Lucene search
K
GentooMost viewed

3816 matches found

Gentoo Linux
Gentoo Linux
•added 2015/12/17 12:0 a.m.•42 views

Dnsmasq: Denial of service

Background Dnsmasq is a lightweight, easy to configure DNS forwarder and DHCP server. Description An out-of-bounds read vulnerability has been found in the tcprequest function in Dnsmasq. Impact A remote attacker could send a specially crafted DNS request, possibly resulting in a Denial of Servic...

6.4CVSS9AI score0.04456EPSS
Exploits1
Gentoo Linux
Gentoo Linux
•added 2015/09/24 12:0 a.m.•42 views

NetworkManager: Denial of service

Background NetworkManager is an universal network configuration daemon for laptops, desktops, servers and virtualization hosts. Description IPv6 Neighbour Discovery ICMP broadcast containing a non-route with a low hop limit causes a Denial of Service by lowering the hop limit on existing IPv6...

3.3CVSS6.3AI score0.01204EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2015/04/11 12:0 a.m.•42 views

MySQL and MariaDB: Multiple vulnerabilities

Background MySQL is a popular multi-threaded, multi-user SQL server. MariaDB is an enhanced, drop-in replacement for MySQL. Description Multiple vulnerabilities have been discovered in MySQL and MariaDB. Please review the CVE identifiers referenced below for details. Impact A remote attacker coul...

7.5CVSS8.4AI score0.10066EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2014/12/24 12:0 a.m.•42 views

NTP: Multiple vulnerabilities

Background NTP is a protocol designed to synchronize the clocks of computers over a network. The net-misc/ntp package contains the official reference implementation by the NTP Project. Description Multiple vulnerabilities have been discovered in NTP. Please review the CVE identifiers referenced...

7.5CVSS8.2AI score0.7809EPSS
Exploits4
Gentoo Linux
Gentoo Linux
•added 2014/12/24 12:0 a.m.•42 views

RSYSLOG: Denial of service

Background RSYSLOG is an enhanced multi-threaded syslogd with database support and more. Description Multiple vulnerabilities have been discovered in RSYSLOG. Please review the CVE identifiers referenced below for details. Impact A context-dependent attacker may be able to create a Denial of...

7.5CVSS8.5AI score0.07546EPSS
Exploits2
Gentoo Linux
Gentoo Linux
•added 2014/12/12 12:0 a.m.•42 views

AMD64 x86 emulation base libraries: Multiple vulnerabilities

Background AMD64 x86 emulation base libraries provides pre-compiled 32-bit libraries. Description Multiple vulnerabilities have been discovered in AMD64 x86 emulation base libraries. Please review the CVE identifiers referenced below for details. Impact A context-dependent attacker may be able to...

9.8CVSS9AI score0.99999EPSS
Exploits107
Gentoo Linux
Gentoo Linux
•added 2014/05/18 12:0 a.m.•42 views

Apache Portable Runtime, APR Utility Library: Denial of service

Background The Apache Portable Runtime aka APR provides a set of APIs for creating platform-independent applications. The Apache Portable Runtime Utility Library aka APR-Util provides an interface to functionality such as XML parsing, string matching and database connections. Description Multiple...

5CVSS9.2AI score0.43346EPSS
Exploits5
Gentoo Linux
Gentoo Linux
•added 2014/05/17 12:0 a.m.•42 views

Ruby OpenID: Denial of service

Background Ruby OpenID is a robust library for verifying and serving OpenID identities. Description An XML entity parsing error has been discovered in Ruby OpenID. Impact A remote attacker could send a specially crafted XML file, possibly resulting in a Denial of Service condition. Workaround The...

4.3CVSS9.1AI score0.02132EPSS
Exploits1
Gentoo Linux
Gentoo Linux
•added 2014/01/29 12:0 a.m.•42 views

BIND: Denial of service

Background BIND is the Berkeley Internet Name Domain Server. Description Multiple vulnerabilities have been discovered in BIND. Please review the CVE identifiers referenced below for details. Impact A remote attacker may be able to cause a Denial of Service condition. Workaround There is no known...

7.8CVSS8.3AI score0.42851EPSS
Exploits5
Gentoo Linux
Gentoo Linux
•added 2014/01/19 12:0 a.m.•42 views

Perl, Locale Maketext Perl module: Multiple vulnerabilities

Background Perl is Larry Wall’s Practical Extraction and Report Language. Locale::Maketext is a Perl module - framework for localization. Description Multiple vulnerabilities have been discovered in Perl and Locale::Maketext Perl module. Please review the CVE identifiers referenced below for...

7.5CVSS9.2AI score0.04877EPSS
Exploits3
Gentoo Linux
Gentoo Linux
•added 2013/11/07 12:0 a.m.•42 views

Quassel: Multiple Vulnerabilities

Background Quassel is a Qt4/KDE4 IRC client suppporting a remote daemon for 24/7 connectivity. Description Two vulnerabilities have been found in Quassel: Quassel does not properly handle multiple CTCP requests CVE-2010-3443. Quassel, when used with certain versions of Qt and PostgreSQL, does not...

6.8CVSS8.4AI score0.0211EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2013/08/21 12:0 a.m.•42 views

PuTTY: Multiple Vulnerabilities

Background PuTTY is a telnet and SSH client. Description Multiple vulnerabilities have been discovered in PuTTY. Please review the CVE identifiers referenced below for details. Impact An attacker could entice a user to open connection to specially crafted SSH server, possibly resulting in executi...

6.8CVSS7.3AI score0.03447EPSS
Exploits1
Gentoo Linux
Gentoo Linux
•added 2012/06/24 12:0 a.m.•42 views

RPM: Multiple vulnerabilities

Background The Red Hat Package Manager RPM is a command line driven package management system capable of installing, uninstalling, verifying, querying, and updating computer software packages. Description Multiple vulnerabilities have been found in RPM: fsm.c fails to properly strip setuid and...

9.3CVSS9.2AI score0.06042EPSS
Exploits1
Gentoo Linux
Gentoo Linux
•added 2012/06/23 12:0 a.m.•42 views

GnuTLS: Multiple vulnerabilities

Background GnuTLS is an Open Source implementation of the TLS 1.2 and SSL 3.0 protocols. Description Multiple vulnerabilities have been found in GnuTLS: An error in libgnutls does not properly sanitize "\0" characters from certificate fields CVE-2009-2730. An error in the TLS and SSL protocols...

7.5CVSS9.1AI score0.87264EPSS
Exploits15
Gentoo Linux
Gentoo Linux
•added 2012/04/09 12:0 a.m.•42 views

VirtualBox: Multiple vulnerabilities

Background VirtualBox is a powerful virtualization product from Oracle. Description Multiple unspecified vulnerabilities have been discovered in VirtualBox. Please review the CVE identifiers referenced below for details. Impact A local attacker may be able to gain escalated privileges via unknown...

6.8CVSS6.8AI score0.00432EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2011/11/20 12:0 a.m.•42 views

TinTin++: Multiple vulnerabilities

Background TinTin++ is a free MUD gaming client. Description Multiple vulnerabilities have been discovered in TinTin++. Please review the CVE identifiers referenced below for details. Impact Remote unauthenticated attackers may be able to execute arbitrary code with the privileges of the TinTin++...

10CVSS7.8AI score0.15564EPSS
Exploits1
Gentoo Linux
Gentoo Linux
•added 2011/10/26 12:0 a.m.•43 views

libxml2: Multiple vulnerabilities

Background libxml2 is the XML C parser and toolkit developed for the Gnome project. Description Multiple vulnerabilities have been discovered in libxml2. Please review the CVE identifiers referenced below for details. Impact A local or remote attacker may be able to execute arbitrary code with th...

9.3CVSS8.6AI score0.13727EPSS
Exploits3
Gentoo Linux
Gentoo Linux
•added 2011/10/24 12:0 a.m.•42 views

Clam AntiVirus: Multiple vulnerabilities

Background Clam AntiVirus short: ClamAV is an anti-virus toolkit for UNIX, designed especially for e-mail scanning on mail gateways. Description Multiple vulnerabilities have been discovered in Clam AntiVirus. Please review the CVE identifiers referenced below for details. Impact An unauthenticat...

9.3CVSS7.4AI score0.06533EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2011/10/21 12:0 a.m.•42 views

D-Bus: Multiple vulnerabilities

Background D-Bus is a message bus system, a simple way for applications to talk to each other. Description Multiple vulnerabilities have been discovered in D-Bus. Please review the CVE identifiers referenced below for details. Impact The vulnerabilities allow for local Denial of Service daemon...

4.6CVSS6.8AI score0.0058EPSS
Exploits1
Gentoo Linux
Gentoo Linux
•added 2011/10/10 12:0 a.m.•42 views

Dovecot: Multiple vulnerabilities

Background Dovecot is an IMAP and POP3 server written with security primarily in mind. Description Multiple vulnerabilities have been discovered in Dovecot. Please review the CVE identifiers referenced below for details. Impact A remote attacker could exploit these vulnerabilities to cause the...

7.5CVSS7.2AI score0.0404EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2010/01/13 12:0 a.m.•42 views

VirtualBox: Multiple vulnerabilities

Background The VirtualBox family provides powerful x86 virtualization products. Description Thomas Biege of SUSE discovered multiple vulnerabilities: A shell metacharacter injection in popen CVE-2009-3692 and a possible buffer overflow in strncpy in the VBoxNetAdpCtl configuration tool. An...

7.2CVSS7AI score0.00729EPSS
Exploits6
Gentoo Linux
Gentoo Linux
•added 2009/11/25 12:0 a.m.•42 views

Wireshark: Multiple vulnerabilities

Background Wireshark is a versatile network protocol analyzer. Description Multiple vulnerabilities have been discovered in Wireshark: Ryan Giobbi reported an integer overflow in wiretap/erf.c CVE-2009-3829. The vendor reported multiple unspecified vulnerabilities in the Bluetooth L2CAP, RADIUS,...

9.3CVSS7.8AI score0.09698EPSS
Exploits5
Gentoo Linux
Gentoo Linux
•added 2009/03/09 12:0 a.m.•42 views

WebSVN: Multiple vulnerabilities

Background WebSVN is a web-based browsing tool for Subversion repositories written in PHP. Description James Bercegay of GulfTech Security reported a Cross-site scripting XSS vulnerability in the getParameterisedSelfUrl function in index.php CVE-2008-5918 and a directory traversal vulnerability i...

6.8CVSS6.2AI score0.06315EPSS
Exploits3
Gentoo Linux
Gentoo Linux
•added 2009/01/11 12:0 a.m.•42 views

NDISwrapper: Arbitrary remote code execution

Background NDISwrapper is a Linux kernel module that enables the use of Microsoft Windows drivers for wireless network devices. Description Anders Kaseorg reported multiple buffer overflows related to long ESSIDs. Impact A physically proximate attacker could send packets over a wireless network...

8.3CVSS6.9AI score0.02403EPSS
Exploits1
Gentoo Linux
Gentoo Linux
•added 2008/12/24 12:0 a.m.•42 views

VLC: Multiple vulnerabilities

Background VLC is a cross-platform media player and streaming server. Description Tobias Klein reported the following vulnerabilities: A stack-based buffer overflow when processing CUE image files in modules/access/vcd/cdrom.c CVE-2008-5032. A stack-based buffer overflow when processing RealText...

9.3CVSS7.3AI score0.41444EPSS
Exploits12
Gentoo Linux
Gentoo Linux
•added 2008/10/09 12:0 a.m.•42 views

Portage: Untrusted search path local root vulnerability

Background Portage is Gentoo's package manager which is responsible for installing, compiling and updating all packages on the system through the Gentoo rsync tree. Description The Gentoo Security Team discovered that several ebuilds, such as sys-apps/portage, net-mail/fetchmail or app-editors/le...

6.9CVSS6.8AI score0.00338EPSS
Exploits1
Gentoo Linux
Gentoo Linux
•added 2008/08/11 12:0 a.m.•42 views

UUDeview: Insecure temporary file creation

Background UUdeview is encoder and decoder supporting various binary formats. NZBGet is a command-line based binary newsgrabber supporting .nzb files. Description UUdeview makes insecure usage of the tempnam function when creating temporary files. NZBGet includes a copy of the vulnerable code...

4.4CVSS6.3AI score0.00322EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2008/05/29 12:0 a.m.•42 views

MPlayer: User-assisted execution of arbitrary code

Background MPlayer is a media player including support for a wide range of audio and video formats. Description ksOSe reported an integer overflow vulnerability in the sdpplinparse function in the file stream/realrtsp/sdpplin.c, which can be exploited to overwrite arbitrary memory regions via an...

10CVSS7.2AI score0.16802EPSS
Exploits1
Gentoo Linux
Gentoo Linux
•added 2008/05/14 12:0 a.m.•42 views

OpenOffice.org: Multiple vulnerabilities

Background OpenOffice.org is an open source office productivity suite, including word processing, spreadsheet, presentation, drawing, data charting, formula editing, and file conversion facilities. Description iDefense Labs reported multiple vulnerabilities in OpenOffice.org: multiple heap-based...

9.3CVSS8.7AI score0.57015EPSS
Exploits10
Gentoo Linux
Gentoo Linux
•added 2008/05/09 12:0 a.m.•42 views

InspIRCd: Denial of service

Background InspIRCd Inspire IRCd is a modular C++ IRC daemon. Description The "namesx" and "uhnames" modules do not properly validate network input, leading to a buffer overflow. Impact A remote attacker can send specially crafted IRC commands to the server, causing a Denial of Service. Workaroun...

5CVSS6.6AI score0.02276EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2008/05/05 12:0 a.m.•43 views

phpMyAdmin: Information disclosure

Background phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL databases from a web-browser. Description Cezary Tomczak reported that an undefined UploadDir variable exposes an information disclosure vulnerability when running on shared hosts. Impact A remote attack...

3.5CVSS6.1AI score0.01626EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2008/04/02 12:0 a.m.•42 views

bzip2: Denial of service

Background bzip2 is a free and open source lossless data compression program. Description The Oulu University discovered that bzip2 does not properly check offsets provided by the bzip2 file, leading to a buffer overread. Impact Remote attackers can entice a user or automated system to open a...

4.3CVSS6.7AI score0.04519EPSS
Exploits2
Gentoo Linux
Gentoo Linux
•added 2008/03/10 12:0 a.m.•42 views

Cacti: Multiple vulnerabilities

Background Cacti is a web-based network graphing and reporting tool. Description The following inputs are not properly sanitized before being processed: "viewtype" parameter in the file graph.php, "filter" parameter in the file graphview.php, "action" and "loginusername" parameters in the file...

7.5CVSS6.9AI score0.05246EPSS
Exploits3
Gentoo Linux
Gentoo Linux
•added 2008/02/11 12:0 a.m.•42 views

Gallery: Multiple vulnerabilities

Background Gallery is a web-based application for creating and viewing photo albums. Description The Gallery developement team reported and fixed critical vulnerabilities during an internal audit CVE-2007-6685, CVE-2007-6686, CVE-2007-6687, CVE-2007-6688, CVE-2007-6689, CVE-2007-6690,...

10CVSS7AI score0.02162EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2007/12/09 12:0 a.m.•42 views

Firebird: Multiple buffer overflows

Background Firebird is a multi-platfrom, open source relational database. Description Adriano Lima and Ramon de Carvalho Valle reported that functions iscattachdatabase and isccreatedatabase do not perform proper boundary checking when processing their input. Impact A remote attacker could send...

10CVSS7AI score0.07691EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2007/11/08 12:0 a.m.•42 views

3proxy: Denial of service

Background 3proxy is a really tiny cross-platform proxy servers set, including HTTP, HTTPS, FTP, SOCKS and POP3 support. Description 3proxy contains a double free vulnerability in the ftpprchild function, which frees param-hostname and calls the parsehostname function, which in turn attempts to...

5CVSS6.4AI score0.02079EPSS
Exploits1
Gentoo Linux
Gentoo Linux
•added 2007/11/07 12:0 a.m.•42 views

libpng: Multiple Denials of Service

Background libpng is a free ANSI C library used to process and manipulate PNG images. Description An off-by-one error when handling ICC profile chunks in the pngsetiCCP function was discovered CVE-2007-5266. George Cook and Jeff Phillips reported several errors in pngrtran.c, the use of logical...

5CVSS7.1AI score0.04769EPSS
Exploits1
Gentoo Linux
Gentoo Linux
•added 2007/11/06 12:0 a.m.•42 views

SiteBar: Multiple issues

Background SiteBar is a PHP application that allows users to store their bookmarks on a web server. Description Tim Brown discovered these multiple issues: the translation module does not properly sanitize the value to the "dir" parameter CVE-2007-5491, CVE-2007-5694; the translation module also...

9CVSS7AI score0.07563EPSS
Exploits5
Gentoo Linux
Gentoo Linux
•added 2007/10/30 12:0 a.m.•42 views

Opera: Multiple vulnerabilities

Background Opera is a multi-platform web browser. Description Michael A. Puls II discovered an unspecified flaw when launching external email or newsgroup clients CVE-2007-5541. David Bloom discovered that when displaying frames from different websites, the same-origin policy is not correctly...

9.3CVSS7.2AI score0.04543EPSS
Exploits1
Gentoo Linux
Gentoo Linux
•added 2007/10/07 12:0 a.m.•42 views

OpenSSL: Multiple vulnerabilities

Background OpenSSL is an implementation of the Secure Socket Layer and Transport Layer Security protocols. Description Moritz Jodeit reported an off-by-one error in the SSLgetsharedciphers function, resulting from an incomplete fix of CVE-2006-3738. A flaw has also been reported in the...

10CVSS8.9AI score0.48575EPSS
Exploits2
Gentoo Linux
Gentoo Linux
•added 2007/05/01 12:0 a.m.•42 views

FreeType: User-assisted execution of arbitrary code

Background FreeType is a True Type Font rendering library. Description Greg MacManus of iDefense Labs has discovered an integer overflow in the function bdfReadCharacters when parsing BDF fonts. Impact A remote attacker could entice a user to use a specially crafted BDF font, possibly resulting i...

8.5CVSS7.1AI score0.05586EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2007/04/22 12:0 a.m.•42 views

Aircrack-ng: Remote execution of arbitrary code

Background Aircrack-ng is an 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured. Description Jonathan So reported that the airodump-ng module does not correctly check the size of 802.11 authentication packets before copying them into a...

10CVSS7.5AI score0.19353EPSS
Exploits1
Gentoo Linux
Gentoo Linux
•added 2007/04/16 12:0 a.m.•42 views

Inkscape: Two format string vulnerabilities

Background Inkscape is a vector graphics editor, using Scalable Vector Graphics SVG Format. Description Kees Cook has discovered two vulnerabilities in Inkscape. The application does not properly handle format string specifiers in some dialog boxes. Inkscape is also vulnerable to another format...

6.8CVSS7.1AI score0.03364EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2007/03/30 12:0 a.m.•42 views

file: Integer underflow

Background file is a utility that guesses a file format by scanning binary data for patterns. Description Jean-Sebastien Guay-Leroux reported an integer underflow in fileprintf function. Impact A remote attacker could entice a user to run the "file" program on a specially crafted file that would...

9.3CVSS9.7AI score0.12226EPSS
Exploits1
Gentoo Linux
Gentoo Linux
•added 2007/01/12 12:0 a.m.•42 views

KDE kfile JPEG info plugin: Denial of service

Background The KDE kfile-info JPEG plugin provides meta-information about JPEG files. Description Marcus Meissner of the SUSE security team discovered a stack overflow vulnerability in the code processing EXIF information in the kfile JPEG info plugin. Impact A remote attacker could entice a user...

5CVSS6.5AI score0.02145EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2006/12/14 12:0 a.m.•42 views

GNU Radius: Format string vulnerability

Background GNU Radius is a GNU version of Radius, a server for remote user authentication and accounting. Description A format string vulnerability was found in the sqllog function from the SQL accounting code for radiusd. That function is only used if one or more of the "postgresql", "mysql" or...

10CVSS7.9AI score0.04997EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2006/11/10 12:0 a.m.•42 views

Netkit FTP Server: Privilege escalation

Background net-ftp/netkit-ftpd is the Linux Netkit FTP server with optional SSL support. Description Paul Szabo reported that an incorrect seteuid call after the chdir function can allow an attacker to access a normally forbidden directory, in some very particular circumstances, for example when...

4.6CVSS6.4AI score0.00368EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2006/10/30 12:0 a.m.•42 views

Asterisk: Multiple vulnerabilities

Background Asterisk is an open source implementation of a telephone private branch exchange PBX. Description Asterisk contains buffer overflows in channels/chanmgcp.c from the MGCP driver and in channels/chanskinny.c from the Skinny channel driver for Cisco SCCP phones. It also dangerously handle...

7.8CVSS7.3AI score0.84962EPSS
Exploits1
Gentoo Linux
Gentoo Linux
•added 2006/09/26 12:0 a.m.•42 views

Tikiwiki: Arbitrary command execution

Background Tikiwiki is a web-based groupware and content management system, developed with PHP, ADOdb and Smarty. Description A vulnerability in jhot.php allows for an unrestricted file upload to the img/wiki/ directory. Additionally, an XSS exists in the highlight parameter of...

7.5CVSS6.9AI score0.42596EPSS
Exploits8
Gentoo Linux
Gentoo Linux
•added 2006/06/11 12:0 a.m.•42 views

MySQL: SQL Injection

Background MySQL is a popular multi-threaded, multi-user SQL server. Description MySQL is vulnerable to an injection flaw in mysqlrealescape when used with multi-byte characters. Impact Due to a flaw in the multi-byte character process, an attacker is still able to inject arbitary SQL statements...

7.5CVSS7.4AI score0.03536EPSS
Exploits0
Total number of security vulnerabilities3816