Lucene search
K
GentooMost viewed

3816 matches found

Gentoo Linux
Gentoo Linux
added 2024/02/03 12:0 a.m.41 views

QtGui: Multiple Vulnerabilities

Background QtGui is a module for the Qt toolkit. Description Multiple vulnerabilities have been discovered in QtGui. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workaround at this tim...

7.5CVSS7.3AI score0.0306EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2023/12/28 12:0 a.m.41 views

libssh: Multiple Vulnerabilities

Background libssh is a multiplatform C library implementing the SSHv2 protocol on client and server side. Description Multiple vulnerabilities have been discovered in libssh. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for...

5.9CVSS7.6AI score0.93305EPSS
Exploits4
Gentoo Linux
Gentoo Linux
added 2023/10/30 12:0 a.m.41 views

Rack: Multiple Vulnerabilities

Background Rack is a modular Ruby web server interface. Description Multiple vulnerabilities have been discovered in Rack. Please review the CVE identifiers referenced below for details. Impact A possible denial of service vulnerability was found in the multipart parsing component of Rack. A...

10CVSS7.4AI score0.02056EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2022/11/22 12:0 a.m.41 views

Pillow: Multiple Vulnerabilities

Background The friendly PIL fork. Description Multiple vulnerabilities have been discovered in Pillow. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workaround at this time. Resolution...

9.8CVSS3.7AI score0.03399EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2022/02/20 12:0 a.m.41 views

Chromium, Google Chrome: Multiple vulnerabilities

Background Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web. Google Chrome is one, fast, simple, and secure browser for all your devices. Description Multiple vulnerabilities have been discovered in Chromium and...

9.6CVSS2AI score0.23546EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2020/07/26 12:0 a.m.41 views

Mozilla Firefox: Multiple vulnerabilities

Background Mozilla Firefox is a popular open-source web browser from the Mozilla Project. Description Multiple vulnerabilities have been discovered in Mozilla Firefox. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details...

9.3CVSS3.2AI score0.03034EPSS
Exploits4
Gentoo Linux
Gentoo Linux
added 2020/06/15 12:0 a.m.41 views

OpenConnect: Multiple vulnerabilities

Background OpenConnect is a free client for Cisco AnyConnect SSL VPN software. Description Multiple vulnerabilities have been discovered in OpenConnect. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround Ther...

9.8CVSS2.4AI score0.04622EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2020/06/15 12:0 a.m.41 views

PEAR Archive_Tar: Remote code execution vulnerability

Background This class provides handling of tar files in PHP. Description An issue was discovered in the PEAR module ArchiveTar’s handling of file paths within Tar achives. Impact A local or remote attacker could possibly execute arbitrary code with the privileges of the process. Workaround Avoid...

8.8CVSS8.5AI score0.19207EPSS
Exploits5
Gentoo Linux
Gentoo Linux
added 2020/04/10 12:0 a.m.41 views

Chromium, Google Chrome: Multiple vulnerabilities

Background Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web. Google Chrome is one fast, simple, and secure browser for all your devices. Description Multiple vulnerabilities have been discovered in Chromium and...

8.8CVSS1.8AI score0.01977EPSS
Exploits9
Gentoo Linux
Gentoo Linux
added 2020/04/01 12:0 a.m.41 views

HAProxy: Remote execution of arbitrary code

Background HAProxy is a TCP/HTTP reverse proxy for high availability environments. Description It was discovered that HAProxy incorrectly handled certain HTTP/2 headers. Impact A remote attacker could send a specially crafted HTTP/2 header, possibly resulting in execution of arbitrary code with t...

9.8CVSS4.2AI score0.03955EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2020/03/26 12:0 a.m.41 views

libvpx: User-assisted execution of arbitrary code

Background libvpx is the VP8 codec SDK used to encode and decode video streams, typically within a WebM format media file. Description Multiple vulnerabilities have been discovered in libvpx. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a...

7.5CVSS4.9AI score0.05092EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2020/03/19 12:0 a.m.41 views

ClamAV: Multiple vulnerabilities

Background ClamAV is a GPL virus scanner. Description Multiple vulnerabilities have been discovered in ClamAV. Please review the CVE identifiers referenced below for details. Impact A remote attacker could cause ClamAV to scan a specially crafted file, possibly resulting in a Denial of Service...

7.5CVSS3.7AI score0.03135EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2019/08/15 12:0 a.m.41 views

LibreOffice: Multiple vulnerabilities

Background LibreOffice is a powerful office suite; its clean interface and powerful tools let you unleash your creativity and grow your productivity. Description Multiple vulnerabilities have been discovered in LibreOffice. Please review the CVE identifiers referenced below for details. Impact...

9.8CVSS3.4AI score0.31215EPSS
Exploits5
Gentoo Linux
Gentoo Linux
added 2018/02/19 12:0 a.m.41 views

Chromium, Google Chrome: Multiple vulnerabilities

Background Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web. Google Chrome is one fast, simple, and secure browser for all your devices. Description Multiple vulnerabilities have been discovered in Chromium and...

8.8CVSS8.5AI score0.08793EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2018/01/07 12:0 a.m.41 views

Back In Time: Command injection

Background A simple backup tool for Linux, inspired by “flyback project”. Description ‘Back in Time’ did improper escaping/quoting of file paths used as arguments to the ‘notify-send’ command leading to some parts of file paths being executed as shell commands within an os.system call. Impact A...

9.3CVSS7.9AI score0.01462EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2017/12/14 12:0 a.m.41 views

WebKitGTK+: Multiple vulnerabilities

Background WebKitGTK+ is a full-featured port of the WebKit rendering engine, suitable for projects requiring any kind of web integration, from hybrid HTML/CSS applications to full-fledged web browsers. Description Multiple vulnerabilities have been discovered in WebKitGTK+. Please review the...

8.8CVSS9.2AI score0.06712EPSS
Exploits40
Gentoo Linux
Gentoo Linux
added 2017/11/19 12:0 a.m.41 views

Adobe Flash Player: Multiple vulnerabilities

Background The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Description Multiple vulnerabilities have been discovered in Adobe Flash Player. Please review the referenced CVE identifiers and Adobe Security Bulletin for details...

10CVSS10AI score0.06518EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2017/11/11 12:0 a.m.41 views

LibXfont, LibXfont2: Multiple vulnerabilities

Background X.Org Xfont library Description Multiple vulnerabilities have been discovered in LibXfont and LibXfont2. Please review the referenced CVE identifiers for details. Impact Local attackers could obtain sensitive information or possibly cause a Denial of Service condition. Workaround There...

7.1CVSS7.4AI score0.00442EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2017/11/10 12:0 a.m.41 views

X.Org Server: Multiple vulnerabilities

Background The X.Org project provides an open source implementation of the X Window System. Description Multiple vulnerabilities have been discovered in X.Org Server. Please review the referenced CVE identifiers for details. Impact Attackers could execute arbitrary code or cause a Denial of Servi...

9.8CVSS10AI score0.0437EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2017/02/20 12:0 a.m.41 views

LibVNCServer/LibVNCClient: Multiple vulnerabilities

Background LibVNCServer/LibVNCClient are cross-platform C libraries that allow you to easily implement VNC server or client functionality in your program. Description Multiple vulnerabilities have been discovered in LibVNCServer and LibVNCClient. Please review the CVE identifiers referenced below...

9.8CVSS4.6AI score0.03748EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2017/02/20 12:0 a.m.41 views

TigerVNC: Buffer overflow

Background TigerVNC is a high-performance VNC server/client. Description A buffer overflow vulnerability in ModifiablePixelBuffer::fillRect in vncviewer was found. Impact A remote attacker, utilizing a malicious VNC server, could execute arbitrary code with the privileges of the user running the...

9.8CVSS9.8AI score0.04247EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2017/01/24 12:0 a.m.41 views

WebP: Multiple vulnerabilities

Background WebP is an image format employing both lossy and lossless compression. Description Multiple vulnerabilities have been discovered in WebP’s gif2webp tool. Please review the CVE identifier and bug reference for details. Impact A remote attacker, by enticing a user to process a specially...

3.3CVSS4.5AI score0.00425EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2017/01/01 12:0 a.m.41 views

w3m: Multiple vulnerabilities

Background w3m is a text based WWW browser. Description Multiple vulnerabilities have been discovered in w3m. Please review the CVE identifiers referenced below for details. Impact A remote attacker could execute arbitrary code with the privileges of the process or cause a Denial of Service...

8.8CVSS3.6AI score0.03784EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2016/12/11 12:0 a.m.41 views

libmms: Remote execution of arbitrary code

Background libmms is a library for downloading streaming media files using the mmst and mmsh protocols. Description A heap-based buffer overflow was discovered in the getanswer function within mmsh.c of libmms. Impact A remote attacker might send a specially crafted MMS over HTTP MMSH response,...

7.5CVSS7.4AI score0.06147EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2016/10/11 12:0 a.m.41 views

MySQL and MariaDB: Multiple vulnerabilities

Background MySQL is a popular multi-threaded, multi-user SQL server. MariaDB is an enhanced, drop-in replacement for MySQL. Description Multiple vulnerabilities have been discovered in MySQL and MariaDB. Please review the CVE identifiers referenced below for details. Impact A remote attacker coul...

6.5CVSS7.1AI score0.06964EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2016/07/20 12:0 a.m.41 views

Exim: Arbitrary code execution

Background Exim is a message transfer agent MTA designed to be a a highly configurable, drop-in replacement for sendmail. Description Vulnerabilities have been discovered in Exim’s implementation of set-uid root and when using ‘perlstartup’. These vulnerabilities require a user account on the Exi...

4.6CVSS7.9AI score0.00487EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2015/02/15 12:0 a.m.42 views

GNU cpio: Multiple vulnerabilities

Background GNU cpio copies files into or out of a cpio or tar archive. Description Two vulnerabilities have been discovered in GNU cpio: The listfile function in GNU cpio contains a heap-based buffer overflow vulnerability CVE-2014-9112 A directory traversal vulnerability has been found in GNU cp...

5CVSS7.6AI score0.07093EPSS
Exploits5
Gentoo Linux
Gentoo Linux
added 2014/12/28 12:0 a.m.41 views

Asterisk: Multiple vulnerabilities

Background Asterisk is an open source telephony engine and toolkit. Description Multiple unspecified vulnerabilities have been discovered in Asterisk. Please review the CVE identifiers referenced below for details. Impact Unauthenticated remote attackers can cause Denial of Service or bypass...

9CVSS7.1AI score0.09525EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2014/12/28 12:0 a.m.41 views

Wireshark: Multiple vulnerabilities

Background Wireshark is a network protocol analyzer formerly known as ethereal. Description Multiple vulnerabilities have been discovered in Wireshark. Please review the CVE identifiers referenced below for details. Impact A remote attacker can cause a Denial of Service condition via specially...

5CVSS6.9AI score0.03409EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2014/12/26 12:0 a.m.41 views

LittleCMS: Denial of service

Background LittleCMS, or short lcms, is a color management system for working with ICC profiles. It is used by many applications including GIMP and Firefox. Description Multiple stack-based buffer overflows and a profile parser error have been found in LittleCMS. Impact A remote attacker could...

4.3CVSS7.1AI score0.04097EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2014/12/09 12:0 a.m.41 views

Clam AntiVirus: Denial of service

Background Clam AntiVirus is an open source GPL anti-virus toolkit for UNIX, designed especially for e-mail scanning on mail gateways. Description A heap-based buffer overflow exists in the cliscanpe function in libclamav/pe.c in ClamAV. Impact A remote attacker could possibly cause a Denial of...

5CVSS6.7AI score0.04878EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2014/11/27 12:0 a.m.41 views

Squid: Multiple vulnerabilities

Background Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Description An assertion failure in processing of SSL-Bump has been found in Squid. Heap based overflow is discovered when processing SNMP requests. Impact A remote attacker could send a specially crafted...

6.4CVSS7.1AI score0.76064EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2014/06/30 12:0 a.m.41 views

OpenLDAP: Multiple vulnerabilities

Background OpenLDAP is an LDAP suite of application and development tools. Description Multiple vulnerabilities have been discovered in OpenLDAP. Please review the CVE identifiers referenced below for details. Impact A remote attacker might employ a specially crafted certificate to conduct...

9.8CVSS9.2AI score0.29238EPSS
Exploits5
Gentoo Linux
Gentoo Linux
added 2014/05/17 12:0 a.m.41 views

Pango: Multiple vulnerabilities

Background Pango is an internationalized text layout and rendering library Description Multiple vulnerabilities have been discovered in Pango. Please review the CVE identifiers referenced below for details. Impact A context-dependent attacker could entice a user to load specially crafted text usi...

10CVSS7.5AI score0.18944EPSS
Exploits3
Gentoo Linux
Gentoo Linux
added 2014/05/03 12:0 a.m.41 views

Asterisk: Denial of service

Background Asterisk is an open source telephony engine and toolkit. Description Multiple vulnerabilities have been discovered in Asterisk. Please review the CVE identifiers and Asterisk Project Security Advisories referenced below for details. Impact A remote attacker could possibly cause a Denia...

7.5CVSS7.8AI score0.1639EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2012/09/25 12:0 a.m.41 views

Opera: Multiple vulnerabilities

Background Opera is a fast web browser that is available free of charge. Description Multiple vulnerabilities have been discovered in Opera. Please review the CVE identifiers and Opera Release Notes referenced below for details. Impact A remote attacker could entice a user to open a specially...

10CVSS6.7AI score0.02185EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2012/06/25 12:0 a.m.41 views

Postfix: Multiple vulnerabilities

Background Postfix is Wietse Venema’s mailer that attempts to be fast, easy to administer, and secure, as an alternative to the widely-used Sendmail program. Description A vulnerability have been discovered in Postfix. Please review the CVE identifier referenced below for details. Impact An...

6.8CVSS9.9AI score0.21646EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2012/06/22 12:0 a.m.41 views

virtualenv: Insecure temporary file usage

Background virtualenv is a virtual Python environment builder. Description The virtualenv.py script in virtualenv does not handle temporary files securely. Impact A local attacker could perform symlink attacks to overwrite arbitrary files with the privileges of the user running the application...

1.2CVSS6.2AI score0.00324EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2012/03/16 12:0 a.m.41 views

HPLIP: Multiple vulnerabilities

Background The Hewlett-Packard Linux Imaging and Printing system HPLIP provides drivers for HP's inkjet and laser printers, scanners and fax machines. Description Two vulnerabilities have been found in HPLIP: The "hpmudgetpml" function in pml.c contains a boundary error which could cause a...

7.5CVSS9AI score0.10806EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2012/03/06 12:0 a.m.41 views

Rack: Denial of service

Background Rack is a modular Ruby web server interface. Description Rack does not properly randomize hash functions to protect against hash collision attacks. Impact A remote attacker could send a specially crafted form post, possibly resulting in a Denial of Service condition. Workaround There i...

5CVSS6.3AI score0.04016EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2012/01/23 12:0 a.m.41 views

JasPer: User-assisted execution of arbitrary code

Background The JasPer Project is an open-source initiative to provide a free software-based reference implementation of the codec specified in the JPEG-2000 Part-1 jpeg2k standard. Description Two vulnerabilities have been found in JasPer: The jpccoxgetcompparms function in libjasper/jpc/jpccs.c...

6.8CVSS6.9AI score0.10618EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2011/11/20 12:0 a.m.41 views

Evince: Multiple vulnerabilities

Background Evince is a document viewer for multiple document formats, including PostScript. Description Multiple vulnerabilities have been discovered in Evince. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to load a DVI file with a...

7.6CVSS8.4AI score0.1427EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2011/10/13 12:0 a.m.41 views

feh: Multiple vulnerabilities

Background feh is a fast, lightweight imageviewer using imlib2. Description Multiple vulnerabilities have been discovered in feh. Please review the CVE identifiers referenced below for details. Impact A malicious entity might entice a user to visit a URL using the --wget-timestamp option, thus...

5.1CVSS6.9AI score0.06623EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2011/01/16 12:0 a.m.42 views

IO::Socket::SSL: Certificate validation error

Background IO::Socket::SSL is a Perl class implementing an object oriented interface to SSL sockets. Description The vendor reported that IO::Socket::SSL does not properly handle Common Name CN fields. Impact A remote attacker might employ a specially crafted certificate to conduct...

4.3CVSS6.2AI score0.00996EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2011/01/16 12:0 a.m.41 views

OpenAFS: Arbitrary code execution

Background OpenAFS is a distributed file system. Description Two vulnerabilities were discovered: Simon Wilkinson discovered from a bug report by Toby Blake that the cache manager of OpenAFS contains a heap-based buffer overflow which is related to the use of the ERRPTR macro CVE-2009-1250. A...

10CVSS8AI score0.06438EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2010/06/03 12:0 a.m.41 views

GD: User-assisted execution of arbitrary code

Background GD is a graphic library for fast image creation. Description Tomas Hoger reported that the gdGetColors function in gdgd.c does not properly verify the colorsTotal struct member, possibly leading to a buffer overflow. Impact A remote attacker could entice a user to open a specially...

9.3CVSS7.6AI score0.1021EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2010/01/03 12:0 a.m.41 views

NTP: Denial of service

Background NTP is a set of the Network Time Protocol programs. Description Robin Park and Dmitri Vinokurov discovered that ntprequest.c in ntpd does not handle MODEPRIVATE packets correctly, causing a continuous exchange of MODEPRIVATE error responses between two NTP daemons or causing high CPU...

6.4CVSS6.9AI score0.32288EPSS
Exploits3
Gentoo Linux
Gentoo Linux
added 2009/09/20 12:0 a.m.41 views

Dnsmasq: Multiple vulnerabilities

Background Dnsmasq is a lightweight, easy to configure DNS forwarder and DHCP server. It includes support for Trivial FTP TFTP. Description Multiple vulnerabilities have been reported in the TFTP functionality included in Dnsmasq: Pablo Jorge and Alberto Solino discovered a heap-based buffer...

6.8CVSS7.9AI score0.12684EPSS
Exploits8
Gentoo Linux
Gentoo Linux
added 2009/09/13 12:0 a.m.41 views

Wireshark: Denial of service

Background Wireshark is a versatile network protocol analyzer. Description Multiple vulnerabilities were discovered in Wireshark: A buffer overflow in the IPMI dissector related to an array index error CVE-2009-2559. Multiple unspecified vulnerabilities in the Bluetooth L2CAP, RADIUS, and MIOP...

7.1CVSS7.4AI score0.02928EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2009/08/07 12:0 a.m.41 views

libTIFF: User-assisted execution of arbitrary code

Background libTIFF provides support for reading and manipulating TIFF Tagged Image File Format images. Description Two vulnerabilities have been reported in libTIFF: wololo reported a buffer underflow in the LZWDecodeCompat function CVE-2009-2285. Tielei Wang of ICST-ERCIS, Peking University...

9.3CVSS8.7AI score0.07996EPSS
Exploits2
Total number of security vulnerabilities3816