Lucene search
K
GentooMost viewed

3816 matches found

Gentoo Linux
Gentoo Linux
added 2010/09/07 12:0 a.m.48 views

Adobe Reader: Multiple vulnerabilities

Background Adobe Reader formerly Adobe Acrobat Reader is a closed-source PDF reader. Description Multiple vulnerabilities were discovered in Adobe Reader. For further information please consult the CVE entries and the Adobe Security Bulletins referenced below. Impact A remote attacker might entic...

10CVSS9.7AI score0.88246EPSS
Exploits74
Gentoo Linux
Gentoo Linux
added 2010/01/13 12:0 a.m.48 views

net-snmp: Authorization bypass

Background net-snmp bundles software for generating and retrieving SNMP data. Description The netsnmpudpfmtaddr function snmplib/snmpUDPDomain.c, when using TCP wrappers for client authorization, does not properly parse hosts.allow rules. Impact A remote, unauthenticated attacker could bypass the...

5CVSS6.9AI score0.0292EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2009/08/07 12:0 a.m.48 views

Adobe products: Multiple vulnerabilities

Background Adobe Flash Player is a closed-source playback software for Flash SWF files. Adobe Reader is a closed-source PDF reader that plays Flash content as well. Description Multiple vulnerabilities have been reported in Adobe Flash Player: lakehu of Tencent Security Center reported an...

9.3CVSS8.9AI score0.25006EPSS
Exploits6
Gentoo Linux
Gentoo Linux
added 2009/04/07 12:0 a.m.48 views

OpenSSL: Denial of service

Background OpenSSL is an Open Source toolkit implementing the Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 as well as a general purpose cryptography library. Description The ASN1STRINGprintex function does not properly check the provided length of a BMPString or...

5CVSS3.3AI score0.06194EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2009/03/25 12:0 a.m.48 views

pam_krb5: Privilege escalation

Background pamkrb5 is a a Kerberos v5 PAM module. Description The following vulnerabilities were discovered: pamkrb5 does not properly initialize the Kerberos libraries for setuid use CVE-2009-0360. Derek Chan reported that calls to pamsetcred are not properly handled when running setuid...

6.2CVSS9.8AI score0.00695EPSS
Exploits7
Gentoo Linux
Gentoo Linux
added 2008/05/20 12:0 a.m.48 views

Mozilla products: Multiple vulnerabilities

Background Mozilla Firefox is an open-source web browser and Mozilla Thunderbird an open-source email client, both from the Mozilla Project. The SeaMonkey project is a community effort to deliver production-quality releases of code derived from the application formerly known as the 'Mozilla...

9.3CVSS10AI score0.08633EPSS
Exploits10
Gentoo Linux
Gentoo Linux
added 2007/07/02 12:0 a.m.48 views

OpenOffice.org: Two buffer overflows

Background OpenOffice.org is an open source office productivity suite, including word processing, spreadsheet, presentation, drawing, data charting, formula editing, and file conversion facilities. Description John Heasman of NGSSoftware has discovered a heap-based buffer overflow when parsing th...

9.3CVSS7.5AI score0.06021EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2007/03/18 12:0 a.m.48 views

ulogd: Remote execution of arbitrary code

Background ulogd is a userspace daemon for netfilter related logging. Description SUSE reported unspecified buffer overflows in ulogd involving the calculation of string lengths. Impact A remote attacker could trigger a possible buffer overflow through unspecified vectors, potentially leading to...

10CVSS7.3AI score0.02555EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2007/01/22 12:0 a.m.48 views

Sun JDK/JRE: Multiple vulnerabilities

Background The Sun Java Development Kit JDK and the Sun Java Runtime Environment JRE provide the Sun Java platform. Description Chris Evans has discovered multiple buffer overflows in Sun JDK and Sun JRE possibly related to various AWT or font layout functions. Tom Hawtin has discovered an...

9.3CVSS6.8AI score0.03632EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2006/09/23 12:0 a.m.48 views

gzip: Multiple vulnerabilities

Background gzip, the GNU zip compression utility, is a free and patent unencumbered replacement for the standard compress utility. Description Tavis Ormandy of the Google Security Team has reported multiple vulnerabilities in gzip. A stack buffer modification vulnerability was discovered in the L...

7.5CVSS7.6AI score0.05641EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2006/08/03 12:0 a.m.48 views

Mozilla Thunderbird: Multiple vulnerabilities

Background The Mozilla Thunderbird mail client is a redesign of the Mozilla Mail component. The goal is to produce a cross-platform stand-alone mail application using XUL XML User Interface Language. Description The following vulnerabilities have been reported: Benjamin Smedberg discovered that...

7.5CVSS7.4AI score0.0747EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2006/05/10 12:0 a.m.48 views

pdnsd: Denial of Service and potential arbitrary code execution

Background pdnsd is a proxy DNS server with permanent caching that is designed to cope with unreachable DNS servers. Description The pdnsd team has discovered an unspecified buffer overflow vulnerability. The PROTOS DNS Test Suite, by the Oulu University Secure Programming Group OUSPG, has also...

10CVSS7.2AI score0.04741EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2006/05/08 12:0 a.m.48 views

PHP: Multiple vulnerabilities

Background PHP is a widely-used general-purpose scripting language that is especially suited for Web development and can be embedded into HTML. Description Several vulnerabilities were discovered on PHP4 and PHP5 by Infigo, Tonu Samuel and Maksymilian Arciemowicz. These included a buffer overflow...

6.4CVSS7.2AI score0.20514EPSS
Exploits4
Gentoo Linux
Gentoo Linux
added 2005/08/31 12:0 a.m.48 views

pam_ldap: Authentication bypass vulnerability

Background pamldap is a Pluggable Authentication Module which allows authentication against LDAP directories. Description When a pamldap client attempts to authenticate against an LDAP server that omits the optional error value from the PasswordPolicyResponseValue, the authentication attempt will...

7.5CVSS6.7AI score0.03645EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2005/02/11 12:0 a.m.48 views

Perl: Vulnerabilities in perl-suid wrapper

Background Perl is a stable, cross-platform programming language created by Larry Wall. The perl-suid wrapper allows the use of setuid perl scripts, i.e. user-callable Perl scripts which have elevated privileges. This function is enabled only if you have the perlsuid USE flag set. Description...

4.6CVSS7.1AI score0.01315EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2003/11/15 12:0 a.m.48 views

kdebase: KDM vulnerabilities

Background KDM is the desktop manager included with the K Desktop Environment. Description Firstly, versions of KDM =kde-base/kde-3.1.4' emerge '=kde-base/kde-3.1.4' emerge clean...

10CVSS6.8AI score0.02678EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2024/05/04 12:0 a.m.47 views

ImageMagick: Multiple Vulnerabilities

Background ImageMagick is a software suite to create, edit, and compose bitmap images, that can also read, write, and convert images in many other formats. Description Multiple vulnerabilities have been discovered in ImageMagick. Please review the CVE identifiers referenced below for details...

7.8CVSS7.1AI score0.89855EPSS
Exploits37
Gentoo Linux
Gentoo Linux
added 2023/12/23 12:0 a.m.47 views

SABnzbd: Remote Code Execution

Background Free and easy binary newsreader with web interface. Description A vulnerability has been discovered in SABnzbd. Please review the CVE identifier referenced below for details. Impact A design flaw was discovered in SABnzbd that could allow remote code execution. Manipulating the...

9.8CVSS8.5AI score0.01731EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2023/12/22 12:0 a.m.47 views

Exiv2: Multiple Vulnerabilities

Background Exiv2 is a C++ library and set of tools for parsing, editing and saving Exif and IPTC metadata from images. Exif, the Exchangeable image file format, specifies the addition of metadata tags to JPEG, TIFF and RIFF files. Description Multiple vulnerabilities have been discovered in Exiv2...

8.8CVSS7.7AI score0.02555EPSS
Exploits7
Gentoo Linux
Gentoo Linux
added 2022/08/14 12:0 a.m.47 views

GNU Binutils: Multiple Vulnerabilities

Background The GNU Binutils are a collection of tools to create, modify and analyse binary files. Many of the files use BFD, the Binary File Descriptor library, to do low-level manipulation. Description Multiple vulnerabilities have been discovered in GNU Binutils. Please review the CVE identifie...

7.8CVSS1.8AI score0.03412EPSS
Exploits4
Gentoo Linux
Gentoo Linux
added 2022/08/10 12:0 a.m.47 views

libass: Denial of service

Background libass is a portable subtitle renderer for the ASS/SSA Advanced Substation Alpha/Substation Alpha subtitle format. Description A one-byte buffer overwrite in ASS font decoding could trigger an assertion failure resulting in denial of service. Impact An attacker with control over the AS...

7.8CVSS2.8AI score0.01075EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2020/08/08 12:0 a.m.47 views

gThumb: Arbitrary code execution

Background gThumb is an image viewer and browser for GNOME. Description A heap-based buffer overflow in gThumb’s cairoimagesurfacecreatefromjpeg function, located in extensions/cairoio/cairo-image-surface-jpeg.c was discovered. Impact A remote attacker could entice a user to open a specially...

7.8CVSS8.2AI score0.02149EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2020/07/28 12:0 a.m.47 views

FFmpeg: Multiple vulnerabilities

Background FFmpeg is a complete, cross-platform solution to record, convert and stream audio and video. Description Multiple vulnerabilities have been discovered in FFmpeg. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for...

10CVSS3.2AI score0.03756EPSS
Exploits4
Gentoo Linux
Gentoo Linux
added 2020/07/27 12:0 a.m.47 views

DjVu: Multiple vulnerabilities

Background DjVu is a web-centric format and software platform for distributing documents and images. Description Multiple vulnerabilities have been discovered in DjVu. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details...

5.5CVSS2.6AI score0.0185EPSS
Exploits4
Gentoo Linux
Gentoo Linux
added 2020/07/27 12:0 a.m.47 views

Okular: Local restricted command execution

Background Okular is a universal document viewer based on KPDF. Description A logic error was discovered in Okular, which results in trusting action links within a PDF, possibly allowing execution of a binary. Impact A remote attacker could entice a user to open a specially crafted PDF using...

6.8CVSS4.6AI score0.01452EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2020/07/26 12:0 a.m.47 views

Chromium, Google Chrome: Multiple vulnerabilities

Background Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web. Google Chrome is one fast, simple, and secure browser for all your devices. Description Multiple vulnerabilities have been discovered in Chromium and...

9.6CVSS2AI score0.19419EPSS
Exploits19
Gentoo Linux
Gentoo Linux
added 2020/05/14 12:0 a.m.47 views

Python: Denial of service

Background Python is an interpreted, interactive, object-oriented programming language. Description An issue was discovered in urllib.request.AbstractBasicAuthHandler which allowed a remote attacker to send malicious data causing extensive regular expression backtracking. Impact An attacker could...

7.1CVSS7.3AI score0.06617EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2020/04/30 12:0 a.m.47 views

FontForge: Multiple vulnerabilities

Background FontForge is a PostScript font editor and converter. Description Multiple vulnerabilities have been discovered in FontForge. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to open a specially crafted font using FontForge,...

9.8CVSS3.8AI score0.02653EPSS
Exploits3
Gentoo Linux
Gentoo Linux
added 2020/03/30 12:0 a.m.47 views

GNU Screen: Buffer overflow

Background GNU Screen is a full-screen window manager that multiplexes a physical terminal between several processes, typically interactive shells. Description A buffer overflow was found in the way GNU Screen treated the special escape OSC 49. Impact A remote attacker, by writing a specially...

9.8CVSS4.9AI score0.0264EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2017/05/09 12:0 a.m.47 views

FFmpeg: Multiple vulnerabilities

Background FFmpeg is a complete, cross-platform solution to record, convert and stream audio and video. Description Multiple vulnerabilities have been discovered in FFmpeg. Please review the CVE identifiers referenced below for details. gst-plugins-libav is affected because this package is bundli...

5.5CVSS8.2AI score0.01119EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2017/02/19 12:0 a.m.47 views

MuPDF: Multiple vulnerabilities

Background A lightweight PDF, XPS, and E-book viewer. Description Multiple vulnerabilities have been discovered in MuPDF. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to open a specially crafted PDF document using MuPDF possibly...

9.8CVSS8AI score0.03772EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2017/01/31 12:0 a.m.47 views

Ansible: Remote execution of arbitrary code

Background Ansible is a radically simple IT automation platform. Description An input validation vulnerability was found in Ansible’s handling of data sent from client systems. Impact An attacker with control over a client system being managed by Ansible and the ability to send facts back to the...

9.3CVSS7.7AI score0.1765EPSS
Exploits5
Gentoo Linux
Gentoo Linux
added 2017/01/29 12:0 a.m.47 views

Ark: Unintended execution of scripts and executable files

Background Ark is a graphical file compression/decompression utility with support for multiple formats. Description A vulnerability was discovered in how Ark handles executable files while browsing a compressed archive. A user could unintentionally execute a malicious script which has the...

7.8CVSS8.1AI score0.03118EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2016/12/06 12:0 a.m.47 views

util-linux: Arbitrary code execution

Background util-linux is a suite of Linux programs including mount and umount, programs used to mount and unmount filesystems. Description A command injection flaw was discovered in util-linux’s “blkid” utility. It uses caching files /dev/.blkid.tab or /run/blkid/blkid.tab to store info about the...

7.8CVSS6.6AI score0.00648EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2016/12/02 12:0 a.m.47 views

GnuPG: RNG output is predictable

Background The GNU Privacy Guard, GnuPG, is a free replacement for the PGP suite of cryptographic software. Description A long standing bug since 1998 in Libgcrypt see “GLSA 201610-04” below and GnuPG allows an attacker to predict the output from the standard RNG. Please review the “Entropy Loss...

5.3CVSS6AI score0.03597EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2016/11/01 12:0 a.m.47 views

OpenVPN: Multiple vulnerabilities

Background OpenVPN is a multi-platform, full-featured SSL VPN solution. Description Multiple vulnerabilities have been discovered in OpenVPN. Please review the CVE identifiers referenced below for details. Impact A remote attacker may be able to recover plaintext from encrypted communications...

5.9CVSS3AI score0.0594EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2016/06/05 12:0 a.m.47 views

Puppet Server and Agent: Multiple vulnerabilities

Background Puppet Agent contains Puppet’s main code and all of the dependencies needed to run it, including Facter, Hiera, and bundled versions of Ruby and OpenSSL. Description Multiple vulnerabilities have been discovered in Puppet Server and Agent. Please review the CVE identifiers referenced...

9.8CVSS10AI score0.02889EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2015/02/07 12:0 a.m.47 views

BIND: Multiple Vulnerabilities

Background BIND Berkeley Internet Name Domain is a Name Server. Description Multiple vulnerabilities have been discovered in BIND. Please review the CVE identifiers referenced below for details. Impact A remote attacker can cause a denial of service condition by the lack of GeoIP databases, or vi...

7.8CVSS8.9AI score0.65683EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2014/06/01 12:0 a.m.47 views

D-Bus, GLib: Privilege escalation

Background D-Bus is a daemon providing a framework for applications to communicate with one another. GLib is a library providing a number of GNOME’s core objects and functions. Description When libdbus is used in a setuid program, a user can gain escalated privileges by leveraging the...

6.9CVSS6.1AI score0.04514EPSS
Exploits4
Gentoo Linux
Gentoo Linux
added 2014/05/17 12:0 a.m.47 views

Rack: Multiple vulnerabilities

Background Rack is a modular Ruby web server interface. Description Multiple vulnerabilities have been discovered in Rack. Please review the CVE identifiers referenced below for details. Impact A remote attacker could possibly execute arbitrary code with the privileges of the process, cause a...

5.1CVSS7.7AI score0.05281EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2014/05/17 12:0 a.m.47 views

ImageMagick: Multiple vulnerabilities

Background ImageMagick is a collection of tools and libraries for manipulating various image formats. Description Multiple vulnerabilities have been discovered in ImageMagick. Please review the CVE identifiers referenced below for details. Note that CVE-2012-1185 and CVE-2012-1186 were issued due...

8.8CVSS8.9AI score0.29677EPSS
Exploits6
Gentoo Linux
Gentoo Linux
added 2014/01/21 12:0 a.m.47 views

Cacti: Multiple vulnerabilities

Background Cacti is a complete network graphing solution designed to harness the power of RRDTool’s data storage and graphing functionality. Description Multiple vulnerabilities have been discovered in Cacti. Please review the CVE identifiers referenced below for details. Impact A remote attacker...

7.5CVSS9.7AI score0.04309EPSS
Exploits3
Gentoo Linux
Gentoo Linux
added 2013/12/03 12:0 a.m.47 views

BusyBox: Multiple vulnerabilities

Background BusyBox is set of tools for embedded systems and is a replacement for GNU Coreutils. Description Multiple vulnerabilities have been discovered in BusyBox. Please review the CVE identifiers referenced below for details. Impact A remote attacker could send a specially crafted DHCP reques...

7.5CVSS9.5AI score0.05422EPSS
Exploits5
Gentoo Linux
Gentoo Linux
added 2013/12/03 12:0 a.m.47 views

OpenSSL: Multiple Vulnerabilities

Background OpenSSL is an Open Source toolkit implementing the Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 as well as a general purpose cryptography library. Description Multiple vulnerabilities have been discovered in OpenSSL. Please review the CVE identifiers referenced...

7.5CVSS7.9AI score0.48298EPSS
Exploits12
Gentoo Linux
Gentoo Linux
added 2013/09/27 12:0 a.m.47 views

Squid: Multiple vulnerabilities

Background Squid is a full-featured web proxy cache. Description Multiple vulnerabilities have been discovered in Squid. Please review the CVE identifiers referenced below for details. Impact A remote attacker may be able to bypass ACL restrictions or cause a Denial of Service condition. Workarou...

7.8CVSS9.2AI score0.80451EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2012/10/21 12:0 a.m.47 views

Chromium: Multiple vulnerabilities

Background Chromium is an open source web browser project. Description Multiple vulnerabilities have been discovered in Chromium. Please review the CVE identifiers and release notes referenced below for details. Impact A remote attacker could entice a user to open a specially crafted web site usi...

10CVSS9.7AI score0.04641EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2012/03/06 12:0 a.m.47 views

sudo: Privilege escalation

Background sudo allows a system administrator to give users the ability to run commands as other users. Description Two vulnerabilities have been discovered in sudo: When the sudoers file is configured with a Runas group, sudo does not prompt for a password when changing to the new group...

7.2CVSS8.3AI score0.02992EPSS
Exploits5
Gentoo Linux
Gentoo Linux
added 2012/02/29 12:0 a.m.47 views

libxml2: User-assisted execution of arbitrary code

Background libxml2 is the XML C parser and toolkit developed for the Gnome project. Description The "xmlStringLenDecodeEntities" function in parser.c contains a boundary error which could possibly cause a heap-based buffer overflow. Impact A remote attacker could entice a user to open a specially...

7.5CVSS8.8AI score0.02399EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2011/10/26 12:0 a.m.47 views

Pure-FTPd: Multiple vulnerabilities

Background Pure-FTPd is a fast, production-quality and standards-compliant FTP server. Description Multiple vulnerabilities have been discovered in Pure-FTPd. Please review the CVE identifiers referenced below for details. Impact Remote unauthenticated attackers may be able to inject FTP commands...

5.8CVSS2.9AI score0.33341EPSS
Exploits5
Gentoo Linux
Gentoo Linux
added 2009/03/30 12:0 a.m.47 views

gedit: Untrusted search path

Background gedit is a text editor for the GNOME desktop. Description James Vega reported that gedit uses the current working directory when searching for python modules, a vulnerability related to CVE-2008-5983. Impact A local attacker could entice a user to open gedit from a specially crafted...

6.9CVSS9.4AI score0.00624EPSS
Exploits3
Total number of security vulnerabilities3816