Lucene search
K
GentooMost viewed

3816 matches found

Gentoo Linux
Gentoo Linux
added 2004/06/04 12:0 a.m.45 views

tripwire: Format string vulnerability

Background tripwire is an open source file integrity checker. Description The code that generates email reports contains a format string vulnerability in pipedmailmessage.cpp. Impact With a carefully crafted filename on a local filesystem an attacker could cause execution of arbitrary code with...

7.2CVSS6.7AI score0.00369EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2004/02/11 12:0 a.m.45 views

Gallery 1.4.1 and below remote exploit vulnerability

Background Gallery is an open source image management system written in PHP. More information is available at http://gallery.sourceforge.net Description Starting in the 1.3.1 release, Gallery includes code to simulate the behaviour of the PHP 'registerglobals' variable in environments where that...

Exploits0
Gentoo Linux
Gentoo Linux
added 2024/08/11 12:0 a.m.44 views

runc: Multiple Vulnerabilities

Background runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. Description Multiple vulnerabilities have been discovered in runc. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for...

8.6CVSS7.8AI score0.18087EPSS
Exploits21
Gentoo Linux
Gentoo Linux
added 2024/02/18 12:0 a.m.44 views

Exim: Multiple Vulnerabilities

Background Exim is a message transfer agent MTA designed to be a a highly configurable, drop-in replacement for sendmail. Description Multiple vulnerabilities have been discovered in Exim. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE...

9.8CVSS7.4AI score0.28084EPSS
Exploits6
Gentoo Linux
Gentoo Linux
added 2024/02/02 12:0 a.m.44 views

glibc: Multiple Vulnerabilities

Background glibc is a package that contains the GNU C library. Description Multiple vulnerabilities have been discovered in glibc. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workarou...

8.4CVSS7.3AI score0.04794EPSS
Exploits9
Gentoo Linux
Gentoo Linux
added 2024/01/05 12:0 a.m.45 views

WebKitGTK+: Multiple Vulnerabilities

Background WebKitGTK+ is a full-featured port of the WebKit rendering engine, suitable for projects requiring any kind of web integration, from hybrid HTML/CSS applications to full-fledged web browsers. Description Multiple vulnerabilities have been discovered in WebKitGTK+. Please review the CVE...

9.8CVSS7.7AI score0.23788EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2023/12/28 12:0 a.m.44 views

OpenSSH: Multiple Vulnerabilities

Background OpenSSH is a free application suite consisting of server and clients that replace tools like telnet, rlogin, rcp and ftp with more secure versions offering additional functionality. Description Multiple vulnerabilities have been discovered in OpenSSH. Please review the CVE identifiers...

6.5CVSS7.7AI score0.93305EPSS
Exploits12
Gentoo Linux
Gentoo Linux
added 2023/12/27 12:0 a.m.44 views

Git: Multiple Vulnerabilities

Background Git is a free and open source distributed version control system designed to handle everything from small to very large projects with speed and efficiency. Description Multiple vulnerabilities have been discovered in Git. Please review the CVE identifiers referenced below for details...

9.8CVSS7.7AI score0.56334EPSS
Exploits6
Gentoo Linux
Gentoo Linux
added 2023/12/22 12:0 a.m.44 views

Arduino: Remote Code Execution

Background Arduino is an open-source AVR electronics prototyping platform. Description A vulnerability has been discovered in Arduino. Please review the CVE identifier referenced below for details. Impact Arduino bundles a vulnerable version of log4j that may lead to remote code execution...

7.5CVSS8.1AI score0.81147EPSS
Exploits9
Gentoo Linux
Gentoo Linux
added 2023/11/24 12:0 a.m.44 views

SQLite: Multiple Vulnerabilities

Background SQLite is a C library that implements an SQL database engine. Description Multiple vulnerabilities have been discovered in SQLite. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no kno...

7.5CVSS7.9AI score0.0216EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2023/09/17 12:0 a.m.44 views

RAR, UnRAR: Arbitrary File Overwrite

Background RAR and UnRAR provide command line interfaces for compressing and decompressing RAR files. Description Due to an error in the validation of symbolic links within archives, RAR and UnRAR can potentially write files to a directory which is outside of the intended unpack directory. Impact...

7.8CVSS7.9AI score0.98975EPSS
Exploits13
Gentoo Linux
Gentoo Linux
added 2023/05/03 12:0 a.m.44 views

libsdl: Multiple Vulnerabilities

Background Simple DirectMedia Layer is a cross-platform development library designed to provide low level access to audio, keyboard, mouse, joystick, and graphics hardware via OpenGL and Direct3D. Description Multiple vulnerabilities have been discovered in SDL. Please review the CVE identifiers...

8.8CVSS7.2AI score0.03299EPSS
Exploits12
Gentoo Linux
Gentoo Linux
added 2022/12/19 12:0 a.m.44 views

Mozilla Network Security Service (NSS): Multiple Vulnerabilities

Background The Mozilla Network Security Service is a library implementing security features like SSL v.2/v.3, TLS, PKCS 5, PKCS 7, PKCS 11, PKCS 12, S/MIME and X.509 certificates. Description Multiple vulnerabilities have been discovered in Mozilla Network Security Service NSS. Please review the...

9.8CVSS2.7AI score0.17563EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2022/11/22 12:0 a.m.45 views

xterm: Arbitrary Code Execution

Background xterm is a terminal emulator for the X Window system. Description xterm does not correctly handle control characters related to OSC 50 font ops sequence handling. Impact The vulnerability allows text written to the terminal to write text to the terminal's command line. If the terminal'...

9.8CVSS3.3AI score0.04949EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2022/10/31 12:0 a.m.44 views

libxml2: Multiple Vulnerabilities

Background libxml2 is the XML C parser and toolkit developed for the GNOME project. Description Multiple vulnerabilities have been discovered in libxml2. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround The...

7.8CVSS2.5AI score0.22791EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2022/10/31 12:0 a.m.44 views

libksba: Remote Code Execution

Background Libksba is a X.509 and CMS PKCS7 library. Description An integer overflow in parsing ASN.1 objects could lead to a buffer overflow. Impact Crafted ASN.1 objects could trigger an integer overflow and buffer overflow to result in remote code execution. Workaround There is no known...

9.8CVSS6.1AI score0.01635EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2022/09/29 12:0 a.m.44 views

Poppler: Arbitrary Code Execution

Background Poppler is a PDF rendering library based on the xpdf-3.0 code base. Description Multiple vulnerabilities have been discovered in Poppler. Please review the CVE identifiers referenced below for details. Impact Processing a specially crafted PDF file or JBIG2 image could lead to a crash ...

7.8CVSS8.4AI score0.75994EPSS
Exploits3
Gentoo Linux
Gentoo Linux
added 2022/09/25 12:0 a.m.44 views

GRUB: Multiple Vulnerabilities

Background GNU GRUB is a multiboot boot loader used by most Linux systems. Description Multiple vulnerabilities have been discovered in GRUB. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no kno...

8.1CVSS7.1AI score0.01284EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2022/09/07 12:0 a.m.44 views

GNU Gzip, XZ Utils: Arbitrary file write

Background GNU Gzip is a popular data compression program. XZ Utils is free general-purpose data compression software with a high compression ratio. Description GNU Gzip and XZ Utils' grep helpers do not sufficiently validate certain multi-line file names. Impact In some cases, writing to arbitra...

8.8CVSS1.6AI score0.04271EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2022/08/10 12:0 a.m.44 views

mdbtools: Multiple Vulnerabilities

Background mdbtools is a set of libraries and utilities for reading Microsoft Access database MDB files. Description Multiple vulnerabilities have been discovered in mdbtools. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for...

7.8CVSS2.7AI score0.00431EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2022/08/04 12:0 a.m.44 views

3MF Consortium lib3mf: Remote code execution

Background lib3mf is an implementation of the 3D Manufacturing Format file standard. Description Incorrect memory handling within lib3mf could result in a use-after-free. Impact An attacker that can provide malicious input to an application using 3MF Consortium's lib3mf could achieve remote code...

8.1CVSS3.9AI score0.04339EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2021/05/26 12:0 a.m.44 views

ICU: Multiple vulnerabilities

Background ICU is a mature, widely used set of C/C++ and Java libraries providing Unicode and Globalization support for software applications. Description Multiple vulnerabilities have been discovered in ICU. Please review the upstream bugs referenced below for details. Impact Remote attackers...

4.3AI score
Exploits0
Gentoo Linux
Gentoo Linux
added 2020/08/08 12:0 a.m.44 views

GNU GLOBAL: Arbitrary code execution

Background GNU GLOBAL is a source code tagging system that works the same way across diverse environments, such as Emacs editor, Vi editor, Less viewer, Bash shell, various web browsers, etc. Description A vulnerability was found in an undocumented function of gozilla. Impact A remote attacker...

8.8CVSS4.4AI score0.01228EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2020/07/27 12:0 a.m.44 views

arpwatch: Root privilege escalation

Background The ethernet monitor program; for keeping track of ethernet/ip address pairings. Description It was discovered that Gentoo’s arpwatch ebuild made excessive permission operations on its data directories, possibly changing ownership of unintended files. This only affects OpenRC systems, ...

7.2AI score
Exploits0
Gentoo Linux
Gentoo Linux
added 2020/05/14 12:0 a.m.44 views

FreeRDP: Multiple vulnerabilities

Background FreeRDP is a free implementation of the Remote Desktop Protocol. Description Multiple vulnerabilities have been discovered in FreeRDP. Please review the CVE identifiers referenced below for details. Impact An attacker could possibly cause a Denial of Service condition. Workaround There...

7.5CVSS2.6AI score0.02689EPSS
Exploits6
Gentoo Linux
Gentoo Linux
added 2017/09/17 12:0 a.m.44 views

GIMPS: Root privilege escalation

Background GIMPS, the Great Internet Mersenne Prime Search, is a software capable of find Mersenne Primes, which are used in cryptography. GIMPS is also used for hardware testing. Description It was discovered that Gentoo’s default GIMPS installation suffered from a privilege escalation...

7.3CVSS7.6AI score0.00268EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2017/02/22 12:0 a.m.44 views

GPL Ghostscript: Multiple vulnerabilities

Background Ghostscript is an interpreter for the PostScript language and for PDF. Description Multiple vulnerabilities have been discovered in GPL Ghostscript and the bundled OpenJPEG. Please review the CVE identifiers and GLSA-201612-26 OpenJPEG referenced below for additional information. Note:...

9.8CVSS3.4AI score0.23453EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2017/01/17 12:0 a.m.44 views

xdelta: User-assisted execution of arbitrary code

Background Xdelta is a C library and command-line tool for delta compression using VCDIFF/RFC 3284 streams. Description A buffer overflow can be triggered within xdelta when ran against a malicious input file. Impact A remote attacker could coerce the victim to run xdelta against a malicious inpu...

8.8CVSS9AI score0.04157EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2016/05/31 12:0 a.m.44 views

Linux-PAM: Multiple vulnerabilities

Background Linux-PAM Pluggable Authentication Modules is an architecture allowing the separation of the development of privilege granting software from the development of secure and appropriate authentication schemes. Description Multiple vulnerabilities have been discovered in Linux-PAM. Please...

6.5CVSS7.6AI score0.04121EPSS
Exploits3
Gentoo Linux
Gentoo Linux
added 2016/03/06 12:0 a.m.44 views

GIMP: Multiple vulnerabilities

Background GIMP is a cross-platform image editor available for GNU/Linux, OS X, Windows and more operating systems. Description GIMP’s network server, scriptfu, is vulnerable to the remote execution of arbitrary code via the python-fu-eval command due to not requiring authentication. Additionally...

6.8CVSS8.2AI score0.04509EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2015/12/19 12:0 a.m.44 views

GRUB: Authentication bypass

Background GNU GRUB is a multiboot boot loader used by most Linux systems. Description An integer underflow in GRUB’s username/password authentication code has been discovered. Impact An attacker with access to the system console may bypass the username prompt by entering a sequence of backspace...

7.4CVSS8.9AI score0.01104EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2015/10/31 12:0 a.m.44 views

Django: Multiple vulnerabilities

Background Django is a Python-based web framework. Description Multiple vulnerabilities have been found in Django: Session backends create a new record anytime request.session was accessed CVE-2015-5143 Built-in validators in Django do not properly sanitize input CVE-2015-5144 URL validation...

7.8CVSS9.5AI score0.07266EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2015/10/31 12:0 a.m.44 views

QEMU: Arbitrary code execution

Background QEMU is a generic and open source machine emulator and virtualizer. Description Heap-based buffer overflow has been found in QEMU’s PCNET controller. Impact A remote attacker could execute arbitrary code via a specially crafted packets. Workaround There is no known workaround at this...

7.5CVSS7.1AI score0.09668EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2015/07/18 12:0 a.m.44 views

PostgreSQL: Multiple vulnerabilities

Background PostgreSQL is an open source object-relational database management system. Description Multiple vulnerabilities have been discovered in PostgreSQL. Please review the CVE identifiers referenced below for details. Impact A remote attacker could possibly execute arbitrary code with the...

9.8CVSS9.2AI score0.08565EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2015/07/07 12:0 a.m.44 views

International Components for Unicode: Multiple vulnerabilities

Background International Components for Unicode is a set of C/C++ and Java libraries providing Unicode and Globalization support for software applications. Description Multiple vulnerabilities have been discovered in International Components for Unicode. Please review the CVE identifiers referenc...

7.5CVSS9.1AI score0.2447EPSS
Exploits4
Gentoo Linux
Gentoo Linux
added 2015/03/29 12:0 a.m.44 views

BusyBox: Multiple vulnerabilities

Background BusyBox is set of tools for embedded systems and is a replacement for GNU Coreutils. Description Multiple vulnerabilities have been discovered in BusyBox. Please review the CVE identifiers referenced below for details. Impact A context-dependent attacker can load kernel modules without...

8.8CVSS8.2AI score0.05315EPSS
Exploits3
Gentoo Linux
Gentoo Linux
added 2015/02/06 12:0 a.m.44 views

Adobe Flash Player: Multiple vulnerabilities

Background The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Description Multiple vulnerabilities have been discovered in Adobe Flash Player. Please review the CVE identifiers referenced below for details. Impact A remote attacke...

10CVSS7.7AI score0.8582EPSS
Exploits9
Gentoo Linux
Gentoo Linux
added 2014/12/26 12:0 a.m.44 views

FLAC: User-assisted execution of arbitrary code

Background The Free Lossless Audio Codec FLAC library is the reference implementation of the FLAC audio file format. Description A stack-based buffer overflow flaw has been discovered in FLAC. Impact A remote attacker could entice a user to open a specially crafted .flac file using an application...

7.5CVSS7.3AI score0.0986EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2014/12/13 12:0 a.m.44 views

GNUstep Base library: Denial of service

Background GNUstep Base library is a free software package implementing the API of the OpenStep Foundation Kit tm, including later additions. Description GNUstep Base library does not properly handle the file descriptor for logging, when run as a daemon. Impact A remote attacker could send a...

4.3CVSS6.4AI score0.0171EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2014/12/12 12:0 a.m.44 views

AMD64 x86 emulation base libraries: Multiple vulnerabilities

Background AMD64 x86 emulation base libraries provides pre-compiled 32-bit libraries. Description Multiple vulnerabilities have been discovered in AMD64 x86 emulation base libraries. Please review the CVE identifiers referenced below for details. Impact A context-dependent attacker may be able to...

9.8CVSS9AI score0.99999EPSS
Exploits107
Gentoo Linux
Gentoo Linux
added 2014/08/10 12:0 a.m.44 views

LibSSH: Information disclosure

Background LibSSH is a C library providing SSHv2 and SSHv1. Description A new connection inherits the state of the PRNG without re-seeding with random data. Impact Servers using ECC ECDSA or DSA certificates in non-deterministic mode may under certain conditions leak their private key. Workaround...

1.9CVSS6.3AI score0.00356EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2014/06/21 12:0 a.m.44 views

Mozilla Network Security Service: Multiple vulnerabilities

Background The Mozilla Network Security Service is a library implementing security features like SSL v2/v3, TLS, PKCS 5, PKCS 7, PKCS 11, PKCS 12, S/MIME and X.509 certificates. Description Multiple vulnerabilities have been discovered in the Mozilla Network Security Service. Please review the CV...

7.5CVSS7.2AI score0.84424EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2014/05/17 12:0 a.m.44 views

Ettercap: Multiple vulnerabilities

Background Ettercap is a suite of tools for content filtering, sniffing and man in the middle attacks on a LAN. Description Multiple vulnerabilities have been discovered in Ettercap: Ettercap does not handle temporary files securely CVE-2010-3843. A format string flaw in Ettercap could cause a...

8.8CVSS8.8AI score0.01404EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2014/04/07 12:0 a.m.44 views

OpenAFS: Multiple vulnerabilities

Background OpenAFS is an client-server program suite for federated file sharing and replicated content distribution. Description Multiple vulnerabilities have been discovered in OpenAFS. Please review the CVE identifiers referenced below for details. Impact An attacker could potentially execute...

10CVSS7.8AI score0.06438EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2014/02/17 12:0 a.m.44 views

Xpdf: User-assisted execution of arbitrary code

Background Xpdf is an X viewer for PDF files. Description Multiple vulnerabilities have been discovered in Xpdf. Please review the CVE identifiers referenced below for details. Impact A context-dependent attacker could execute arbitrary code or cause a Denial of Service condition. Workaround Ther...

9.3CVSS8.6AI score0.03785EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2014/02/02 12:0 a.m.44 views

GNU libmicrohttpd: Multiple vulnerabilities

Background GNU libmicrohttpd is a small C library that is supposed to make it easy to run an HTTP server as part of another application. Description Multiple vulnerabilities have been discovered in GNU libmicrohttpd. Please review the CVE identifiers referenced below for details. Impact A remote...

6.4CVSS7.6AI score0.03277EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2014/02/02 12:0 a.m.44 views

NVIDIA Drivers: Privilege Escalation

Background The NVIDIA drivers provide X11 and GLX support for NVIDIA graphic boards. Description The vulnerability is caused due to the driver allowing unprivileged user-mode software to access the GPU. Impact A local attacker could gain escalated privileges. Workaround There is no known workarou...

10CVSS6.3AI score0.01797EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2014/01/29 12:0 a.m.44 views

BIND: Denial of service

Background BIND is the Berkeley Internet Name Domain Server. Description Multiple vulnerabilities have been discovered in BIND. Please review the CVE identifiers referenced below for details. Impact A remote attacker may be able to cause a Denial of Service condition. Workaround There is no known...

7.8CVSS8.3AI score0.42851EPSS
Exploits5
Gentoo Linux
Gentoo Linux
added 2014/01/29 12:0 a.m.44 views

Perl Digest-Base module: Arbitrary code execution

Background Digest-Base is a set of Perl modules that calculate message digests Description The vulnerability is caused due to the “Digest-new” function not properly sanitising input before using it in an “eval” call. Impact The vulnerability might allow an attacker to execute arbitrary code...

7.5CVSS9.5AI score0.13526EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2009/09/12 12:0 a.m.44 views

Horde: Multiple vulnerabilities

Background Horde is a web application framework written in PHP. Horde IMP, the "Internet Messaging Program", is a Webmail module and Horde Passwd is a password changing module for Horde. Description Multiple vulnerabilities have been discovered in Horde: Gunnar Wrobel reported an input sanitation...

6.4CVSS8.1AI score0.41263EPSS
Exploits11
Total number of security vulnerabilities3816