Lucene search
K
GentooMost viewed

3816 matches found

Gentoo Linux
Gentoo Linux
added 2004/05/28 12:0 a.m.41 views

MPlayer, xine-lib: vulnerabilities in RTSP stream handling

Background MPlayer is a movie player capable of handling multiple multimedia file formats. xine-lib is a multimedia player library used by several graphical user interfaces, including xine-ui. They both use the same code to handle Real-Time Streaming Protocol RTSP streams from RealNetworks server...

10CVSS7.6AI score0.05116EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2004/04/07 12:0 a.m.41 views

Util-linux login may leak sensitive data

Background Util-linux is a suite of essential system utilites, including login, agetty, fdisk. Description In some situations the login program could leak sensitive data due to an incorrect usage of a reallocated pointer. NOTE: Only users who have PAM support disabled on their systems i.e. -PAM i...

5CVSS6.2AI score0.03332EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2003/12/12 12:0 a.m.41 views

GnuPG: ElGamal signing keys compromised and format string vulnerability

Background GnuPG is a popular open source signing and encryption tool. Description Two flaws have been found in GnuPG 1.2.3. First, ElGamal signing keys can be compromised. These keys are not commonly used, but this is "a significant security failure which can lead to a compromise of almost all...

5CVSS7.1AI score0.02854EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2024/05/08 12:0 a.m.40 views

ytnef: Multiple Vulnerabilities

Background ytnef is a TNEF stream reader for reading winmail.dat files. Description The TNEFSubjectHandler function in lib/ytnef.c allows remote attackers to cause a denial-of-service and potentially code execution due to a double free which can be triggered via a crafted file. The SwapWord...

7.8CVSS7.5AI score0.0193EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2024/05/04 12:0 a.m.40 views

Dalli: Code Injection

Background Dalli is a high performance pure Ruby client for accessing memcached servers. Description A vulnerability was found in Dalli. Affected is the function self.metaset of the file lib/dalli/protocol/meta/requestformatter.rb of the component Meta Protocol Handler. The manipulation leads to...

6.3CVSS7.2AI score0.01284EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2024/02/18 12:0 a.m.41 views

CUPS: Multiple Vulnerabilities

Background CUPS, the Common Unix Printing System, is a full-featured print server. Description Multiple vulnerabilities have been discovered in CUPS. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There i...

7.5CVSS7.6AI score0.01473EPSS
Exploits4
Gentoo Linux
Gentoo Linux
added 2024/02/04 12:0 a.m.40 views

OpenSSL: Multiple Vulnerabilities

Background OpenSSL is an Open Source toolkit implementing the Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 as well as a general purpose cryptography library. Description Multiple vulnerabilities have been discovered in OpenSSL. Please review the CVE identifiers referenced...

7.5CVSS7.7AI score0.73461EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2024/01/14 12:0 a.m.40 views

libgit2: Privilege Escalation Vulnerability

Background libgit2 is a portable, pure C implementation of the Git core methods provided as a re-entrant linkable library with a solid API. Description A vulnerability has been discovered in libgit2. Please review the CVE identifier referenced below for details. Impact Usages of a malicious craft...

7.8CVSS7.3AI score0.00445EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2023/12/28 12:0 a.m.40 views

libssh: Multiple Vulnerabilities

Background libssh is a multiplatform C library implementing the SSHv2 protocol on client and server side. Description Multiple vulnerabilities have been discovered in libssh. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for...

5.9CVSS7.6AI score0.93305EPSS
Exploits4
Gentoo Linux
Gentoo Linux
added 2023/11/25 12:0 a.m.40 views

multipath-tools: Multiple Vulnerabilities

Background multipath-tools are used to drive the Device Mapper multipathing driver. Description Multiple vulnerabilities have been discovered in multipath-tools. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details...

7.8CVSS7.7AI score0.00658EPSS
Exploits5
Gentoo Linux
Gentoo Linux
added 2023/10/04 12:0 a.m.40 views

glibc: Multiple vulnerabilities

Background glibc is a package that contains the GNU C library. Description Multiple vulnerabilities have been discovered in glibc. Please review the CVE identifiers referenced below for details. Impact An attacker could elevate privileges from a local user to root. Workaround There is no known...

7.8CVSS7.1AI score0.81422EPSS
Exploits31
Gentoo Linux
Gentoo Linux
added 2022/08/31 12:0 a.m.40 views

Oracle VirtualBox: Multiple Vulnerabilities

Background VirtualBox is a powerful virtualization product from Oracle. Description Multiple vulnerabilities have been discovered in VirtualBox. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no...

8.4CVSS3.6AI score0.0331EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2022/08/14 12:0 a.m.40 views

libebml: Heap buffer overflow vulnerability

Background libebml is a C++ library to parse EBML files. Description On 32bit builds of libebml, the length of a string is miscalculated, potentially leading to an exploitable heap overflow. Impact An attacker able to provide arbitrary input to libebml could achieve arbitrary code execution...

6.5CVSS3.4AI score0.01737EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2022/08/14 12:0 a.m.40 views

Puma: Multiple Vulnerabilities

Background Puma is a simple, fast, threaded, and highly concurrent HTTP 1.1 server for Ruby/Rack. Description Multiple vulnerabilities have been discovered in Puma. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details...

9.1CVSS1.3AI score0.0214EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2020/07/26 12:0 a.m.40 views

Mozilla Firefox: Multiple vulnerabilities

Background Mozilla Firefox is a popular open-source web browser from the Mozilla Project. Description Multiple vulnerabilities have been discovered in Mozilla Firefox. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details...

9.3CVSS3.2AI score0.03034EPSS
Exploits4
Gentoo Linux
Gentoo Linux
added 2020/06/15 12:0 a.m.40 views

OpenConnect: Multiple vulnerabilities

Background OpenConnect is a free client for Cisco AnyConnect SSL VPN software. Description Multiple vulnerabilities have been discovered in OpenConnect. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround Ther...

9.8CVSS2.4AI score0.04622EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2020/06/15 12:0 a.m.40 views

PEAR Archive_Tar: Remote code execution vulnerability

Background This class provides handling of tar files in PHP. Description An issue was discovered in the PEAR module ArchiveTar’s handling of file paths within Tar achives. Impact A local or remote attacker could possibly execute arbitrary code with the privileges of the process. Workaround Avoid...

8.8CVSS8.5AI score0.19207EPSS
Exploits5
Gentoo Linux
Gentoo Linux
added 2020/06/13 12:0 a.m.40 views

GNU Readline: Multiple vulnerabilities

Background The GNU Readline library provides a set of functions for use by applications that allow users to edit command lines as they are typed in. Description Multiple vulnerabilities have been discovered in GNU Readline. Please review the CVE identifiers referenced below for details. Impact...

3.1AI score
Exploits0
Gentoo Linux
Gentoo Linux
added 2020/04/10 12:0 a.m.40 views

Chromium, Google Chrome: Multiple vulnerabilities

Background Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web. Google Chrome is one fast, simple, and secure browser for all your devices. Description Multiple vulnerabilities have been discovered in Chromium and...

8.8CVSS1.8AI score0.01977EPSS
Exploits9
Gentoo Linux
Gentoo Linux
added 2020/04/01 12:0 a.m.40 views

HAProxy: Remote execution of arbitrary code

Background HAProxy is a TCP/HTTP reverse proxy for high availability environments. Description It was discovered that HAProxy incorrectly handled certain HTTP/2 headers. Impact A remote attacker could send a specially crafted HTTP/2 header, possibly resulting in execution of arbitrary code with t...

9.8CVSS4.2AI score0.03955EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2020/03/26 12:0 a.m.40 views

libvpx: User-assisted execution of arbitrary code

Background libvpx is the VP8 codec SDK used to encode and decode video streams, typically within a WebM format media file. Description Multiple vulnerabilities have been discovered in libvpx. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a...

7.5CVSS4.9AI score0.05092EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2020/03/19 12:0 a.m.40 views

ClamAV: Multiple vulnerabilities

Background ClamAV is a GPL virus scanner. Description Multiple vulnerabilities have been discovered in ClamAV. Please review the CVE identifiers referenced below for details. Impact A remote attacker could cause ClamAV to scan a specially crafted file, possibly resulting in a Denial of Service...

7.5CVSS3.7AI score0.03135EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2019/04/17 12:0 a.m.40 views

Patch: Multiple vulnerabilities

Background Patch takes a patch file containing a difference listing produced by the diff program and applies those differences to one or more original files, producing patched versions. Description Multiple vulnerabilities have been discovered in Patch. Please review the CVE identifiers reference...

7.8CVSS2.7AI score0.08585EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2018/03/07 12:0 a.m.40 views

util-linux: User-assisted execution of arbitrary code

Background util-linux is a suite of Linux programs including mount and umount, programs used to mount and unmount filesystems. Description It was discovered that the umount bash-completion as provided by util-linux does not escap mount point paths. Impact An attacker controlling a volume label...

7.8CVSS8.2AI score0.00457EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2018/02/19 12:0 a.m.40 views

Chromium, Google Chrome: Multiple vulnerabilities

Background Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web. Google Chrome is one fast, simple, and secure browser for all your devices. Description Multiple vulnerabilities have been discovered in Chromium and...

8.8CVSS8.5AI score0.08793EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2017/11/19 12:0 a.m.40 views

Adobe Flash Player: Multiple vulnerabilities

Background The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Description Multiple vulnerabilities have been discovered in Adobe Flash Player. Please review the referenced CVE identifiers and Adobe Security Bulletin for details...

10CVSS10AI score0.06518EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2017/11/11 12:0 a.m.40 views

LibXfont, LibXfont2: Multiple vulnerabilities

Background X.Org Xfont library Description Multiple vulnerabilities have been discovered in LibXfont and LibXfont2. Please review the referenced CVE identifiers for details. Impact Local attackers could obtain sensitive information or possibly cause a Denial of Service condition. Workaround There...

7.1CVSS7.4AI score0.00442EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2017/09/26 12:0 a.m.40 views

libTIFF: Multiple vulnerabilities

Background The TIFF library contains encoding and decoding routines for the Tag Image File Format. It is called by numerous programs, including GNOME and KDE applications, to interpret TIFF images. Description Multiple vulnerabilities have been discovered in LibTIFF. Please review the referenced...

9.8CVSS8.7AI score0.04427EPSS
Exploits8
Gentoo Linux
Gentoo Linux
added 2017/02/20 12:0 a.m.40 views

LibVNCServer/LibVNCClient: Multiple vulnerabilities

Background LibVNCServer/LibVNCClient are cross-platform C libraries that allow you to easily implement VNC server or client functionality in your program. Description Multiple vulnerabilities have been discovered in LibVNCServer and LibVNCClient. Please review the CVE identifiers referenced below...

9.8CVSS4.6AI score0.03748EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2017/02/20 12:0 a.m.40 views

TigerVNC: Buffer overflow

Background TigerVNC is a high-performance VNC server/client. Description A buffer overflow vulnerability in ModifiablePixelBuffer::fillRect in vncviewer was found. Impact A remote attacker, utilizing a malicious VNC server, could execute arbitrary code with the privileges of the user running the...

9.8CVSS9.8AI score0.04247EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2017/01/24 12:0 a.m.40 views

WebP: Multiple vulnerabilities

Background WebP is an image format employing both lossy and lossless compression. Description Multiple vulnerabilities have been discovered in WebP’s gif2webp tool. Please review the CVE identifier and bug reference for details. Impact A remote attacker, by enticing a user to process a specially...

3.3CVSS4.5AI score0.00425EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2017/01/19 12:0 a.m.40 views

CVS: Heap-based overflow

Background CVS Concurrent Versions System is an open-source network-transparent version control system. It contains both a client utility and a server. Description A heap-based buffer overflow was discovered in the proxyconnect function in src/client.c in CVS. Impact An attacker, utilizing a remo...

10CVSS7.7AI score0.08396EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2017/01/01 12:0 a.m.40 views

w3m: Multiple vulnerabilities

Background w3m is a text based WWW browser. Description Multiple vulnerabilities have been discovered in w3m. Please review the CVE identifiers referenced below for details. Impact A remote attacker could execute arbitrary code with the privileges of the process or cause a Denial of Service...

8.8CVSS3.6AI score0.03784EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2016/12/13 12:0 a.m.40 views

Bash: Arbitrary code execution

Background Bash is the standard GNU Bourne Again SHell. Description A vulnerability was found in the way Bash expands $HOSTNAME. Injecting malicious code into $HOSTNAME could cause it to run each time Bash expands \h in the prompt string. Impact A remote attacker controlling the system’s hostname...

7.5CVSS7.4AI score0.06019EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2016/12/08 12:0 a.m.40 views

Coreutils: Arbitrary code execution

Background The GNU Core Utilities are the basic file, shell and text manipulation utilities of the GNU operating system. Description A memory corruption flaw in GNU Coreutils’ parsedatetime function was reported. Applications using parsedatetime, such as touch or date, may accepted untrusted inpu...

7.5CVSS7.1AI score0.07087EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2016/10/11 12:0 a.m.40 views

MySQL and MariaDB: Multiple vulnerabilities

Background MySQL is a popular multi-threaded, multi-user SQL server. MariaDB is an enhanced, drop-in replacement for MySQL. Description Multiple vulnerabilities have been discovered in MySQL and MariaDB. Please review the CVE identifiers referenced below for details. Impact A remote attacker coul...

6.5CVSS7.1AI score0.06964EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2016/07/16 12:0 a.m.40 views

Cacti: Multiple vulnerabilities

Background Cacti is a complete frontend to rrdtool. Description Multiple vulnerabilities have been discovered in Cacti. Please review the CVE identifiers referenced below for details. Impact A remote attacker could possibly execute arbitrary code with the privileges of the process, or remote...

8.8CVSS9.5AI score0.10773EPSS
Exploits11
Gentoo Linux
Gentoo Linux
added 2016/04/26 12:0 a.m.40 views

Wireshark: Multiple vulnerabilities

Background Wireshark is a network protocol analyzer formerly known as ethereal. Description Multiple vulnerabilities have been discovered in Wireshark. Please review the CVE identifiers referenced below for details. Impact Remote attackers could cause Denial of Service and local attackers could...

7.8CVSS6.7AI score0.07142EPSS
Exploits15
Gentoo Linux
Gentoo Linux
added 2016/03/12 12:0 a.m.40 views

Libreswan: Multiple Vulnerabilities

Background Libreswan is a free software implementation of the most widely supported and standarized VPN protocol based on “IPsec” and the Internet Key Exchange “IKE”. Description The pluto IKE daemon in Libreswan, when built with NSS, allows remote attackers to cause a Denial of Service assertion...

5CVSS7.6AI score0.02765EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2016/03/09 12:0 a.m.40 views

Roundcube: Multiple Vulnerabilities

Background Free and open source webmail software for the masses, written in PHP. Description Remote authenticated users with certain permissions can read arbitrary files or possibly execute arbitrary code via .. in the skin parameter to index.php. Additionally, a cross-site scripting XSS...

7.5CVSS7.3AI score0.22212EPSS
Exploits5
Gentoo Linux
Gentoo Linux
added 2016/01/26 12:0 a.m.40 views

WebKitGTK+: Multiple vulnerabilities

Background WebKitGTK+ is a full-featured port of the WebKit rendering engine. Description Multiple vulnerabilities have been discovered in WebKitGTK+. Please review the CVE identifiers referenced below for details. Impact A remote attack can use multiple vectors to execute arbitrary code or cause...

6.8CVSS8.8AI score0.02762EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2015/10/31 12:0 a.m.40 views

tcpdump: Multiple vulnerabilities

Background tcpdump is a Tool for network monitoring and data acquisition. Description Multiple vulnerabilities have been discovered in tcpdump. Please review the CVE identifiers referenced below for details. Impact A remote attacker could possibly execute arbitrary code with the privileges of the...

7.5CVSS10.1AI score0.19028EPSS
Exploits5
Gentoo Linux
Gentoo Linux
added 2015/08/15 12:0 a.m.40 views

libgadu: Multiple vulnerabilities

Background libgadu is a library that implements the client side of the Gadu-Gadu protocol. Description libgadu contains multiple vulnerabilities: X.509 certificates are not properly validated CVE-2013-4488 A integer overflow error could lead to a buffer overflow CVE-2013-6487 Malformed responses...

7.5CVSS7.2AI score0.08174EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2015/07/10 12:0 a.m.40 views

MySQL: Multiple vulnerabilities

Background MySQL is a fast, multi-threaded, multi-user SQL database server. Description Multiple vulnerabilities have been discovered in MySQL. Please review the CVE identifiers referenced below for details. Impact A remote attacker could send a specially crafted request, possibly resulting in...

5.7CVSS7.8AI score0.09984EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2015/02/15 12:0 a.m.41 views

GNU cpio: Multiple vulnerabilities

Background GNU cpio copies files into or out of a cpio or tar archive. Description Two vulnerabilities have been discovered in GNU cpio: The listfile function in GNU cpio contains a heap-based buffer overflow vulnerability CVE-2014-9112 A directory traversal vulnerability has been found in GNU cp...

5CVSS7.6AI score0.07093EPSS
Exploits5
Gentoo Linux
Gentoo Linux
added 2014/08/29 12:0 a.m.40 views

stunnel: Information disclosure

Background The stunnel program is designed to work as an SSL encryption wrapper between a client and a local or remote server. Description stunnel does not properly update the state of the pseudo-random generator after fork-threading which causes subsequent children with the same process ID to us...

4.3CVSS7.3AI score0.02155EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2014/01/21 12:0 a.m.40 views

Poppler: Multiple vulnerabilities

Background Poppler is a cross-platform PDF rendering library originally based on Xpdf. Description Multiple vulnerabilities have been discovered in Poppler. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to open a specially crafted PDF...

7.5CVSS8.3AI score0.10483EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2014/01/10 12:0 a.m.40 views

libxslt: Denial of service

Background libxslt is the XSLT C library developed for the GNOME project. XSLT is an XML language to define transformations for XML. Description Multiple vulnerabilities have been found in libxslt: Multiple errors exist in pattern.c and functions.c CVE-2012-2870, CVE-2012-6139. A double-free erro...

6.8CVSS8.8AI score0.04286EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2013/09/25 12:0 a.m.40 views

Monkey HTTP Daemon: Multiple vulnerabilities

Background Monkey HTTP Daemon is a lightweight and powerful web server for GNU/Linux. Description Multiple vulnerabilities have been discovered in Monkey HTTP Daemon. Please review the CVE identifiers referenced below for details. Impact A remote attacker could send a specially crafted request,...

6.8CVSS7.5AI score0.20179EPSS
Exploits6
Gentoo Linux
Gentoo Linux
added 2013/01/09 12:0 a.m.40 views

ISC DHCP: Denial of service

Background ISC DHCP is a Dynamic Host Configuration Protocol DHCP client/server. Description Multiple vulnerabilities have been discovered in ISC DHCP. Please review the CVE identifiers referenced below for details. Impact The vulnerabilities might allow remote attackers to execute arbitrary code...

7.8CVSS8AI score0.84292EPSS
Exploits7
Total number of security vulnerabilities3816