Lucene search
K
GentooMost viewed

3816 matches found

Gentoo Linux
Gentoo Linux
added 2011/10/26 12:0 a.m.47 views

Pure-FTPd: Multiple vulnerabilities

Background Pure-FTPd is a fast, production-quality and standards-compliant FTP server. Description Multiple vulnerabilities have been discovered in Pure-FTPd. Please review the CVE identifiers referenced below for details. Impact Remote unauthenticated attackers may be able to inject FTP commands...

5.8CVSS2.9AI score0.33341EPSS
Exploits5
Gentoo Linux
Gentoo Linux
added 2009/03/30 12:0 a.m.47 views

gedit: Untrusted search path

Background gedit is a text editor for the GNOME desktop. Description James Vega reported that gedit uses the current working directory when searching for python modules, a vulnerability related to CVE-2008-5983. Impact A local attacker could entice a user to open gedit from a specially crafted...

6.9CVSS9.4AI score0.00624EPSS
Exploits3
Gentoo Linux
Gentoo Linux
added 2008/12/21 12:0 a.m.47 views

phpCollab: Multiple vulnerabilities

Background phpCollab is a web-enabled groupware and project management software written in PHP. It uses SQL-based database backends. Description Multiple vulnerabilities have been found in phpCollab: rgod reported that data sent to general/sendpassword.php via the loginForm parameter is not...

10CVSS8.4AI score0.06164EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2008/07/31 12:0 a.m.47 views

VLC: Multiple vulnerabilities

Background VLC is a cross-platform media player and streaming server. Description Remi Denis-Courmont reported that VLC loads plugins from the current working directory in an unsafe manner CVE-2008-2147. Alin Rad Pop Secunia Research reported an integer overflow error in the Open function in the...

9.3CVSS7.1AI score0.05879EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2008/02/06 12:0 a.m.47 views

Doomsday: Multiple vulnerabilities

Background The Doomsday Engine deng is a modern gaming engine for popular ID games like Doom, Heretic and Hexen. Description Luigi Auriemma discovered multiple buffer overflows in the DNetPlayerEvent function, the MsgWrite function and the NetSvReadCommands function. He also discovered errors whe...

10CVSS7.6AI score0.16309EPSS
Exploits3
Gentoo Linux
Gentoo Linux
added 2007/06/11 12:0 a.m.47 views

MadWifi: Multiple vulnerabilities

Background The MadWifi driver provides support for Atheros based IEEE 802.11 Wireless Lan cards. Description Md Sohail Ahmad from AirTight Networks has discovered a divison by zero in the athbeaconconfig function CVE-2007-2830. The vendor has corrected an input validation error in the...

10CVSS7AI score0.03461EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2007/03/09 12:0 a.m.47 views

Smb4K: Multiple vulnerabilities

Background Smb4K is a SMB/CIFS Windows share browser for KDE. Description Kees Cook of the Ubuntu Security Team has identified multiple vulnerabilities in Smb4K. The writeFile function of smb4k/core/smb4kfileio.cpp makes insecure usage of temporary files. The writeFile function also stores the...

4.4CVSS6.5AI score0.0039EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2006/07/09 12:0 a.m.47 views

libTIFF: Multiple buffer overflows

Background libTIFF provides support for reading and manipulating TIFF images. Description A buffer overflow has been found in the t2pwritepdfstring function in tiff2pdf, which can been triggered with a TIFF file containing a DocumentName tag with UTF-8 characters. An additional buffer overflow ha...

7.5CVSS7AI score0.14415EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2006/04/28 12:0 a.m.47 views

Mozilla Suite: Multiple vulnerabilities

Background The Mozilla Suite is a popular all-in-one web browser that includes a mail and news reader. Description Several vulnerabilities were found in Mozilla Suite. Version 1.7.13 was released to fix them. Impact A remote attacker could craft malicious web pages or emails that would leverage...

10CVSS7.4AI score0.12589EPSS
Exploits5
Gentoo Linux
Gentoo Linux
added 2006/02/18 12:0 a.m.47 views

GnuPG: Incorrect signature verification

Background GnuPG The GNU Privacy Guard is a free replacement for PGP Pretty Good Privacy. As GnuPG does not rely on any patented algorithms, it can be used without any restrictions. gpgv is the OpenPGP signature verification tool provided by the GnuPG system. Description Tavis Ormandy of the Gent...

4.6CVSS6.8AI score0.01327EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2005/12/07 12:0 a.m.47 views

Perl: Format string errors can lead to code execution

Background Perl is a stable, cross-platform programming language created by Larry Wall. It contains printf functions that allows construction of strings from format specifiers and parameters, like the C printf functions. A well-known class of vulnerabilities, called format string errors, result o...

4.6CVSS6.9AI score0.01374EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2005/05/15 12:0 a.m.47 views

Mozilla Suite, Mozilla Firefox: Remote compromise

Background The Mozilla Suite is a popular all-in-one web browser that includes a mail and news reader. Mozilla Firefox is the next-generation browser from the Mozilla project. Description The Mozilla Suite and Firefox do not properly protect "IFRAME" JavaScript URLs from being executed in context...

5.1CVSS7.5AI score0.16697EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2005/04/22 12:0 a.m.47 views

Kommander: Insecure remote script execution

Background KDE is a feature-rich graphical desktop environment for Linux and Unix-like Operating Systems. Kommander is a visual dialog editor and interpreter for KDE applications, part of the kdewebdev package. Description Kommander executes data files from possibly untrusted locations without us...

7.5CVSS7.3AI score0.0298EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2005/01/11 12:0 a.m.47 views

Konqueror: Java sandbox vulnerabilities

Background KDE is a feature-rich graphical desktop environment for Linux and Unix-like Operating Systems. Konqueror is the KDE web browser and file manager. Description Konqueror contains two errors that allow JavaScript scripts and Java applets to have access to restricted Java classes. Impact A...

5CVSS2.7AI score0.0413EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2004/12/07 12:0 a.m.47 views

Perl: Insecure temporary file creation

Background Perl is a stable, cross-platform programming language created by Larry Wall. Description Some Perl modules create temporary files in world-writable directories with predictable names. Impact A local attacker could create symbolic links in the temporary files directory, pointing to a...

2.1CVSS6.1AI score0.00427EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2004/09/14 12:0 a.m.47 views

cdrtools: Local root vulnerability in cdrecord if set SUID root

Background The cdrtools package is a set of tools for CD recording, including the popular cdrecord command-line utility. Description Max Vozeler discovered that the cdrecord utility, when set to SUID root, fails to drop root privileges before executing a user-supplied RSH program. By default,...

7.2CVSS6.1AI score0.01725EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2004/07/22 12:0 a.m.47 views

Linux Kernel: Multiple DoS and permission vulnerabilities

Background The Linux kernel is responsible for managing the core aspects of a GNU/Linux system, providing an interface for core system applications as well as providing the essential structure and capability to access hardware that is needed for a running system. Description The Linux kernel allo...

7.2CVSS6.8AI score0.00801EPSS
Exploits6
Gentoo Linux
Gentoo Linux
added 2004/07/09 12:0 a.m.47 views

Ethereal: Multiple security problems

Background Ethereal is a feature rich network protocol analyzer. Description There are multiple vulnerabilities in versions of Ethereal earlier than 0.10.5, including: In some cases the iSNS dissector could cause Ethereal to abort. If there was no policy name for a handle for SMB SID snooping it...

5CVSS7.4AI score0.17961EPSS
Exploits3
Gentoo Linux
Gentoo Linux
added 2004/06/25 12:0 a.m.47 views

FreeS/WAN, Openswan, strongSwan: Vulnerabilities in certificate handling

Background FreeS/WAN, Openswan, strongSwan and Super-FreeS/WAN are Open Source implementations of IPsec for the Linux operating system. They are all based on the discontinued FreeS/WAN project. Description All these IPsec implementations have several bugs in the verifyx509cert function, which...

10CVSS6.3AI score0.02832EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2004/05/20 12:0 a.m.47 views

CVS heap overflow vulnerability

Background CVS Concurrent Versions System is an open-source network-transparent version control system. It contains both a client utility and a server. Description Stefan Esser discovered a heap overflow in the CVS server, which can be triggered by sending malicious "Entry" lines and manipulating...

7.5CVSS7.4AI score0.67525EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2004/05/14 12:0 a.m.47 views

libpng denial of service vulnerability

Background libpng is a standard library used to process PNG Portable Network Graphics images. Description libpng provides two functions pngchunkerror and pngchunkwarning for default error and warning messages handling. These functions do not perform proper bounds checking on the provided message,...

5CVSS7.4AI score0.04107EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2004/04/24 12:0 a.m.47 views

ipsec-tools and iputils contain a remote DoS vulnerability

Background From http://ipsec-tools.sourceforge.n et/ "IPsec-Tools is a port of KAME's IPsec utilities to the Linux-2.6 IPsec implementation." iputils is a collection of network monitoring tools, including racoon, ping and ping6. Description When racoon receives an ISAKMP header, it allocates memo...

5CVSS6.3AI score0.02851EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2004/02/17 12:0 a.m.47 views

Updated kernel packages fix the AMD64 ptrace vulnerability

Background Description A vulnerability has been discovered by Andi Kleen in the ptrace emulation code for AMD64 platforms when eflags are processed, allowing a local user to obtain elevated priveleges. The Common Vulnerabilities and Exposures project, http://cve.mitre.org, has assigned...

7.2CVSS6.2AI score0.00436EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2024/09/28 12:0 a.m.46 views

nginx: Multiple Vulnerabilities

Background nginx is a robust, small, and high performance HTTP and reverse proxy server. Description Multiple vulnerabilities have been discovered in nginx. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround...

7.5CVSS7.6AI score0.01061EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2024/05/08 12:0 a.m.46 views

NVIDIA Drivers: Multiple Vulnerabilities

Background NVIDIA Drivers are NVIDIA's accelerated graphics driver. Description Multiple vulnerabilities have been discovered in NVIDIA Drivers. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no...

7.8CVSS7.6AI score0.00228EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2024/02/19 12:0 a.m.46 views

Samba: Multiple Vulnerabilities

Background Samba is a suite of SMB and CIFS client/server programs. Description Multiple vulnerabilities have been discovered in Samba. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known...

9.8CVSS7.7AI score0.62606EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2024/02/18 12:0 a.m.46 views

Apache Log4j: Multiple Vulnerabilities

Background Log4j is a Java logging framework that supports various use cases with a rich set of components, a separate API, and a performance-optimized implementation. Description Multiple vulnerabilities hav been discovered in Apache Log4j. Please review the CVE identifiers referenced below for...

9.8CVSS7.5AI score0.6906EPSS
Exploits4
Gentoo Linux
Gentoo Linux
added 2024/01/31 12:0 a.m.46 views

WebKitGTK+: Multiple Vulnerabilities

Background WebKitGTK+ is a full-featured port of the WebKit rendering engine, suitable for projects requiring any kind of web integration, from hybrid HTML/CSS applications to full-fledged web browsers. Description Multiple vulnerabilities have been discovered in WebKitGTK+. Please review the CVE...

8.8CVSS7.7AI score0.29179EPSS
Exploits3
Gentoo Linux
Gentoo Linux
added 2024/01/22 12:0 a.m.46 views

Apache XML-RPC: Multiple Vulnerabilities

Background Apache XML-RPC previously known as Helma XML-RPC is a Java implementation of XML-RPC, a popular protocol that uses XML over HTTP to implement remote procedure calls. Description Multiple vulnerabilities have been discovered in Apache XML-RPC. Please review the CVE identifiers reference...

9.8CVSS7.7AI score0.49285EPSS
Exploits3
Gentoo Linux
Gentoo Linux
added 2023/12/28 12:0 a.m.46 views

OpenSSH: Multiple Vulnerabilities

Background OpenSSH is a free application suite consisting of server and clients that replace tools like telnet, rlogin, rcp and ftp with more secure versions offering additional functionality. Description Multiple vulnerabilities have been discovered in OpenSSH. Please review the CVE identifiers...

6.5CVSS7.7AI score0.93305EPSS
Exploits12
Gentoo Linux
Gentoo Linux
added 2023/10/30 12:0 a.m.47 views

UnZip: Multiple Vulnerabilities

Background Info-ZIP’s UnZip is a tool to list and extract files inside PKZIP compressed files. Description Multiple vulnerabilities have been discovered in UnZip. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details...

5.5CVSS6.7AI score0.02421EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2023/05/30 12:0 a.m.46 views

LibTIFF: Multiple Vulnerabilities

Background LibTIFF provides support for reading and manipulating TIFF Tagged Image File Format images. Description Multiple vulnerabilities have been discovered in LibTIFF. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for...

6.8CVSS7.4AI score0.00461EPSS
Exploits11
Gentoo Linux
Gentoo Linux
added 2023/05/21 12:0 a.m.46 views

snakeyaml: Multiple Vulnerabilities

Background snakeyaml is a YAML 1.1 parser and emitter for Java. Description Multiple vulnerabilities have been discovered in snakeyaml. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known...

7.5CVSS7.4AI score0.26723EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2023/05/03 12:0 a.m.46 views

Lua: Multiple Vulnerabilities

Background Lua is a powerful, efficient, lightweight, embeddable scripting language. It supports procedural programming, object-oriented programming, functional programming, data-driven programming, and data description. Description Multiple vulnerabilities have been discovered in Lua. Please...

9.1CVSS8AI score0.11572EPSS
Exploits3
Gentoo Linux
Gentoo Linux
added 2022/08/10 12:0 a.m.46 views

LibRaw: Stack buffer overread

Background LibRaw is a library for reading RAW files obtained from digital photo cameras. Description LibRaw incorrectly handles parsing DNG fields in some cases, potentially resulting in a buffer overread leading to denial of service. Impact An attacker capable of providing crafted input to LibR...

8.8CVSS2.7AI score0.01625EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2021/05/26 12:0 a.m.46 views

Tcpreplay: Multiple vulnerabilities

Background Tcpreplay is a suite of utilities for UNIX systems for editing and replaying network traffic which was previously captured by tools like tcpdump and ethereal/wireshark. Description Multiple vulnerabilities have been discovered in Tcpreplay. Please review the CVE identifiers referenced...

7.5CVSS2.5AI score0.02531EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2021/04/30 12:0 a.m.46 views

libTIFF: Multiple vulnerabilities

Background The TIFF library contains encoding and decoding routines for the Tag Image File Format. It is called by numerous programs, including GNOME and KDE applications, to interpret TIFF images. Description Multiple vulnerabilities have been discovered in LibTIFF. Please review the referenced...

7.8CVSS8.3AI score0.01922EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2021/01/12 12:0 a.m.46 views

VirtualBox: Multiple vulnerabilities

Background VirtualBox is a powerful virtualization product from Oracle. Description Multiple vulnerabilities have been discovered in VirtualBox. Please review the CVE identifiers referenced below for details. Impact An attacker could take control of VirtualBox resulting in the execution of...

8.8CVSS4.2AI score0.0262EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2020/12/23 12:0 a.m.46 views

PowerDNS: information disclosure

Background The PowerDNS nameserver is an authoritative-only nameserver which uses a flexible backend architecture. Description It was discovered that PowerDNS did not properly handle certain unknown records. Impact An authorized attacker with the ability to insert crafted records into a zone migh...

4.3CVSS3.3AI score0.02592EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2020/12/07 12:0 a.m.46 views

SeaMonkey: Multiple vulnerabilities

Background The SeaMonkey project is a community effort to deliver production-quality releases of code derived from the application formerly known as “Mozilla Application Suite”. Description Multiple vulnerabilities have been discovered in SeaMonkey. Please review referenced release notes for more...

7.7AI score
Exploits0
Gentoo Linux
Gentoo Linux
added 2020/11/11 12:0 a.m.46 views

Mozilla Firefox: Remote code execution

Background Mozilla Firefox is a popular open-source web browser from the Mozilla project. Description Invalid assumptions when emitting the the MCallGetProperty opcode in the JavaScript JIT may result in a use-after-free condition. Impact A remote attacker could possibly execute arbitrary code wi...

9.3CVSS3.3AI score0.42327EPSS
Exploits4
Gentoo Linux
Gentoo Linux
added 2020/11/03 12:0 a.m.46 views

BlueZ: Arbitrary code execution

Background Set of tools to manage Bluetooth devices for Linux. Description It was discovered that there was a double-free vulnerability in Bluez after the service discovery which occurs after a Bluetoth Low Energy BLE connection has been established to a device. Impact A remote attacker, by...

8.6CVSS5.2AI score0.04242EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2020/09/13 12:0 a.m.46 views

GStreamer RTSP Server: Denial of service

Background RTSP server library based on GStreamer. Description It was discovered that GStreamer RTSP Server did not properly handle authentication. Impact A remote attacker, by sending specially crafted authentication requests, could possibly cause a Denial of Service condition. Workaround There ...

7.5CVSS2.8AI score0.02872EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2020/08/30 12:0 a.m.46 views

OpenJDK: Multiple vulnerabilities

Background OpenJDK is a free and open-source implementation of the Java Platform, Standard Edition. Description Multiple vulnerabilities have been discovered in OpenJDK. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details...

8.3CVSS2.5AI score0.05166EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2020/08/25 12:0 a.m.46 views

Chromium, Google Chrome: Heap buffer overflow

Background Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web. Google Chrome is one fast, simple, and secure browser for all your devices. Description A buffer overflow has been discovered in Chromium and Google...

9.3CVSS9.2AI score0.03291EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2020/03/07 12:0 a.m.46 views

Groovy: Arbitrary code execution

Background A multi-faceted language for the Java platform Description It was discovered that there was a vulnerability within the Java serialization/deserialization process. Impact An attacker, by crafting a special serialized object, could execute arbitrary code. Workaround There is no known...

9.8CVSS4.1AI score0.17239EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2017/12/14 12:0 a.m.46 views

cURL: Multiple vulnerabilities

Background A command line tool and library for transferring data with URLs. Description Multiple vulnerabilities have been discovered in cURL. Please review the CVE identifiers referenced below for details. Impact Remote attackers could cause a Denial of Service condition, disclose sensitive...

9.8CVSS9.5AI score0.11175EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2017/11/11 12:0 a.m.46 views

Cacti: Multiple vulnerabilities

Background Cacti is a complete frontend to rrdtool. Description Multiple vulnerabilities have been discovered in Cacti. Please review the CVE identifiers referenced below for details. Impact Remote attackers could execute arbitrary code or bypass intended access restrictions. Workaround There is ...

9.8CVSS9.5AI score0.02921EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2017/03/28 12:0 a.m.46 views

cURL: Certificate validation error

Background cURL is a tool and libcurl is a library for transferring data with URL syntax. Description cURL and applications linked against libcurl support “OCSP stapling”, also known as the TLS Certificate Status Request extension using the CURLOPTSSLVERIFYSTATUS option. When telling cURL to use...

6.5CVSS5.7AI score0.01391EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2017/02/20 12:0 a.m.46 views

Mozilla Firefox: Multiple vulnerabilities

Background Mozilla Firefox is a popular open-source web browser from the Mozilla Project. Description Multiple vulnerabilities have been discovered in Mozilla Firefox. Please review the CVE identifiers referenced below for details. Impact A remote attacker could possibly execute arbitrary code wi...

9.8CVSS9.5AI score0.33199EPSS
Exploits16
Total number of security vulnerabilities3816