Lucene search
K
GentooMost viewed

3816 matches found

Gentoo Linux
Gentoo Linux
added 2020/03/15 12:0 a.m.155 views

ICU: Integer overflow

Background ICU is a mature, widely used set of C/C++ and Java libraries providing Unicode and Globalization support for software applications. Description It was discovered that ICU’s UnicodeString::doAppend function is vulnerable to an integer overflow. Please review the CVE identifiers referenc...

8.8CVSS9.3AI score0.02669EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2020/03/15 12:0 a.m.155 views

runC: Multiple vulnerabilities

Background RunC is a CLI tool for spawning and running containers according to the OCI specification. Description Multiple vulnerabilities have been discovered in runC. Please review the CVE identifiers referenced below for details. Impact An attacker, by running a malicious Docker image, could...

9.3CVSS3.1AI score0.9857EPSS
Exploits34
Gentoo Linux
Gentoo Linux
added 2018/11/27 12:0 a.m.155 views

Binutils: Multiple vulnerabilities

Background The GNU Binutils are a collection of tools to create, modify and analyse binary files. Many of the files use BFD, the Binary File Descriptor library, to do low-level manipulation. Description Multiple vulnerabilities have been discovered in Binutils. Please review the referenced CVE...

7.8CVSS2.9AI score0.02455EPSS
Exploits18
Gentoo Linux
Gentoo Linux
added 2006/08/06 12:0 a.m.155 views

Webmin, Usermin: File Disclosure

Background Webmin is a web-based interface for Unix-like systems. Usermin is a simplified version of Webmin designed for use by normal users rather than system administrators. Description A vulnerability in both Webmin and Usermin has been discovered by Kenny Chen, wherein simplifypath is called...

5CVSS9AI score0.77953EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2020/03/15 12:0 a.m.154 views

SQLite: Multiple vulnerabilities

Background SQLite is a C library that implements an SQL database engine. Description Multiple vulnerabilities have been discovered in SQLite. Please review the CVE identifiers referenced below for details. Impact A remote attacker could possibly execute arbitrary code with the privileges of the...

8.8CVSS9.2AI score0.04253EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2020/03/15 12:0 a.m.151 views

PPP: Buffer overflow

Background PPP is a Unix implementation of the Point-to-Point Protocol. Description It was discovered that bounds check in PPP for the rhostname was improperly constructed in the EAP request and response functions. Impact A remote attacker, by sending specially crafted authentication data, could...

9.8CVSS5.1AI score0.19431EPSS
Exploits3
Gentoo Linux
Gentoo Linux
added 2021/07/11 12:0 a.m.150 views

OpenEXR: Multiple vulnerabilities

Background OpenEXR is a high dynamic-range HDR image file format developed by Industrial Light & Magic for use in computer imaging applications. Description Multiple vulnerabilities have been discovered in OpenEXR. Please review the CVE identifiers referenced below for details. Impact Please revi...

5.5CVSS7.1AI score0.01848EPSS
Exploits8
Gentoo Linux
Gentoo Linux
added 2020/03/15 12:0 a.m.150 views

WebkitGTK+: Multiple vulnerabilities

Background WebKitGTK+ is a full-featured port of the WebKit rendering engine, suitable for projects requiring any kind of web integration, from hybrid HTML/CSS applications to full-fledged web browsers. Description Multiple vulnerabilities have been discovered in WebKitGTK+. Please review the...

9.3CVSS3AI score0.09543EPSS
Exploits4
Gentoo Linux
Gentoo Linux
added 2018/11/27 12:0 a.m.150 views

Libav: Multiple vulnerabilities

Background Libav is a complete solution to record, convert and stream audio and video. Description Multiple vulnerabilities have been discovered in Libav. Please review the CVE identifiers referenced below for details. Impact A remote attacker, via a crafted Smacker stream, could cause a Denial o...

9.8CVSS3.9AI score0.0301EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2005/04/12 12:0 a.m.150 views

Axel: Vulnerability in HTTP redirection handling

Background Axel is a console-based FTP/HTTP download accelerator. Description A possible buffer overflow has been reported in the HTTP redirection handling code in conn.c. Impact A remote attacker could exploit this vulnerability by setting up a malicious site and enticing a user to connect to it...

7.5CVSS7.2AI score0.03442EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2019/03/28 12:0 a.m.149 views

Chromium: Multiple vulnerabilities

Background Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web. Description Multiple vulnerabilities have been discovered in Chromium and Google Chrome. Please review the referenced CVE identifiers and Google Chrom...

9.3CVSS2.1AI score0.61537EPSS
Exploits13
Gentoo Linux
Gentoo Linux
added 2019/03/10 12:0 a.m.149 views

systemd: Multiple vulnerabilities

Background A system and service manager. Description Multiple vulnerabilities have been discovered in systemd. Please review the CVE identifiers referenced below for details. Impact An attacker could cause a Denial of Service condition or possibly execute arbitrary code. Workaround There is no...

7.8CVSS3.9AI score0.02958EPSS
Exploits5
Gentoo Linux
Gentoo Linux
added 2020/03/15 12:0 a.m.148 views

libvirt: Multiple vulnerabilities

Background libvirt is a C toolkit for manipulating virtual machines. Description Multiple vulnerabilities have been discovered in libvirt. Please review the CVE identifiers referenced below for details. Impact A local privileged attacker could execute arbitrary commands, escalate privileges or...

8.8CVSS3.8AI score0.00549EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2019/03/14 12:0 a.m.148 views

WebkitGTK+: Multiple vulnerabilities

Background WebKitGTK+ is a full-featured port of the WebKit rendering engine, suitable for projects requiring any kind of web integration, from hybrid HTML/CSS applications to full-fledged web browsers. Description Multiple vulnerabilities have been discovered in WebKitGTK+. Please review the...

8.8CVSS2.5AI score0.09755EPSS
Exploits3
Gentoo Linux
Gentoo Linux
added 2019/03/14 12:0 a.m.148 views

GNU C Library: Arbitrary descriptor allocation

Background The GNU C library is the standard C library used by Gentoo Linux systems. Description A vulnerability was discovered in the GNU C Library functions xdrbytes and xdrstring. Impact A remote attacker, by sending a crafted UDP packet, could cause a Denial of Service condition. Workaround...

7.5CVSS2.4AI score0.05532EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2017/07/09 12:0 a.m.146 views

MAN DB: Privilege escalation

Background MAN DB is a man replacement that utilizes BerkelyDB instead of flat files. Description The /var/cache/man directory as part of the MAN DB package has group permissions set to root. Impact A local user who does not belong to the root group, but has the ability to modify the /var/cache/m...

7.8CVSS7.4AI score0.01047EPSS
Exploits3
Gentoo Linux
Gentoo Linux
added 2020/03/15 12:0 a.m.142 views

Python: Multiple vulnerabilities

Background Python is an interpreted, interactive, object-oriented programming language. Description Multiple vulnerabilities have been discovered in Python. Please review the CVE identifiers referenced below for details. Impact A remote attacker could possibly perform a CRLF injection attack,...

9.8CVSS2.8AI score0.20743EPSS
Exploits5
Gentoo Linux
Gentoo Linux
added 2019/10/25 12:0 a.m.142 views

PHP: Arbitrary code execution

Background PHP is an open source general-purpose scripting language that is especially suited for web development. Description A underflow in envpathinfo in PHP-FPM under certain configurations can be exploited to gain remote code execution. Impact A remote attacker, by sending special crafted HT...

9.8CVSS2.3AI score0.9947EPSS
Exploits54
Gentoo Linux
Gentoo Linux
added 2019/09/06 12:0 a.m.142 views

Apache: Multiple vulnerabilities

Background The Apache HTTP server is one of the most popular web servers on the Internet. Description Multiple vulnerabilities have been discovered in Apache. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaroun...

9.1CVSS2AI score0.81466EPSS
Exploits6
Gentoo Linux
Gentoo Linux
added 2019/03/28 12:0 a.m.141 views

GD: Multiple vulnerabilities

Background GD is a graphic library for fast image creation. Description Multiple vulnerabilities have been discovered in GD. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to process a specially crafted image, possibly resulting in...

9.8CVSS4.1AI score0.65116EPSS
Exploits8
Gentoo Linux
Gentoo Linux
added 2017/01/11 12:0 a.m.141 views

NGINX: Privilege escalation

Background nginx is a robust, small, and high performance HTTP and reverse proxy server. Description It was discovered that Gentoo’s default NGINX installation applied similar problematic permissions on “/var/log/nginx” as Debian DSA-3701 and is therefore vulnerable to the same attack described i...

7.8CVSS7.7AI score0.04863EPSS
Exploits6
Gentoo Linux
Gentoo Linux
added 2021/07/17 12:0 a.m.140 views

Apache Commons FileUpload: Multiple vulnerabilities

Background The Apache Commons FileUpload package makes it easy to add robust, high-performance, file upload capability to your servlets and web applications. Description Multiple vulnerabilities have been discovered in Apache Commons FileUpload. Please review the CVE identifiers referenced below...

7.8CVSS7.9AI score0.83175EPSS
Exploits9
Gentoo Linux
Gentoo Linux
added 2019/03/28 12:0 a.m.140 views

NASM: Multiple vulnerabilities

Background NASM is a 80x86 assembler that has been created for portability and modularity. NASM supports Pentium, P6, SSE MMX, and 3DNow extensions. It also supports a wide range of objects formats ELF, a.out, COFF, etc, and has its own disassembler. Description Multiple vulnerabilities have been...

7.8CVSS2.9AI score0.02946EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2016/06/26 12:0 a.m.140 views

libssh and libssh2: Multiple vulnerabilities

Background libssh is a mulitplatform C library implementing the SSHv2 and SSHv1 protocol on client and server side. Description libssh and libssh2 both have a bits/bytes confusion bug and generate an abnormaly short ephemeral secret for the diffie-hellman-group1 and diffie-hellman-group14 key...

5.9CVSS6.7AI score0.05145EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2020/03/15 12:0 a.m.137 views

nfdump: Multiple vulnerabilities

Background nfdump is a toolset in order to collect and process netflow and sflow data, sent from netflow/sflow compatible devices. Description Multiple vulnerabilities have been discovered in nfdump. Please review the CVE identifiers referenced below for details. Impact A remote attacker, by...

7.8CVSS5.2AI score0.02709EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2019/03/10 12:0 a.m.136 views

Tar: Denial of service

Background The Tar program provides the ability to create and manipulate tar archives. Description The sparsedumpregion function in sparse.c file in Tar allows an infinite loop using the --sparse option. Impact A local attacker could cause a Denial of Service condition by modifying a file that is...

4.7CVSS5.2AI score0.00526EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2018/03/19 12:0 a.m.136 views

Adobe Flash Player: Multiple vulnerabilities

Background The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Description Multiple vulnerabilities have been discovered in Adobe Flash Player. Please review the CVE identifiers referenced below for details. Impact A remote attacke...

10CVSS10AI score0.89618EPSS
Exploits19
Gentoo Linux
Gentoo Linux
added 2019/03/10 12:0 a.m.135 views

GNU Wget: Password and metadata leak

Background GNU Wget is a free software package for retrieving files using HTTP, HTTPS and FTP, the most widely-used Internet protocols. Description A vulnerability was discovered in GNU Wget’s filemetadata in xattr.c. Impact A local attacker could obtain sensitive information to include...

7.8CVSS8.6AI score0.00659EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2018/11/27 12:0 a.m.135 views

spice-gtk: Remote code execution

Background spice-gtk is a set of GObject and Gtk objects for connecting to Spice servers and a client GUI. Description A vulnerability was found in spice-gtk client due to the incorrect use of integer types and missing overflow checks. Impact An attacker, by enticing the user to join a malicious...

10CVSS4.9AI score0.05544EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2018/11/27 12:0 a.m.135 views

Tablib: Arbitrary command execution

Background Tablib is an MIT Licensed format-agnostic tabular dataset library, written in Python. It allows you to import, export, and manipulate tabular data sets. Description A vulnerability was discovered in Tablib’s Databook loading functionality, due to improper input validation. Impact A...

9.8CVSS9.1AI score0.0487EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2021/07/12 12:0 a.m.134 views

Xen: Multiple vulnerabilities

Background Xen is a bare-metal hypervisor. Description Multiple vulnerabilities have been discovered in Xen. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workaround at this time...

8.8CVSS7.7AI score0.01428EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2021/07/10 12:0 a.m.134 views

Binutils: Multiple vulnerabilities

Background The GNU Binutils are a collection of tools to create, modify and analyse binary files. Many of the files use BFD, the Binary File Descriptor library, to do low-level manipulation. Description Multiple vulnerabilities have been discovered in Binutils. Please review the CVE identifiers...

7.8CVSS7.1AI score0.01976EPSS
Exploits14
Gentoo Linux
Gentoo Linux
added 2021/05/26 12:0 a.m.134 views

OpenVPN: Authentication bypass

Background OpenVPN is a multi-platform, full-featured SSL VPN solution. Description It was discovered that OpenVPN incorrectly handled deferred authentication. Impact A remote attacker could bypass authentication and access control channel data and trigger further information leaks. Workaround...

7.5CVSS2.4AI score0.05107EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2018/11/26 12:0 a.m.133 views

MuPDF: Multiple vulnerabilities

Background A lightweight PDF, XPS, and E-book viewer. Description Multiple vulnerabilities have been discovered in MuPDF. Please review the CVE identifiers referenced below for details. Impact A remote attacker, by enticing a user to process a specially crafted file, could possibly execute...

7.8CVSS4.1AI score0.02733EPSS
Exploits11
Gentoo Linux
Gentoo Linux
added 2021/05/26 12:0 a.m.132 views

MySQL: Multiple vulnerabilities

Background MySQL is a popular multi-threaded, multi-user SQL server. Description Multiple vulnerabilities have been discovered in MySQL. Please review the CVE identifiers referenced below for details. Impact An attacker could possibly execute arbitrary code with the privileges of the process,...

8.1CVSS8.4AI score0.10093EPSS
Exploits4
Gentoo Linux
Gentoo Linux
added 2019/03/10 12:0 a.m.132 views

rdesktop: Multiple vulnerabilities

Background rdesktop is a Remote Desktop Protocol RDP Client. Description Multiple vulnerabilities have been discovered in rdesktop. Please review the CVE identifiers referenced below for details. Impact A remote attacker could cause a Denial of Service condition, obtain sensitive information, or...

9.8CVSS3.7AI score0.08214EPSS
Exploits9
Gentoo Linux
Gentoo Linux
added 2023/10/03 12:0 a.m.131 views

NVIDIA Drivers: Multiple Vulnerabilities

Background NVIDIA Drivers are NVIDIA's accelerated graphics driver. Description Multiple vulnerabilities have been discovered in NVIDIA Drivers. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no...

9.9CVSS7.4AI score0.01777EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2021/07/16 12:0 a.m.131 views

Apache Commons Collections: Remote code execution

Background Apache Commons Collections extends the JCF classes with new interfaces, implementations and utilities. Description Some classes in the Apache Commons Collections functor package deserialized potentially untrusted input by default. Impact Deserializing untrusted input using Apache Commo...

9.8CVSS5.7AI score0.17741EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2021/07/03 12:0 a.m.131 views

Background Graphviz is an open source graph visualization software. Description Multiple vulnerabilities have been discovered in Graphviz. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to process a specially crafted file using Graphvi...

7.8CVSS4.2AI score0.027EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2019/04/02 12:0 a.m.131 views

Mozilla Thunderbird and Firefox: Multiple vulnerabilities

Background Mozilla Thunderbird is a popular open-source email client from the Mozilla project. Mozilla Firefox is a popular open-source web browser from the Mozilla Project. Description Multiple vulnerabilities have been discovered in Mozilla Thunderbird and Firefox. Please review the referenced...

10CVSS2.7AI score0.29514EPSS
Exploits25
Gentoo Linux
Gentoo Linux
added 2021/07/06 12:0 a.m.130 views

glibc: Multiple vulnerabilities

Background glibc is a package that contains the GNU C library. Description Multiple vulnerabilities have been discovered in glibc. Please review the CVE identifiers referenced below for details. Impact An attacker could cause a possible Denial of Service condition. Workaround There is no known...

9.8CVSS7.8AI score0.03538EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2017/07/08 12:0 a.m.130 views

OpenSLP: Multiple vulnerabilities

Background OpenSLP is an open-source implementation of Service Location Protocol SLP. Description Multiple vulnerabilities have been discovered in OpenSLP. Please review the CVE identifiers referenced below for details. Impact A remote attacker could possibly cause a Denial of Service condition o...

9.8CVSS8.2AI score0.17223EPSS
Exploits6
Gentoo Linux
Gentoo Linux
added 2016/12/07 12:0 a.m.130 views

OpenSSH: Multiple vulnerabilities

Background OpenSSH is a complete SSH protocol implementation that includes SFTP client and server support. Description Multiple vulnerabilities have been discovered in OpenSSH. Please review the CVE identifiers referenced below for details. Impact Remote attackers could cause Denial of Service an...

9.8CVSS7.9AI score0.88944EPSS
Exploits25
Gentoo Linux
Gentoo Linux
added 2014/05/11 12:0 a.m.130 views

OpenSSH: Multiple vulnerabilities

Background OpenSSH is a complete SSH protocol implementation that includes an SFTP client and server support. Description Multiple vulnerabilities have been discovered in OpenSSH. Please review the CVE identifiers referenced below for details. Impact A remote attacker could execute arbitrary code...

7.5CVSS7.5AI score0.1651EPSS
Exploits7
Gentoo Linux
Gentoo Linux
added 2022/08/14 12:0 a.m.129 views

Chromium, Google Chrome, Microsoft Edge, QtWebEngine: Multiple Vulnerabilities

Background Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web. Google Chrome is one fast, simple, and secure browser for all your devices. Microsoft Edge is a browser that combines a minimal design with...

9.6CVSS2.6AI score0.64701EPSS
Exploits72
Gentoo Linux
Gentoo Linux
added 2020/03/15 12:0 a.m.129 views

Git: Multiple vulnerabilities

Background Git is a free and open source distributed version control system designed to handle everything from small to very large projects with speed and efficiency. Description Multiple vulnerabilities have been discovered in Git. Please review the CVE identifiers referenced below for details...

9.8CVSS2AI score0.34007EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2020/03/15 12:0 a.m.129 views

cURL: Multiple vulnerabilities

Background A command line tool and library for transferring data with URLs. Description Multiple vulnerabilities have been discovered in cURL. Please review the CVE identifiers referenced below for details. Impact A remote attacker could possibly execute arbitrary code with the privileges of the...

9.8CVSS3.5AI score0.49739EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2020/03/14 12:0 a.m.128 views

sudo: Multiple vulnerabilities

Background sudo su “do” allows a system administrator to delegate authority to give certain users or groups of users the ability to run some or all commands as root or another user while providing an audit trail of the commands and their arguments. Description Multiple vulnerabilities have been...

9CVSS9.3AI score0.63917EPSS
Exploits21
Gentoo Linux
Gentoo Linux
added 2019/09/08 12:0 a.m.128 views

Simple DirectMedia Layer: Multiple vulnerabilities

Background Simple DirectMedia Layer is a cross-platform development library designed to provide low level access to audio, keyboard, mouse, joystick, and graphics hardware via OpenGL and Direct3D. Description Multiple vulnerabilities have been discovered in Simple DirectMedia Layer. Please review...

8.8CVSS4.8AI score0.03299EPSS
Exploits11
Gentoo Linux
Gentoo Linux
added 2019/04/02 12:0 a.m.128 views

GlusterFS: Multiple Vulnerabilities

Background A free and open source software scalable network filesystem. Description Multiple vulnerabilities have been discovered in GlusterFS. Please review the referenced CVE identifiers for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known...

8.8CVSS2.4AI score0.05374EPSS
Exploits1
Total number of security vulnerabilities3816