Lucene search
K
GentooMost viewed

3816 matches found

Gentoo Linux
Gentoo Linux
•added 2017/10/29 12:0 a.m.•38 views

X.Org Server: Multiple vulnerabilities

Background The X.Org project provides an open source implementation of the X Window System. Description Multiple vulnerabilities have been discovered in X.Org Server. Please review the referenced CVE identifiers for details. Impact A local attacker could cause a global buffer overflow or a Denial...

7.8CVSS7.4AI score0.02879EPSS
Exploits3
Gentoo Linux
Gentoo Linux
•added 2017/06/20 12:0 a.m.•38 views

GNU Wget: Header injection

Background GNU Wget is a free software package for retrieving files using HTTP, HTTPS and FTP, the most widely-used Internet protocols. Description It was discovered that there was a header injection vulnerability in GNU Wget which allowed remote attackers to inject arbitrary HTTP headers via CRL...

6.1CVSS7.2AI score0.03086EPSS
Exploits1
Gentoo Linux
Gentoo Linux
•added 2017/06/06 12:0 a.m.•38 views

minicom: Remote execution of arbitrary code

Background Minicom is a text-based serial port communications program. Description In minicom before version 2.7.1, the escparms buffer in vt100.c is vulnerable to an overflow. Impact A remote attacker, able to connect to a minicom port, could possibly execute arbitrary code with the privileges o...

9.8CVSS6.2AI score0.02757EPSS
Exploits1
Gentoo Linux
Gentoo Linux
•added 2017/01/23 12:0 a.m.•38 views

T1Lib: : Multiple vulnerabilities

Background T1Lib is a library for rasterizing bitmaps from Adobe Type 1 fonts. Description Multiple vulnerabilities have been discovered in T1Lib. Please review the CVE identifiers referenced below for details. Impact Remote attackers, by coercing users to process specially crafted AFM font or PD...

7.6CVSS8.5AI score0.1427EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2016/12/13 12:0 a.m.•38 views

GPL Ghostscript: User-assisted execution of arbitrary code

Background Ghostscript is an interpreter for the PostScript language and for PDF. Description An integer overflow flaw was discovered that leads to an out-of-bounds read and write in gsttf.ps. Impact A remote attacker could entice a user to open a specially crafted file, possibly resulting in the...

6.8CVSS7.1AI score0.03748EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2016/12/12 12:0 a.m.•38 views

exFAT: Multiple vulnerabilities

Background A full-featured exFAT file system implementation for Unix-like systems. Description Two vulnerabilities were found in exFAT. A malformed input can cause a write heap overflow or cause an endless loop. Impact Remote attackers could execute arbitrary code or cause Denial of Service...

7.8CVSS8.5AI score0.04451EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2016/11/22 12:0 a.m.•38 views

TestDisk: User-assisted execution of arbitrary code

Background TestDisk is powerful free data recovery software! It was primarily designed to help recover lost partitions and/or make non-booting disks bootable again when these symptoms are caused by faulty software: certain types of viruses or human error such as accidentally deleting a Partition...

2.6AI score
Exploits0
Gentoo Linux
Gentoo Linux
•added 2016/06/26 12:0 a.m.•38 views

FreeXL: Multiple vulnerabilities

Background FreeXL is an open source library to extract valid data from within an Excel .xls spreadsheet. Description FreeXL’s shared strings and workbook functions are vulnerable to the remote execution of arbitrary code and Denial of Service. This can be achieved through specially crafted...

6.8CVSS7.4AI score0.03364EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2016/05/14 12:0 a.m.•38 views

Chromium: Multiple vulnerabilities

Background Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web. Description Multiple vulnerabilities have been discovered in the Chromium web browser. Please review the CVE identifiers referenced below for details...

10CVSS1.4AI score0.4811EPSS
Exploits3
Gentoo Linux
Gentoo Linux
•added 2016/02/27 12:0 a.m.•38 views

libwmf: Multiple vulnerabilities

Background libwmf is a library for converting WMF files. Description Multiple vulnerabilities have been discovered in libwmf. Please review the CVE identifiers referenced below for details. Impact A remote attacker could possibly execute arbitrary code with the privileges of the process or cause...

6.8CVSS8.1AI score0.09221EPSS
Exploits3
Gentoo Linux
Gentoo Linux
•added 2015/07/10 12:0 a.m.•38 views

Perl: Denial of service

Background Perl is a highly capable, feature-rich programming language. Description Sregmatch function lacks proper checks before passing arguments to atoi Impact A remote attacker could send a specially crafted input, possibly resulting in a Denial of Service condition. Workaround There is no...

7.5CVSS7.6AI score0.03045EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2015/04/17 12:0 a.m.•38 views

X.Org X Server: Multiple vulnerabilities

Background The X Window System is a graphical windowing system based on a client/server model. Description Multiple vulnerabilities have been discovered in X.Org X Server. Please review the CVE identifiers referenced below for details. Impact A remote attacker could possibly execute arbitrary cod...

6.5CVSS7.8AI score0.05192EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2014/12/13 12:0 a.m.•38 views

D-Bus: Multiple Vulnerabilities

Background D-Bus is a message bus system, a simple way for applications to talk to one another. Description Multiple vulnerabilities have been discovered in D-Bus. Please review the CVE identifiers referenced below for details. Impact A local attacker could possibly cause a Denial of Service...

4.4CVSS7AI score0.00594EPSS
Exploits1
Gentoo Linux
Gentoo Linux
•added 2014/09/19 12:0 a.m.•38 views

Adobe Flash Player: Multiple vulnerabilities

Background The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Description Multiple vulnerabilities have been discovered in Adobe Flash Player. Please review the CVE identifiers referenced below for details. Impact A remote attacke...

10CVSS9AI score0.84178EPSS
Exploits7
Gentoo Linux
Gentoo Linux
•added 2014/06/26 12:0 a.m.•38 views

Django: Multiple vulnerabilities

Background Django is a Python-based web framework. Description Multiple vulnerabilities have been discovered in Django. Please review the CVE identifiers referenced below for details. Impact A remote attacker could execute code with the privileges of the process, modify SQL queries, or disclose...

10CVSS7.6AI score0.0565EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2014/06/25 12:0 a.m.•38 views

Dnsmasq: Denial of Service

Background Dnsmasq is a lightweight, easy to configure DNS forwarder and DHCP server. Description When used with certain libvirt configurations Dnsmasq replies to queries from prohibited interfaces. Impact A remote attackers can cause a Denial of Service via spoofed TCP based DNS queries...

5CVSS6.4AI score0.05028EPSS
Exploits1
Gentoo Linux
Gentoo Linux
•added 2014/04/08 12:0 a.m.•38 views

Mesa: Multiple vulnerabilities

Background Mesa is an OpenGL-like graphic library for Linux. Description Multiple vulnerabilities have been discovered in Mesa. Please review the CVE identifiers referenced below for details. Impact A remote attacker could possibly execute arbitrary code with the privileges of the process, or cau...

10CVSS7.7AI score0.04641EPSS
Exploits1
Gentoo Linux
Gentoo Linux
•added 2014/02/21 12:0 a.m.•38 views

libssh: Arbitrary code execution

Background libssh is a C library providing SSHv2 and SSHv1. Description Multiple buffer overflow, double free, and integer overflow vulnerabilities have been discovered in libssh. Impact A remote attacker could possibly execute arbitrary code with the privileges of the process or cause a Denial o...

7.5CVSS7.8AI score0.12849EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2014/01/06 12:0 a.m.•38 views

ISC DHCP: Denial of service

Background ISC DHCP is a Dynamic Host Configuration Protocol DHCP client/server. Description ISC DHCP is vulnerable to a memory exhaustion attack involving regular expressions sent by DHCP clients. Impact A remote attacker could send a specially crafted request from a malicious or spoofed client,...

4.9CVSS6.4AI score0.01166EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2013/09/14 12:0 a.m.•38 views

Adobe Flash Player: Multiple vulnerabilities

Background The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Description Multiple unspecified vulnerabilities have been discovered in Adobe Flash Player. Please review the CVE identifiers referenced below for details. Impact A...

10CVSS7.8AI score0.77597EPSS
Exploits16
Gentoo Linux
Gentoo Linux
•added 2012/09/25 12:0 a.m.•38 views

Calligra: User-assisted execution of arbitrary code

Background Calligra is an office suite by KDE. Description An error in the read function in styles.cpp could cause a heap-based buffer overflow. Impact A remote attacker could entice a user to open a specially crafted ODF file, possibly resulting in execution of arbitrary code with the privileges...

7.5CVSS7.1AI score0.20073EPSS
Exploits1
Gentoo Linux
Gentoo Linux
•added 2012/09/05 12:0 a.m.•38 views

Adobe Flash Player: Multiple vulnerabilities

Background The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Description Multiple unspecified vulnerabilities have been discovered in Adobe Flash Player. Please review the CVE identifiers referenced below for details. Impact A...

10CVSS7.4AI score0.70384EPSS
Exploits11
Gentoo Linux
Gentoo Linux
•added 2012/01/28 12:0 a.m.•38 views

Chromium: Multiple vulnerabilities

Background Chromium is an open source web browser project. Description Multiple vulnerabilities have been discovered in Chromium. Please review the CVE identifiers and release notes referenced below for details. Impact A remote attacker could entice a user to open a specially crafted web site usi...

7.5CVSS7.4AI score0.01831EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2010/09/07 12:0 a.m.•38 views

Clam AntiVirus: Multiple vulnerabilities

Background Clam AntiVirus short: ClamAV is an anti-virus toolkit for UNIX, designed especially for e-mail scanning on mail gateways. Description Multiple vulnerabilities were discovered in Clam AntiVirus. For further information, please consult the CVE entries referenced below. Impact A remote...

10CVSS9.5AI score0.04894EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2009/08/18 12:0 a.m.•38 views

CDF: User-assisted execution of arbitrary code

Background CDF is a library for the Common Data Format which is a self-describing data format for the storage and manipulation of scalar and multidimensional data. It is developed by the NASA. Description Leon Juranic reported multiple heap-based buffer overflows for instance in the ReadAEDRList6...

9.3CVSS7.2AI score0.0286EPSS
Exploits1
Gentoo Linux
Gentoo Linux
•added 2009/08/01 12:0 a.m.•38 views

OpenSC: Multiple vulnerabilities

Background OpenSC provides a set of libraries and utilities to access smart cards. Description Multiple vulnerabilities were found in OpenSC: b.badrignans discovered that OpenSC incorrectly initialises private data objects CVE-2009-0368. Miquel Comas Marti discovered that src/tools/pkcs11-tool.c ...

7.5CVSS8AI score0.01215EPSS
Exploits1
Gentoo Linux
Gentoo Linux
•added 2009/04/08 12:0 a.m.•38 views

MIT Kerberos 5: Multiple vulnerabilities

Background MIT Kerberos 5 is a suite of applications that implement the Kerberos network protocol. kadmind is the MIT Kerberos 5 administration daemon, KDC is the Key Distribution Center. Description Multiple vulnerabilities have been reported in MIT Kerberos 5: A free call on an uninitialized...

10CVSS8.1AI score0.08898EPSS
Exploits3
Gentoo Linux
Gentoo Linux
•added 2009/03/19 12:0 a.m.•38 views

FFmpeg: Multiple vulnerabilities

Background FFmpeg is a complete solution to record, convert and stream audio and video. gst-plugins-ffmpeg is a FFmpeg based gstreamer plugin which includes a vulnerable copy of FFmpeg code. Mplayer is a multimedia player which also includes a vulnerable copy of the code. Description Multiple...

10CVSS7.5AI score0.09251EPSS
Exploits2
Gentoo Linux
Gentoo Linux
•added 2008/06/23 12:0 a.m.•38 views

FreeType: User-assisted execution of arbitrary code

Background FreeType is a font rendering library for TrueType Font TTF and Printer Font Binary PFB. Description Regenrecht reported multiple vulnerabilities in FreeType via iDefense: An integer overflow when parsing values in the Private dictionary table in a PFB file, leading to a heap-based buff...

7.5CVSS7.8AI score0.04217EPSS
Exploits1
Gentoo Linux
Gentoo Linux
•added 2008/05/11 12:0 a.m.•38 views

Pngcrush: User-assisted execution of arbitrary code

Background Pngcrush is a multi platform optimizer for PNG Portable Network Graphics files. Description It has been reported that Pngcrush includes a copy of libpng that is vulnerable to a memory corruption GLSA 200804-15. Impact A remote attacker could entice a user to process a specially crafted...

7.5CVSS7.8AI score0.05514EPSS
Exploits1
Gentoo Linux
Gentoo Linux
•added 2008/04/14 12:0 a.m.•38 views

Asterisk: Multiple vulnerabilities

Background Asterisk is an open source telephony engine and tool kit. Description Asterisk upstream developers reported multiple vulnerabilities: The Call Detail Record Postgres logging engine cdrpgsql does not correctly escape the ANI and DNIS arguments before using them in SQL statements...

8.8CVSS7.8AI score0.02811EPSS
Exploits2
Gentoo Linux
Gentoo Linux
•added 2008/04/11 12:0 a.m.•38 views

gnome-screensaver: Privilege escalation

Background gnome-screensaver is a screensaver, designed to integrate with the Gnome desktop, that can replace xscreensaver. Description gnome-screensaver incorrectly handles the results of the getpwuid function in the file src/setuid.c when using directory servers like NIS during a network outage...

4.7CVSS6.2AI score0.01336EPSS
Exploits2
Gentoo Linux
Gentoo Linux
•added 2008/03/09 12:0 a.m.•38 views

phpMyAdmin: SQL injection vulnerability

Background phpMyAdmin is a free web-based database administration tool. Description Richard Cunningham reported that phpMyAdmin uses the $REQUEST variable of $GET and $POST as a source for its parameters. Impact An attacker could entice a user to visit a malicious web application that sets an...

5.1CVSS7.3AI score0.00912EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2008/01/20 12:0 a.m.•38 views

Adobe Flash Player: Multiple vulnerabilities

Background The Adobe Flash Player is a renderer for the popular SWF file format, which is commonly used to provide interactive websites, digital experiences and mobile content. Description Flash contains a copy of PCRE which is vulnerable to a heap-based buffer overflow GLSA 200711-30,...

9.3CVSS10AI score0.30065EPSS
Exploits4
Gentoo Linux
Gentoo Linux
•added 2008/01/09 12:0 a.m.•38 views

Xfce: Multiple vulnerabilities

Background Xfce is a GTK+ 2 based desktop environment that allows to run a modern desktop environment on modest hardware. Description Gregory Andersen reported that the Xfce4 panel does not correctly calculate memory boundaries, leading to a stack-based buffer overflow in the...

10CVSS7.6AI score0.03983EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2007/11/12 12:0 a.m.•38 views

Mozilla Firefox, SeaMonkey, XULRunner: Multiple vulnerabilities

Background Mozilla Firefox is a cross-platform web browser from Mozilla. SeaMonkey is a free, cross-platform Internet suite. Description Multiple vulnerabilities have been reported in Mozilla Firefox and SeaMonkey. Various errors in the browser engine and the Javascript engine can be exploited to...

9.3CVSS8.2AI score0.12736EPSS
Exploits2
Gentoo Linux
Gentoo Linux
•added 2007/11/07 12:0 a.m.•38 views

Python: User-assisted execution of arbitrary code

Background Python is an interpreted, interactive, object-oriented programming language. Description Slythers Bro discovered multiple integer overflows in the imageop module, one of them in the tovideo method, in various locations in files imageop.c, rbgimgmodule.c, and also in other files. Impact...

5.8CVSS5.8AI score0.12488EPSS
Exploits1
Gentoo Linux
Gentoo Linux
•added 2007/10/27 12:0 a.m.•38 views

OpenSSL: Remote execution of arbitrary code

Background OpenSSL is an Open Source toolkit implementing the Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 as well as a general purpose cryptography library. Description Andy Polyakov reported a vulnerability in the OpenSSL toolkit, that is caused due to an unspecified...

9.3CVSS9.2AI score0.11164EPSS
Exploits1
Gentoo Linux
Gentoo Linux
•added 2007/10/13 12:0 a.m.•38 views

Ampache: Multiple vulnerabilities

Background Ampache is a PHP-based tool for managing, updating and playing audio files via a web interface. Description LT discovered that the "match" parameter in albums.php is not properly sanitized before being processed. The Ampache development team also reported an error when handling user...

6.8CVSS7.1AI score0.01474EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2007/09/19 12:0 a.m.•38 views

Poppler: Two buffer overflow vulnerabilities

Background Poppler is a cross-platform PDF rendering library originally based on Xpdf. Description Poppler and Xpdf are vulnerable to an integer overflow in the StreamPredictor::StreamPredictor function, and a stack overflow in the StreamPredictor::getNextLine function. The original vulnerability...

6.8CVSS7.3AI score0.08565EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2007/08/19 12:0 a.m.•38 views

Apache mod_jk: Directory traversal

Background Apache modjk is a connector for the Tomcat web server. Description Apache modjk decodes the URL within Apache before passing them to Tomcat, which decodes them a second time. Impact A remote attacker could browse a specially crafted URL on an Apache server running modjk, possibly gaini...

5CVSS6.4AI score0.12924EPSS
Exploits1
Gentoo Linux
Gentoo Linux
•added 2007/08/08 12:0 a.m.•38 views

Macromedia Flash Player: Remote arbitrary code execution

Background The Macromedia Flash Player is a renderer for the popular SWF file type which is commonly used to provide interactive websites, digital experiences and mobile content. Description Mark Hills discovered some errors when interacting with a browser for keystrokes handling CVE-2007-2022...

9.3CVSS7AI score0.56309EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2007/07/01 12:0 a.m.•38 views

Firebird: Buffer overflow

Background Firebird is an open source relational database that runs on Linux, Windows, and various UNIX systems. Description Cody Pierce from TippingPoint DVLabs has discovered a buffer overflow when processing "connect" requests with an overly large "pcnctcount" value. Impact An unauthenticated...

10CVSS7.5AI score0.13206EPSS
Exploits1
Gentoo Linux
Gentoo Linux
•added 2007/06/19 12:0 a.m.•38 views

PHProjekt: Multiple vulnerabilities

Background PHProjekt is a project management and coordination tool written in PHP. Description Alexios Fakos from n.runs AG has discovered multiple vulnerabilities in PHProjekt, including the execution of arbitrary SQL commands using unknown vectors CVE-2007-1575, the execution of arbitrary PHP...

7.5CVSS7.3AI score0.02021EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2007/05/01 12:0 a.m.•38 views

Tomcat: Information disclosure

Background Tomcat is the Apache Jakarta Project's official implementation of Java Servlets and Java Server Pages. Description Tomcat allows special characters like slash, backslash or URL-encoded backslash as a separator, while Apache does not. Impact A remote attacker could send a specially...

5CVSS6.4AI score0.90768EPSS
Exploits2
Gentoo Linux
Gentoo Linux
•added 2007/04/17 12:0 a.m.•38 views

File: Denial of service

Background file is a utility that identifies a file format by scanning binary data for patterns. Description Conor Edberg discovered an error in the way file processes a specific regular expression. Impact A remote attacker could entice a user to open a specially crafted file, using excessive CPU...

7.8CVSS9AI score0.02092EPSS
Exploits1
Gentoo Linux
Gentoo Linux
•added 2007/04/06 12:0 a.m.•38 views

libwpd: Multiple vulnerabilities

Background libwpd is a library used to convert Wordperfect documents into other formats. Description libwpd contains heap-based overflows in two functions that convert WordPerfect document tables. In addition, it contains an integer overflow in a text-conversion function. Impact An attacker could...

9.3CVSS7.3AI score0.06722EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2007/04/02 12:0 a.m.•38 views

Asterisk: Two SIP Denial of Service vulnerabilities

Background Asterisk is an open source implementation of a telephone private branch exchange PBX. Description The Madynes research team at INRIA has discovered that Asterisk contains a null pointer dereferencing error in the SIP channel when handling INVITE messages. Furthermore qwerty1979...

7.8CVSS6.5AI score0.14486EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2007/01/15 12:0 a.m.•38 views

WordPress: Multiple vulnerabilities

Background WordPress is a popular personal publishing platform with a web interface. Description When decoding trackbacks with alternate character sets, WordPress does not correctly sanitize the entries before further modifying a SQL query. WordPress also displays different error messages in...

6.8CVSS6.5AI score0.07357EPSS
Exploits2
Gentoo Linux
Gentoo Linux
•added 2006/05/10 12:0 a.m.•38 views

Ruby: Denial of service

Background Ruby is an interpreted scripting language for quick and easy object-oriented programming. It comes bundled with HTTP "WEBrick" and XMLRPC server objects. Description Ruby uses blocking sockets for WEBrick and XMLRPC servers. Impact An attacker could send large amounts of data to an...

5CVSS6.2AI score0.10192EPSS
Exploits0
Total number of security vulnerabilities3816