Lucene search
K
GentooMost viewed

3816 matches found

Gentoo Linux
Gentoo Linux
added 2023/11/25 12:0 a.m.40 views

multipath-tools: Multiple Vulnerabilities

Background multipath-tools are used to drive the Device Mapper multipathing driver. Description Multiple vulnerabilities have been discovered in multipath-tools. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details...

7.8CVSS7.7AI score0.00658EPSS
Exploits5
Gentoo Linux
Gentoo Linux
added 2023/10/04 12:0 a.m.40 views

glibc: Multiple vulnerabilities

Background glibc is a package that contains the GNU C library. Description Multiple vulnerabilities have been discovered in glibc. Please review the CVE identifiers referenced below for details. Impact An attacker could elevate privileges from a local user to root. Workaround There is no known...

7.8CVSS7.1AI score0.81422EPSS
Exploits31
Gentoo Linux
Gentoo Linux
added 2023/09/30 12:0 a.m.40 views

wpa_supplicant, hostapd: Multiple Vulnerabilities

Background wpasupplicant is a WPA Supplicant with support for WPA and WPA2 IEEE 802.11i / RSN. hostapd is a user space daemon for access point and authentication servers. Description Multiple vulnerabilities have been discovered in hostapd and wpasupplicant. Please review the CVE identifiers...

9.8CVSS7.6AI score0.02944EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2022/08/31 12:0 a.m.40 views

Oracle VirtualBox: Multiple Vulnerabilities

Background VirtualBox is a powerful virtualization product from Oracle. Description Multiple vulnerabilities have been discovered in VirtualBox. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no...

8.4CVSS3.6AI score0.0331EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2022/08/14 12:0 a.m.40 views

libebml: Heap buffer overflow vulnerability

Background libebml is a C++ library to parse EBML files. Description On 32bit builds of libebml, the length of a string is miscalculated, potentially leading to an exploitable heap overflow. Impact An attacker able to provide arbitrary input to libebml could achieve arbitrary code execution...

6.5CVSS3.4AI score0.01737EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2022/08/14 12:0 a.m.40 views

Puma: Multiple Vulnerabilities

Background Puma is a simple, fast, threaded, and highly concurrent HTTP 1.1 server for Ruby/Rack. Description Multiple vulnerabilities have been discovered in Puma. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details...

9.1CVSS1.3AI score0.0214EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2020/07/26 12:0 a.m.40 views

NTP: Multiple vulnerabilities

Background NTP contains software for the Network Time Protocol. Description Multiple vulnerabilities have been discovered in NTP. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workaroun...

7.5CVSS2.5AI score0.04071EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2020/06/15 12:0 a.m.40 views

PCRE2: Denial of service

Background PCRE2 is a project based on PCRE Perl Compatible Regular Expressions which has a new and revised API. Description PCRE2 has a flaw when handling JIT-compiled regex using the \X pattern. Impact An attacker could cause a possible Denial of Service condition. Workaround There is no known...

7.5CVSS2.5AI score0.01561EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2020/06/13 12:0 a.m.40 views

GNU Readline: Multiple vulnerabilities

Background The GNU Readline library provides a set of functions for use by applications that allow users to edit command lines as they are typed in. Description Multiple vulnerabilities have been discovered in GNU Readline. Please review the CVE identifiers referenced below for details. Impact...

3.1AI score
Exploits0
Gentoo Linux
Gentoo Linux
added 2020/06/10 12:0 a.m.40 views

Chromium, Google Chrome: Multiple vulnerabilities

Background Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web. Google Chrome is one fast, simple, and secure browser for all your devices. Description Multiple vulnerabilities have been discovered in Chromium and...

9.6CVSS1.9AI score0.06414EPSS
Exploits13
Gentoo Linux
Gentoo Linux
added 2020/05/14 12:0 a.m.40 views

Xen: Multiple vulnerabilities

Background Xen is a bare-metal hypervisor. Description Multiple vulnerabilities have been discovered in Xen. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workaround at this time...

8.8CVSS3.3AI score0.00527EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2020/05/12 12:0 a.m.40 views

Squid: Multiple vulnerabilities

Background Squid is a full-featured Web proxy cache designed to run on Unix systems. It supports proxying and caching of HTTP, FTP, and other URLs, as well as SSL support, cache hierarchies, transparent caching, access control lists and many other features. Description Multiple vulnerabilities ha...

9.8CVSS0.4AI score0.27246EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2019/08/15 12:0 a.m.40 views

polkit: Multiple vulnerabilities

Background polkit is a toolkit for managing policies relating to unprivileged processes communicating with privileged processes. Description Multiple vulnerabilities have been discovered in polkit. Please review the CVE identifiers referenced below for details. Impact Please review the referenced...

9CVSS3.4AI score0.11483EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2019/04/17 12:0 a.m.40 views

Patch: Multiple vulnerabilities

Background Patch takes a patch file containing a difference listing produced by the diff program and applies those differences to one or more original files, producing patched versions. Description Multiple vulnerabilities have been discovered in Patch. Please review the CVE identifiers reference...

7.8CVSS2.7AI score0.08585EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2018/03/07 12:0 a.m.40 views

util-linux: User-assisted execution of arbitrary code

Background util-linux is a suite of Linux programs including mount and umount, programs used to mount and unmount filesystems. Description It was discovered that the umount bash-completion as provided by util-linux does not escap mount point paths. Impact An attacker controlling a volume label...

7.8CVSS8.2AI score0.00457EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2017/09/26 12:0 a.m.40 views

libTIFF: Multiple vulnerabilities

Background The TIFF library contains encoding and decoding routines for the Tag Image File Format. It is called by numerous programs, including GNOME and KDE applications, to interpret TIFF images. Description Multiple vulnerabilities have been discovered in LibTIFF. Please review the referenced...

9.8CVSS8.7AI score0.04427EPSS
Exploits8
Gentoo Linux
Gentoo Linux
added 2017/06/20 12:0 a.m.40 views

GNU Wget: Header injection

Background GNU Wget is a free software package for retrieving files using HTTP, HTTPS and FTP, the most widely-used Internet protocols. Description It was discovered that there was a header injection vulnerability in GNU Wget which allowed remote attackers to inject arbitrary HTTP headers via CRL...

6.1CVSS7.2AI score0.03086EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2017/01/01 12:0 a.m.40 views

Open vSwitch: Remote execution of arbitrary code

Background Open vSwitch is a production quality multilayer virtual switch. Description A buffer overflow was discovered in lib/flow.c in ovs-vswitchd. Impact A remote attacker, using a specially crafted MPLS packet, could execute arbitrary code. Workaround There is no known workaround at this tim...

9.8CVSS5.9AI score0.06279EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2016/12/13 12:0 a.m.40 views

SQUASHFS: Multiple vulnerabilities

Background Squashfs is a compressed read-only filesystem for Linux. Squashfs is intended for general read-only filesystem use, for archival use i.e. in cases where a .tar.gz file may be used, and in constrained block device/memory systems e.g. embedded systems where low overhead is needed...

6.8CVSS7.3AI score0.04047EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2016/10/29 12:0 a.m.40 views

GNU Wget: Multiple vulnerabilities

Background GNU Wget is a free software package for retrieving files using HTTP, HTTPS and FTP, the most widely-used Internet protocols. Description Multiple vulnerabilities have been discovered in Wget. Please review the CVE identifier and bug reports referenced for details. Impact A remote...

8.8CVSS1AI score0.45935EPSS
Exploits8
Gentoo Linux
Gentoo Linux
added 2016/10/11 12:0 a.m.40 views

MySQL and MariaDB: Multiple vulnerabilities

Background MySQL is a popular multi-threaded, multi-user SQL server. MariaDB is an enhanced, drop-in replacement for MySQL. Description Multiple vulnerabilities have been discovered in MySQL and MariaDB. Please review the CVE identifiers referenced below for details. Impact A remote attacker coul...

6.5CVSS7.1AI score0.06964EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2016/07/16 12:0 a.m.40 views

Cacti: Multiple vulnerabilities

Background Cacti is a complete frontend to rrdtool. Description Multiple vulnerabilities have been discovered in Cacti. Please review the CVE identifiers referenced below for details. Impact A remote attacker could possibly execute arbitrary code with the privileges of the process, or remote...

8.8CVSS9.5AI score0.10773EPSS
Exploits11
Gentoo Linux
Gentoo Linux
added 2016/04/26 12:0 a.m.40 views

Wireshark: Multiple vulnerabilities

Background Wireshark is a network protocol analyzer formerly known as ethereal. Description Multiple vulnerabilities have been discovered in Wireshark. Please review the CVE identifiers referenced below for details. Impact Remote attackers could cause Denial of Service and local attackers could...

7.8CVSS6.7AI score0.07142EPSS
Exploits15
Gentoo Linux
Gentoo Linux
added 2016/03/12 12:0 a.m.40 views

Libreswan: Multiple Vulnerabilities

Background Libreswan is a free software implementation of the most widely supported and standarized VPN protocol based on “IPsec” and the Internet Key Exchange “IKE”. Description The pluto IKE daemon in Libreswan, when built with NSS, allows remote attackers to cause a Denial of Service assertion...

5CVSS7.6AI score0.02765EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2016/03/09 12:0 a.m.40 views

Roundcube: Multiple Vulnerabilities

Background Free and open source webmail software for the masses, written in PHP. Description Remote authenticated users with certain permissions can read arbitrary files or possibly execute arbitrary code via .. in the skin parameter to index.php. Additionally, a cross-site scripting XSS...

7.5CVSS7.3AI score0.22212EPSS
Exploits5
Gentoo Linux
Gentoo Linux
added 2016/01/26 12:0 a.m.40 views

WebKitGTK+: Multiple vulnerabilities

Background WebKitGTK+ is a full-featured port of the WebKit rendering engine. Description Multiple vulnerabilities have been discovered in WebKitGTK+. Please review the CVE identifiers referenced below for details. Impact A remote attack can use multiple vectors to execute arbitrary code or cause...

6.8CVSS8.8AI score0.02762EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2015/08/15 12:0 a.m.40 views

libgadu: Multiple vulnerabilities

Background libgadu is a library that implements the client side of the Gadu-Gadu protocol. Description libgadu contains multiple vulnerabilities: X.509 certificates are not properly validated CVE-2013-4488 A integer overflow error could lead to a buffer overflow CVE-2013-6487 Malformed responses...

7.5CVSS7.2AI score0.08174EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2014/12/31 12:0 a.m.40 views

MIT Kerberos 5: User-assisted execution of arbitrary code

Background MIT Kerberos 5 is a suite of applications that implement the Kerberos network protocol. Description Multiple vulnerabilities have been discovered in MIT Kerberos 5. Please review the CVE identifiers referenced below for details. Impact A remote attacker could execute arbitrary code wit...

8.5CVSS8.2AI score0.08085EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2014/12/22 12:0 a.m.40 views

PowerDNS Recursor: Multiple vulnerabilities

Background PowerDNS Recursor is a high-end, high-performance resolving name server Description Multiple vulnerabilities have been discovered in PowerDNS Recursor. Please review the CVE identifiers and PowerDNS blog post referenced below for details. Impact A remote attacker may be able to send...

10CVSS7.6AI score0.73532EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2014/08/29 12:0 a.m.40 views

stunnel: Information disclosure

Background The stunnel program is designed to work as an SSL encryption wrapper between a client and a local or remote server. Description stunnel does not properly update the state of the pseudo-random generator after fork-threading which causes subsequent children with the same process ID to us...

4.3CVSS7.3AI score0.02155EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2014/05/17 12:0 a.m.40 views

Pango: Multiple vulnerabilities

Background Pango is an internationalized text layout and rendering library Description Multiple vulnerabilities have been discovered in Pango. Please review the CVE identifiers referenced below for details. Impact A context-dependent attacker could entice a user to load specially crafted text usi...

10CVSS7.5AI score0.18944EPSS
Exploits3
Gentoo Linux
Gentoo Linux
added 2014/02/21 12:0 a.m.40 views

libTIFF: Multiple vulnerabilities

Background libTIFF provides support for reading and manipulating TIFF Tagged Image File Format images. Description Multiple vulnerabilities have been discovered in libTIFF. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to open a...

9.3CVSS9.9AI score0.13521EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2014/01/21 12:0 a.m.40 views

Poppler: Multiple vulnerabilities

Background Poppler is a cross-platform PDF rendering library originally based on Xpdf. Description Multiple vulnerabilities have been discovered in Poppler. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to open a specially crafted PDF...

7.5CVSS8.3AI score0.10483EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2014/01/10 12:0 a.m.40 views

libxslt: Denial of service

Background libxslt is the XSLT C library developed for the GNOME project. XSLT is an XML language to define transformations for XML. Description Multiple vulnerabilities have been found in libxslt: Multiple errors exist in pattern.c and functions.c CVE-2012-2870, CVE-2012-6139. A double-free erro...

6.8CVSS8.8AI score0.04286EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2013/09/25 12:0 a.m.40 views

Monkey HTTP Daemon: Multiple vulnerabilities

Background Monkey HTTP Daemon is a lightweight and powerful web server for GNU/Linux. Description Multiple vulnerabilities have been discovered in Monkey HTTP Daemon. Please review the CVE identifiers referenced below for details. Impact A remote attacker could send a specially crafted request,...

6.8CVSS7.5AI score0.20179EPSS
Exploits6
Gentoo Linux
Gentoo Linux
added 2013/01/08 12:0 a.m.40 views

Tor: Multiple vulnerabilities

Background Tor is an implementation of second generation Onion Routing, a connection-oriented anonymizing communication service. Description Multiple vulnerabilities have been discovered in Tor. Please review the CVE identifiers referenced below for details. Impact A remote attacker could cause a...

5CVSS6.7AI score0.03146EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2012/09/26 12:0 a.m.40 views

SQLAlchemy: SQL injection

Background SQLAlchemy is a Python SQL toolkit and Object Relational Mapper. Description SQLAlchemy does not properly sanitize input passed from the “limit” and “offset” keywords to the select function before using it in an SQL query. Impact A remote attacker could exploit this vulnerability to...

7.5CVSS7.2AI score0.02862EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2012/09/26 12:0 a.m.40 views

file: Denial of service

Background file is a utility that guesses a file format by scanning binary data for patterns. Description Multiple out-of-bounds read errors and invalid pointer dereference errors have been found in cdf.c. Impact A remote attacker could entice a user to open a specially crafted Composite Document...

4.3CVSS6.5AI score0.04117EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2012/06/25 12:0 a.m.40 views

Postfix: Multiple vulnerabilities

Background Postfix is Wietse Venema’s mailer that attempts to be fast, easy to administer, and secure, as an alternative to the widely-used Sendmail program. Description A vulnerability have been discovered in Postfix. Please review the CVE identifier referenced below for details. Impact An...

6.8CVSS9.9AI score0.21646EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2012/06/25 12:0 a.m.40 views

mount-cifs: Multiple vulnerabilites

Background mount-cifs is the cifs filesystem mount helper split from Samba. Description Multiple vulnerabilities have been discovered in mount-cifs. Please review the CVE identifiers referenced below for details. Impact The vulnerabilities allow local users to cause a denial of service mtab...

4.4CVSS6.3AI score0.00522EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2012/03/06 12:0 a.m.40 views

Puppet: Multiple vulnerabilities

Background Puppet is a system configuration management tool written in Ruby. Description Multiple vulnerabilities have been discovered in Puppet. Please review the CVE identifiers referenced below for details. Impact A local attacker could gain elevated privileges, or access and modify arbitrary...

6.9CVSS7.1AI score0.02454EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2012/01/23 12:0 a.m.40 views

MIT Kerberos 5 Applications: Multiple vulnerabilities

Background A suite of applications that implement the Kerberos 5 network protocol from MIT. Description Multiple vulnerabilities have been discovered in MIT Kerberos 5 Applications: An error in the FTP daemon prevents it from dropping its initial effective group identifier CVE-2011-1526. A bounda...

10CVSS8.4AI score0.95104EPSS
Exploits19
Gentoo Linux
Gentoo Linux
added 2012/01/23 12:0 a.m.40 views

FreeType: Multiple vulnerabilities

Background FreeType is a high-quality and portable font engine. Description Multiple vulnerabilities have been discovered in FreeType. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to open a specially crafted font, possibly resulting ...

9.3CVSS8.4AI score0.30653EPSS
Exploits15
Gentoo Linux
Gentoo Linux
added 2012/01/23 12:0 a.m.40 views

Firewall Builder: Privilege escalation

Background Firewall Builder is a GUI for easy management of multiple firewall platforms. Description Two vulnerabilities in Firewall Builder allow the iptables and fwbinstall scripts to use temporary files insecurely. Impact A local attacker could possibly overwrite arbitrary files with the...

6.9CVSS6.5AI score0.00411EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2012/01/08 12:0 a.m.40 views

Chromium, V8: Multiple vulnerabilities

Background Chromium is an open source web browser project. V8 is Google's open source JavaScript engine. Description Multiple vulnerabilities have been discovered in Chromium and V8. Please review the CVE identifiers and release notes referenced below for details. Impact A context-dependent...

7.5CVSS7.5AI score0.01874EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2010/06/01 12:0 a.m.40 views

Wireshark: Multiple vulnerabilities

Background Wireshark is a versatile network protocol analyzer. Description Multiple vulnerabilities were found in the Daintree SNA file parser, the SMB, SMB2, IPMI, and DOCSIS dissectors. For further information please consult the CVE entries referenced below. Impact A remote attacker could cause...

9.3CVSS7.4AI score0.06768EPSS
Exploits3
Gentoo Linux
Gentoo Linux
added 2009/07/12 12:0 a.m.40 views

Adobe Reader: User-assisted execution of arbitrary code

Background Adobe Reader is a PDF reader released by Adobe. Description Multiple vulnerabilities have been reported in Adobe Reader: Alin Rad Pop of Secunia Research reported a heap-based buffer overflow in the JBIG2 filter CVE-2009-0198. Mark Dowd of the IBM Internet Security Systems X-Force and...

10CVSS8.7AI score0.25522EPSS
Exploits11
Gentoo Linux
Gentoo Linux
added 2009/05/02 12:0 a.m.40 views

Asterisk: Multiple vulnerabilities

Background Asterisk is an open source telephony engine and toolkit. Description Multiple vulnerabilities have been discovered in the IAX2 channel driver when performing the 3-way handshake CVE-2008-1897, when handling a large number of POKE requests CVE-2008-3263, when handling authentication...

7.8CVSS7.2AI score0.28EPSS
Exploits6
Gentoo Linux
Gentoo Linux
added 2009/04/14 12:0 a.m.40 views

Ventrilo: Denial of service

Background Ventrilo is a Voice over IP group communication server. Description Luigi Auriemma reported a NULL pointer dereference in Ventrilo when processing packets with an invalid version number followed by another packet. Impact A remote attacker could send specially crafted packets to the...

5CVSS6.3AI score0.09812EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2009/04/08 12:0 a.m.40 views

MIT Kerberos 5: Multiple vulnerabilities

Background MIT Kerberos 5 is a suite of applications that implement the Kerberos network protocol. kadmind is the MIT Kerberos 5 administration daemon, KDC is the Key Distribution Center. Description Multiple vulnerabilities have been reported in MIT Kerberos 5: A free call on an uninitialized...

10CVSS8.1AI score0.08898EPSS
Exploits3
Total number of security vulnerabilities3816