interface. Description Multiple vulnerabilities have been discovered in Rack. Please review the CVE identifiers referenced below for details. Impact A remote attacker could possibly execute arbitrary code with the privileges of the process, cause a...

5.1CVSS7.7AI score0.05281EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2014/01/21 12:0 a.m.47 views

Cacti: Multiple vulnerabilities

Background Cacti is a complete network graphing solution designed to harness the power of RRDTool’s data storage and graphing functionality. Description Multiple vulnerabilities have been discovered in Cacti. Please review the CVE identifiers referenced below for details. Impact A remote attacker...

7.5CVSS9.7AI score0.04309EPSS
Exploits3
Gentoo Linux
Gentoo Linux
added 2013/12/03 12:0 a.m.47 views

OpenSSL: Multiple Vulnerabilities

Background OpenSSL is an Open Source toolkit implementing the Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 as well as a general purpose cryptography library. Description Multiple vulnerabilities have been discovered in OpenSSL. Please review the CVE identifiers referenced...

7.5CVSS7.9AI score0.48298EPSS
Exploits12
Gentoo Linux
Gentoo Linux
added 2013/09/27 12:0 a.m.47 views

Squid: Multiple vulnerabilities

Background Squid is a full-featured web proxy cache. Description Multiple vulnerabilities have been discovered in Squid. Please review the CVE identifiers referenced below for details. Impact A remote attacker may be able to bypass ACL restrictions or cause a Denial of Service condition. Workarou...

7.8CVSS9.2AI score0.80451EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2012/10/21 12:0 a.m.47 views

Chromium: Multiple vulnerabilities

Background Chromium is an open source web browser project. Description Multiple vulnerabilities have been discovered in Chromium. Please review the CVE identifiers and release notes referenced below for details. Impact A remote attacker could entice a user to open a specially crafted web site usi...

10CVSS9.7AI score0.04641EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2012/03/06 12:0 a.m.47 views

sudo: Privilege escalation

Background sudo allows a system administrator to give users the ability to run commands as other users. Description Two vulnerabilities have been discovered in sudo: When the sudoers file is configured with a Runas group, sudo does not prompt for a password when changing to the new group...

7.2CVSS8.3AI score0.02992EPSS
Exploits5
Gentoo Linux
Gentoo Linux
added 2012/02/29 12:0 a.m.47 views

libxml2: User-assisted execution of arbitrary code

Background libxml2 is the XML C parser and toolkit developed for the Gnome project. Description The "xmlStringLenDecodeEntities" function in parser.c contains a boundary error which could possibly cause a heap-based buffer overflow. Impact A remote attacker could entice a user to open a specially...

7.5CVSS8.8AI score0.02399EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2011/10/26 12:0 a.m.47 views

Pure-FTPd: Multiple vulnerabilities

Background Pure-FTPd is a fast, production-quality and standards-compliant FTP server. Description Multiple vulnerabilities have been discovered in Pure-FTPd. Please review the CVE identifiers referenced below for details. Impact Remote unauthenticated attackers may be able to inject FTP commands...

5.8CVSS2.9AI score0.33341EPSS
Exploits5
Gentoo Linux
Gentoo Linux
added 2009/03/30 12:0 a.m.47 views

gedit: Untrusted search path

Background gedit is a text editor for the GNOME desktop. Description James Vega reported that gedit uses the current working directory when searching for python modules, a vulnerability related to CVE-2008-5983. Impact A local attacker could entice a user to open gedit from a specially crafted...

6.9CVSS9.4AI score0.00624EPSS
Exploits3
Gentoo Linux
Gentoo Linux
added 2008/12/21 12:0 a.m.47 views

phpCollab: Multiple vulnerabilities

Background phpCollab is a web-enabled groupware and project management software written in PHP. It uses SQL-based database backends. Description Multiple vulnerabilities have been found in phpCollab: rgod reported that data sent to general/sendpassword.php via the loginForm parameter is not...

10CVSS8.4AI score0.06164EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2008/07/31 12:0 a.m.47 views

VLC: Multiple vulnerabilities

Background VLC is a cross-platform media player and streaming server. Description Remi Denis-Courmont reported that VLC loads plugins from the current working directory in an unsafe manner CVE-2008-2147. Alin Rad Pop Secunia Research reported an integer overflow error in the Open function in the...

9.3CVSS7.1AI score0.05879EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2008/02/06 12:0 a.m.47 views

Doomsday: Multiple vulnerabilities

Background The Doomsday Engine deng is a modern gaming engine for popular ID games like Doom, Heretic and Hexen. Description Luigi Auriemma discovered multiple buffer overflows in the DNetPlayerEvent function, the MsgWrite function and the NetSvReadCommands function. He also discovered errors whe...

10CVSS7.6AI score0.16309EPSS
Exploits3
Gentoo Linux
Gentoo Linux
added 2007/06/19 12:0 a.m.47 views

Mozilla products: Multiple vulnerabilities

Background Mozilla Firefox is an open-source web browser from the Mozilla Project, and Mozilla Thunderbird an email client. The SeaMonkey project is a community effort to deliver production-quality releases of code derived from the application formerly known as the 'Mozilla Application Suite'...

9.3CVSS6.9AI score0.07831EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2007/06/11 12:0 a.m.47 views

MadWifi: Multiple vulnerabilities

Background The MadWifi driver provides support for Atheros based IEEE 802.11 Wireless Lan cards. Description Md Sohail Ahmad from AirTight Networks has discovered a divison by zero in the athbeaconconfig function CVE-2007-2830. The vendor has corrected an input validation error in the...

10CVSS7AI score0.03461EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2007/03/09 12:0 a.m.47 views

Smb4K: Multiple vulnerabilities

Background Smb4K is a SMB/CIFS Windows share browser for KDE. Description Kees Cook of the Ubuntu Security Team has identified multiple vulnerabilities in Smb4K. The writeFile function of smb4k/core/smb4kfileio.cpp makes insecure usage of temporary files. The writeFile function also stores the...

4.4CVSS6.5AI score0.0039EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2006/04/28 12:0 a.m.47 views

Mozilla Suite: Multiple vulnerabilities

Background The Mozilla Suite is a popular all-in-one web browser that includes a mail and news reader. Description Several vulnerabilities were found in Mozilla Suite. Version 1.7.13 was released to fix them. Impact A remote attacker could craft malicious web pages or emails that would leverage...

10CVSS7.4AI score0.12589EPSS
Exploits5
Gentoo Linux
Gentoo Linux
added 2006/02/18 12:0 a.m.47 views

GnuPG: Incorrect signature verification

Background GnuPG The GNU Privacy Guard is a free replacement for PGP Pretty Good Privacy. As GnuPG does not rely on any patented algorithms, it can be used without any restrictions. gpgv is the OpenPGP signature verification tool provided by the GnuPG system. Description Tavis Ormandy of the Gent...

4.6CVSS6.8AI score0.01327EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2005/12/07 12:0 a.m.47 views

Perl: Format string errors can lead to code execution

Background Perl is a stable, cross-platform programming language created by Larry Wall. It contains printf functions that allows construction of strings from format specifiers and parameters, like the C printf functions. A well-known class of vulnerabilities, called format string errors, result o...

4.6CVSS6.9AI score0.01374EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2005/05/15 12:0 a.m.47 views

Mozilla Suite, Mozilla Firefox: Remote compromise

Background The Mozilla Suite is a popular all-in-one web browser that includes a mail and news reader. Mozilla Firefox is the next-generation browser from the Mozilla project. Description The Mozilla Suite and Firefox do not properly protect "IFRAME" JavaScript URLs from being executed in context...

5.1CVSS7.5AI score0.16697EPSS
Exploits2
Total number of security vulnerabilities3816