Lucene search
K
GentooMost viewed

3816 matches found

Gentoo Linux
Gentoo Linux
•added 2016/12/07 12:0 a.m.•46 views

PECL HTTP: Remote execution of arbitrary code

Background This HTTP extension aims to provide a convenient and powerful set of functionality for one of PHPs major applications. Description A buffer overflow can be triggered in the URL parsing functions of the PECL HTTP extension. This allows overflowing a buffer with data originating from an...

9.8CVSS3.1AI score0.04701EPSS
Exploits1
Gentoo Linux
Gentoo Linux
•added 2016/11/22 12:0 a.m.•46 views

Chromium: Multiple vulnerabilities

Background Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web. Description Multiple vulnerabilities have been discovered in the Chromium web browser. Please review the CVE identifiers referenced below for details...

9.1CVSS1.4AI score0.01561EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2016/11/04 12:0 a.m.•46 views

LibreOffice, OpenOffice: Multiple vulnerabilities

Background LibreOffice is a powerful office suite; its clean interface and powerful tools let you unleash your creativity and grow your productivity. Apache OpenOffice is the leading open-source office software suite for word processing, spreadsheets, presentations, graphics, databases and more...

7.8CVSS8.7AI score0.13826EPSS
Exploits1
Gentoo Linux
Gentoo Linux
•added 2016/11/04 12:0 a.m.•46 views

Oracle JRE/JDK: Multiple vulnerabilities

Background Java Platform, Standard Edition Java SE lets you develop and deploy Java applications on desktops and servers, as well as in today’s demanding embedded environments. Java offers the rich user interface, performance, versatility, portability, and security that today’s applications...

9.6CVSS9.1AI score0.05437EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2016/11/01 12:0 a.m.•46 views

UnZip: Multiple vulnerabilities

Background Info-ZIP’s UnZip is a tool to list and extract files inside PKZIP compressed files. Description Multiple vulnerabilities were found in UnZip. Please review the referenced CVE’s for additional information. Impact Remote attackers could execute arbitrary code or cause Denial of Service...

7.8CVSS8.9AI score0.11562EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2015/09/25 12:0 a.m.•46 views

Adobe Flash Player: Multiple vulnerabilities

Background The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Description Multiple vulnerabilities have been discovered in Adobe Flash Player. Please review the CVE identifiers referenced below for details. Impact A remote attacke...

10CVSS7.8AI score0.45511EPSS
Exploits2
Gentoo Linux
Gentoo Linux
•added 2015/07/07 12:0 a.m.•46 views

LibVNCServer: Multiple vulnerabilities

Background LibVNCServer is a cross-platform C library that allows you to easily implement VNC server functionality in your program. Description Multiple vulnerabilities have been discovered in LibVNCServer. Please review the CVE identifiers referenced below for details. Impact A remote attacker m...

7.5CVSS9.8AI score0.08272EPSS
Exploits1
Gentoo Linux
Gentoo Linux
•added 2015/07/06 12:0 a.m.•46 views

Tor: Denial of service

Background Tor is an implementation of second generation Onion Routing, a connection-oriented anonymizing communication service. Description Tor does not handle data correctly when specifically crafted data is sent, and also fails to properly verify a descriptor provided by a hidden service...

7.5CVSS7.3AI score0.01384EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2015/06/21 12:0 a.m.•46 views

Adobe Flash Player: Multiple vulnerabilities

Background The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Description Multiple vulnerabilities have been discovered in Adobe Flash Player. Please review the CVE identifiers referenced below for details. Impact A remote attacke...

10CVSS7.9AI score0.96079EPSS
Exploits6
Gentoo Linux
Gentoo Linux
•added 2015/03/22 12:0 a.m.•46 views

Chromium: Multiple vulnerabilities

Background Chromium is an open-source web browser project. Description Multiple vulnerabilities have been discovered in Chromium. Please review the CVE identifiers referenced below for details. Impact A remote attacker may be able to cause a Denial of Service condition, bypass security...

7.5CVSS7AI score0.02565EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2014/12/26 12:0 a.m.•46 views

TORQUE Resource Manager: Multiple vulnerabilities

Background TORQUE is a resource manager and queuing system based on OpenPBS. Description Multiple vulnerabilities have been discovered in TORQUE Resource Manager. Please review the CVE identifiers referenced below for details. Impact A context-dependent attacker may be able to gain escalated...

10CVSS7.5AI score0.17461EPSS
Exploits6
Gentoo Linux
Gentoo Linux
•added 2014/12/26 12:0 a.m.•46 views

FLAC: User-assisted execution of arbitrary code

Background The Free Lossless Audio Codec FLAC library is the reference implementation of the FLAC audio file format. Description A stack-based buffer overflow flaw has been discovered in FLAC. Impact A remote attacker could entice a user to open a specially crafted .flac file using an application...

7.5CVSS7.3AI score0.0986EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2014/12/12 12:0 a.m.•46 views

AMD64 x86 emulation base libraries: Multiple vulnerabilities

Background AMD64 x86 emulation base libraries provides pre-compiled 32-bit libraries. Description Multiple vulnerabilities have been discovered in AMD64 x86 emulation base libraries. Please review the CVE identifiers referenced below for details. Impact A context-dependent attacker may be able to...

9.8CVSS9AI score0.99999EPSS
Exploits107
Gentoo Linux
Gentoo Linux
•added 2014/11/21 12:0 a.m.•46 views

Adobe Flash Player: Multiple vulnerabilities

Background The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Description Multiple vulnerabilities have been discovered in Adobe Flash Player. Please review the CVE identifiers referenced below for details. Impact A remote attacke...

10CVSS7.8AI score0.90208EPSS
Exploits10
Gentoo Linux
Gentoo Linux
•added 2014/06/29 12:0 a.m.•46 views

Wireshark: Multiple vulnerabilities

Background Wireshark is a network protocol analyzer formerly known as ethereal. Description Multiple vulnerabilities have been discovered in Wireshark. Please review the CVE identifiers referenced below for details. Impact A remote attacker can cause arbitrary code execution or a Denial of Servic...

9.3CVSS7.6AI score0.47422EPSS
Exploits14
Gentoo Linux
Gentoo Linux
•added 2014/01/21 12:0 a.m.•46 views

Active Record: SQL injection

Background Active Record is a Ruby gem that allows database entries to be manipulated as objects. Description An Active Record method parameter can mistakenly be used as a scope. Impact A remote attacker could use specially crafted input to execute arbitrary SQL statements. Workaround The...

7.5CVSS7.4AI score0.04458EPSS
Exploits2
Gentoo Linux
Gentoo Linux
•added 2013/12/16 12:0 a.m.•46 views

Wireshark: Multiple vulnerabilities

Background Wireshark is a versatile network protocol analyzer. Description Multiple vulnerabilities have been discovered in Wireshark. Please review the CVE identifiers referenced below for details. Impact A remote attacker could possibly execute arbitrary code with the privileges of the process ...

5CVSS7.3AI score0.0284EPSS
Exploits3
Gentoo Linux
Gentoo Linux
•added 2013/12/10 12:0 a.m.•46 views

WebP: User-assisted execution of arbitrary code

Background WebP is a lossy image compression format. Description An integer overflow flaw has been found in WebP. Impact A remote attacker could entice a user to open a specially crafted image in an application linked against WebP, possibly resulting in execution of arbitrary code with the...

7.5CVSS7.1AI score0.01087EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2013/01/09 12:0 a.m.•46 views

bzip2: User-assisted execution of arbitrary code

Background bzip2 is a high-quality data compressor used extensively by Gentoo Linux. Description An integer overflow vulnerability has been discovered in bzip2. Please review the CVE identifier referenced below for details. Impact A remote attacker could entice a user to open a specially crafted...

5.1CVSS6.7AI score0.03297EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2012/09/24 12:0 a.m.•46 views

LibreOffice: Multiple vulnerabilities

Background LibreOffice is a full office productivity suite. Description Multiple vulnerabilities have been found in LibreOffice: The Microsoft Word Document parser contains an out-of-bounds read error CVE-2011-2713. The Raptor RDF parser contains an XML External Entity expansion error...

7.5CVSS7.9AI score0.13734EPSS
Exploits3
Gentoo Linux
Gentoo Linux
•added 2011/11/20 12:0 a.m.•46 views

GNU Tar: User-assisted execution of arbitrary code

Background GNU Tar is a utility to create archives as well as add and extract files from archives. Description GNU Tar is vulnerable to a boundary error in the rmtread function in lib/rtapelib.c, which could cause a heap-based buffer overflow. Impact A remote attacker could entice the user to loa...

6.8CVSS7.9AI score0.04747EPSS
Exploits2
Gentoo Linux
Gentoo Linux
•added 2010/06/04 12:0 a.m.•46 views

Asterisk: Multiple vulnerabilities

Background Asterisk is an open source telephony engine and toolkit. Description Multiple vulnerabilities have been reported in Asterisk: Nick Baggott reported that Asterisk does not properly process overly long ASCII strings in various packets CVE-2009-2726. Noam Rathaus and Blake Cornell reporte...

7.8CVSS9.7AI score0.13355EPSS
Exploits3
Gentoo Linux
Gentoo Linux
•added 2009/01/11 12:0 a.m.•46 views

pdnsd: Denial of Service and cache poisoning

Background pdnsd is a proxy DNS server with permanent caching that is designed to cope with unreachable DNS servers. Description Two issues have been reported in pdnsd: The pexecquery function in src/dnsquery.c does not properly handle many entries in the answer section of a DNS reply, related to...

6.8CVSS7.2AI score0.95182EPSS
Exploits20
Gentoo Linux
Gentoo Linux
•added 2008/09/04 12:0 a.m.•46 views

MySQL: Privilege bypass

Background MySQL is a popular multi-threaded, multi-user SQL server. Description Sergei Golubchik reported that MySQL imposes no restrictions on the specification of "DATA DIRECTORY" or "INDEX DIRECTORY" in SQL "CREATE TABLE" statements. Impact An authenticated remote attacker could create MyISAM...

4.6CVSS6.8AI score0.02588EPSS
Exploits2
Gentoo Linux
Gentoo Linux
•added 2008/06/03 12:0 a.m.•46 views

libxslt: Execution of arbitrary code

Background Libxslt is the XSLT C library developed for the GNOME project. XSLT itself is an XML language to define transformations for XML. Description Anthony de Almeida Lopes reported a vulnerability in libxslt when handling XSL style-sheet files, which could be exploited to trigger the use of...

7.5CVSS7AI score0.1279EPSS
Exploits2
Gentoo Linux
Gentoo Linux
•added 2008/04/23 12:0 a.m.•46 views

VLC: User-assisted execution of arbitrary code

Background VLC is a cross-platform media player and streaming server. Description Multiple vulnerabilities were found in VLC: Luigi Auriemma discovered that the stack-based buffer overflow when reading subtitles, which has been reported as CVE-2007-6681 in GLSA 200803-13, was not properly fixed...

7.5CVSS7.8AI score0.17358EPSS
Exploits15
Gentoo Linux
Gentoo Linux
•added 2008/04/14 12:0 a.m.•46 views

Opera: Multiple vulnerabilities

Background Opera is a fast web browser that is available free of charge. Description Michal Zalewski reported two vulnerabilities, memory corruption when adding news feed sources from a website CVE-2008-1761 as well as when processing HTML CANVAS elements to use scaled images CVE-2008-1762...

9.3CVSS7.5AI score0.07595EPSS
Exploits1
Gentoo Linux
Gentoo Linux
•added 2008/02/26 12:0 a.m.•46 views

xine-lib: User-assisted execution of arbitrary code

Background xine-lib is the core library package for the xine media player. Description Damian Frizza and Alfredo Ortega Core Security Technologies discovered a stack-based buffer overflow within the openflacfile function in the file demuxflac.c when parsing tags within a FLAC file CVE-2008-0486. ...

7.5CVSS7.3AI score0.14637EPSS
Exploits3
Gentoo Linux
Gentoo Linux
•added 2007/09/27 12:0 a.m.•46 views

teTeX: Multiple buffer overflows

Background teTeX is a complete TeX distribution for editing documents. Description Mark Richters discovered a buffer overflow in the opensty function in file mkind.c. Other vulnerabilities have also been discovered in the same file but might not be exploitable CVE-2007-0650. Tetex also includes...

6.8CVSS7.9AI score0.08565EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2007/08/16 12:0 a.m.•46 views

MySQL: Denial of Service and information leakage

Background MySQL is a popular multi-threaded, multi-user SQL server. Description Dormando reported a vulnerability within the handling of password packets in the connection protocol CVE-2007-3780. Andrei Elkin also found that the "CREATE TABLE LIKE" command didn't require SELECT privileges on the...

5CVSS6.8AI score0.14051EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2007/05/17 12:0 a.m.•46 views

PhpWiki: Remote execution of arbitrary code

Background PhpWiki is an open source content management system written in PHP. Description Harold Hallikainen has reported that the Upload page fails to properly check the extension of a file. Impact A remote attacker could upload a specially crafted PHP file to the vulnerable server, resulting i...

7.5CVSS6.9AI score0.03279EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2007/05/02 12:0 a.m.•46 views

Apache mod_perl: Denial of service

Background Modperl is an Apache module that embeds the Perl interpreter within the server, allowing Perl-based web-applications to be created. Description Alex Solvey discovered that the "pathinfo" variable used in file RegistryCooker.pm modperl 2.x or file PerlRun.pm modperl 1.x, is not properly...

5CVSS6.4AI score0.10111EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2007/03/20 12:0 a.m.•46 views

WordPress: Multiple vulnerabilities

Background WordPress is a popular personal publishing platform with a web interface. Description WordPress contains cross-site scripting or cross-site scripting forgery vulnerabilities reported by: g30rg3x in the "year" parameter of the wptitle function Alexander Concha in the "demo" parameter of...

6.8CVSS6.5AI score0.07315EPSS
Exploits2
Gentoo Linux
Gentoo Linux
•added 2007/01/22 12:0 a.m.•46 views

Adobe Acrobat Reader: Multiple vulnerabilities

Background Adobe Acrobat Reader is a PDF reader released by Adobe. Description Adobe Acrobat Reader in stand-alone mode is vulnerable to remote code execution via heap corruption when loading a specially crafted PDF file. The browser plugin released with Adobe Acrobat Reader nppdf.so does not...

9.3CVSS7.4AI score0.55677EPSS
Exploits5
Gentoo Linux
Gentoo Linux
•added 2006/06/07 12:0 a.m.•46 views

Dia: Format string vulnerabilities

Background Dia is a GTK+ based diagram creation program. Description KaDaL-X discovered a format string error within the handling of filenames. Hans de Goede also discovered several other format string errors in the processing of dia files. Impact By enticing a user to open a specially crafted...

7.5CVSS7.4AI score0.07628EPSS
Exploits1
Gentoo Linux
Gentoo Linux
•added 2006/05/30 12:0 a.m.•46 views

libTIFF: Multiple vulnerabilities

Background libTIFF provides support for reading and manipulating TIFF images. Description Multiple vulnerabilities, ranging from integer overflows and NULL pointer dereferences to double frees, were reported in libTIFF. Impact An attacker could exploit these vulnerabilities by enticing a user to...

6.5CVSS7.1AI score0.10524EPSS
Exploits3
Gentoo Linux
Gentoo Linux
•added 2006/03/04 12:0 a.m.•46 views

teTeX, pTeX, CSTeX: Multiple overflows in included XPdf code

Background teTex is a complete TeX distribution. It is used for creating and manipulating LaTeX documents. CSTeX is a TeX distribution with Czech and Slovak support. pTeX is and ASCII publishing TeX distribution. Description CSTeX, teTex, and pTeX include XPdf code to handle PDF files. This XPdf...

5.1CVSS7.2AI score0.04082EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2006/01/16 12:0 a.m.•46 views

Sun and Blackdown Java: Applet privilege escalation

Background Sun and Blackdown both provide implementations of the Java Development Kit JDK and Java Runtime Environment JRE. Description Adam Gowdiak discovered multiple vulnerabilities in the Java Runtime Environment's Reflection APIs that may allow untrusted applets to elevate privileges. Impact...

7.5CVSS6.9AI score0.05168EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2005/10/12 12:0 a.m.•46 views

OpenSSL: SSL 2.0 protocol rollback

Background OpenSSL is a toolkit implementing the Secure Sockets Layer, Transport Layer Security protocols and a general-purpose cryptography library. Description Applications setting the SSLOPMSIESSLV2RSAPADDING option or the SSLOPALL option, that implies it can be forced by a third-party to...

5CVSS5.8AI score0.04866EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2005/03/12 12:0 a.m.•46 views

Ethereal: Multiple vulnerabilities

Background Ethereal is a feature rich network protocol analyzer. Description There are multiple vulnerabilities in versions of Ethereal earlier than 0.10.10, including: The Etheric, 3GPP2 A11 and IAPP dissectors are vulnerable to buffer overflows CAN-2005-0704, CAN-2005-0699 and CAN-2005-0739. Th...

7.5CVSS7.4AI score0.07606EPSS
Exploits1
Gentoo Linux
Gentoo Linux
•added 2004/10/13 12:0 a.m.•46 views

tiff: Buffer overflows in image decoding

Background The tiff library contains encoding and decoding routines for the Tag Image File Format. It is called by numerous programs, including GNOME and KDE, to help in displaying TIFF images. xv is a multi-format image manipulation utility that is statically linked to the tiff library...

7.5CVSS7AI score0.08268EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2004/09/06 12:0 a.m.•46 views

MIT krb5: Multiple vulnerabilities

Background MIT krb5 is the free implementation of the Kerberos network authentication protocol by the Massachusetts Institute of Technology. Description The implementation of the Key Distribution Center KDC and the MIT krb5 library contain double-free vulnerabilities, making client programs as we...

9.8CVSS7.6AI score0.08257EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2004/08/19 12:0 a.m.•46 views

courier-imap: Remote Format String Vulnerability

Background Courier-IMAP is an IMAP server which is part of the Courier mail system. It provides access only to maildirs. Description There is a format string vulnerability in the authdebug function which can be exploited remotely, potentially leading to arbitrary code execution as the user runnin...

7.5CVSS7.7AI score0.10906EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2004/05/11 12:0 a.m.•46 views

OpenOffice.org vulnerability when using DAV servers

Background OpenOffice.org is an office productivity suite, including word processing, spreadsheets, presentations, drawings, data charting, formula editing, and file conversion facilities. Description OpenOffice.org includes code from the Neon library in functions related to publication on WebDAV...

6.8CVSS7.4AI score0.11056EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2024/05/07 12:0 a.m.•45 views

Xpdf: Multiple Vulnerabilities

Background Xpdf is an X viewer for PDF files. Description Multiple vulnerabilities have been discovered in Xpdf. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workaround at this time...

7.8CVSS7.7AI score0.02057EPSS
Exploits4
Gentoo Linux
Gentoo Linux
•added 2024/01/31 12:0 a.m.•45 views

containerd: Multiple Vulnerabilities

Background containerd is a daemon with an API and a command line client, to manage containers on one machine. It uses runC to run containers according to the OCI specification. Description Multiple vulnerabilities have been discovered in containerd. Please review the CVE identifiers referenced...

7.8CVSS7.8AI score0.27392EPSS
Exploits6
Gentoo Linux
Gentoo Linux
•added 2024/01/24 12:0 a.m.•45 views

Ruby: Multiple vulnerabilities

Background Ruby is an interpreted scripting language for quick and easy object-oriented programming. It comes bundled with a HTTP server "WEBrick". Description Multiple vulnerabilities have been discovered in Ruby. Please review the CVE identifiers referenced below for details. Impact Please revi...

9.8CVSS7.5AI score0.04766EPSS
Exploits6
Gentoo Linux
Gentoo Linux
•added 2023/12/28 12:0 a.m.•45 views

OpenSSH: Multiple Vulnerabilities

Background OpenSSH is a free application suite consisting of server and clients that replace tools like telnet, rlogin, rcp and ftp with more secure versions offering additional functionality. Description Multiple vulnerabilities have been discovered in OpenSSH. Please review the CVE identifiers...

6.5CVSS7.7AI score0.93305EPSS
Exploits12
Gentoo Linux
Gentoo Linux
•added 2023/12/22 12:0 a.m.•45 views

Arduino: Remote Code Execution

Background Arduino is an open-source AVR electronics prototyping platform. Description A vulnerability has been discovered in Arduino. Please review the CVE identifier referenced below for details. Impact Arduino bundles a vulnerable version of log4j that may lead to remote code execution...

7.5CVSS8.1AI score0.81147EPSS
Exploits9
Gentoo Linux
Gentoo Linux
•added 2023/11/24 12:0 a.m.•45 views

SQLite: Multiple Vulnerabilities

Background SQLite is a C library that implements an SQL database engine. Description Multiple vulnerabilities have been discovered in SQLite. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no kno...

7.5CVSS7.9AI score0.0216EPSS
Exploits2
Total number of security vulnerabilities3816