Lucene search
K
GentooMost viewed

3816 matches found

Gentoo Linux
Gentoo Linux
added 2020/07/26 12:0 a.m.36 views

QtNetwork: Denial of service

Background QtNetwork provides a set of APIs for programming applications that use TCP/IP. It is part of the Qt framework. Description A flaw was discovered in QtNetwork’s handling of OpenSSL protocol errors. Impact An attacker could cause a possible Denial of Service condition. Workaround There i...

7.5CVSS7.4AI score0.03012EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2020/07/26 12:0 a.m.36 views

libexif: Multiple vulnerabilities

Background libexif is a library for parsing, editing and saving Exif metadata from images. Description Multiple vulnerabilities have been discovered in libexif. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details...

9.1CVSS3.1AI score0.04059EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2020/05/14 12:0 a.m.36 views

libmicrodns: Multiple vulnerabilities

Background libmicrodns is an mDNS library, focused on being simple and cross-platform. Description Multiple vulnerabilities have been discovered in libmicrodns. Please review the CVE identifiers and the upstream advisory referenced below for details. Impact Please review the referenced CVE...

9.8CVSS2.9AI score0.03636EPSS
Exploits7
Gentoo Linux
Gentoo Linux
added 2020/03/25 12:0 a.m.36 views

WeeChat: Multiple vulnerabilities

Background Wee Enhanced Environment for Chat WeeChat is a light and extensible console IRC client. Description Multiple vulnerabilities have been discovered in WeeChat. Please review the CVE identifiers referenced below for details. Impact A remote attacker, by sending a specially crafted IRC...

9.8CVSS3.1AI score0.03684EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2019/08/15 12:0 a.m.36 views

libarchive: Multiple vulnerabilities

Background libarchive is a library for manipulating different streaming archive formats, including certain tar variants, several cpio formats, and both BSD and GNU ar variants. Description Multiple vulnerabilities have been discovered in libarchive. Please review the CVE identifiers referenced...

7.5CVSS3AI score0.03367EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2019/08/15 12:0 a.m.36 views

glibc: Multiple vulnerabilities

Background glibc is a package that contains the GNU C library. Description Multiple vulnerabilities have been discovered in glibc. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workarou...

7.5CVSS7.5AI score0.05532EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2018/12/30 12:0 a.m.36 views

Rust: Multiple vulnerabilities

Background A systems programming language that runs blazingly fast, prevents segfaults, and guarantees thread safety. Description Multiple vulnerabilities have been discovered in Rust. Please review the CVE identifiers referenced below for details. Impact A remote attacker able to control the val...

9.8CVSS8.7AI score0.02955EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2018/11/30 12:0 a.m.36 views

PostgreSQL: SQL injection

Background PostgreSQL is an open source object-relational database management system. Description A vulnerability was discovered in PostgreSQL’s pgupgrade and pgdump. Impact An attacker, by enticing a user to process a specially crafted trigger definition, can execute arbitrary SQL statements wit...

9.8CVSS9.2AI score0.0515EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2018/04/08 12:0 a.m.36 views

libvirt: Multiple vulnerabilities

Background libvirt is a C toolkit for manipulating virtual machines. Description Multiple vulnerabilities have been discovered in libvirt. Please review the CVE identifiers referenced below for details. Impact A local privileged attacker could execute arbitrary commands or cause a Denial of Servi...

7.8CVSS3.5AI score0.03175EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2017/10/13 12:0 a.m.36 views

WebKitGTK+: Multiple Vulnerabilities

Background WebKitGTK+ is a full-featured port of the WebKit rendering engine, suitable for projects requiring any kind of web integration, offers Webkit’s full functionality and is used on a wide range of systems. Description Multiple vulnerabilities have been discovered in WebkitGTK+. Please...

9.3CVSS9AI score0.095EPSS
Exploits25
Gentoo Linux
Gentoo Linux
added 2017/06/27 12:0 a.m.36 views

KAuth and KDELibs: Privilege escalation

Background KAuth provides a convenient, system-integrated way to offload actions that need to be performed as a privileged user root, for example to small hopefully secure helper utilities. The KDE libraries, basis of KDE and used by many open source projects. Description KAuth and KDELibs contai...

7.8CVSS2.3AI score0.01805EPSS
Exploits3
Gentoo Linux
Gentoo Linux
added 2017/05/26 12:0 a.m.37 views

Adobe Flash Player: Multiple vulnerabilities

Background The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Description Multiple vulnerabilities have been discovered in Adobe Flash Player. Please review the CVE identifiers referenced below for details. Impact A remote attacke...

9.3CVSS9.7AI score0.20353EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2016/12/05 12:0 a.m.36 views

Patch: Denial of service

Background Patch takes a patch file containing a difference listing produced by the diff program and applies those differences to one or more original files, producing patched versions. Description Due to a flaw in Patch, the application can enter an infinite loop when processing a specially...

2.7AI score
Exploits0
Gentoo Linux
Gentoo Linux
added 2016/11/15 12:0 a.m.36 views

polkit: Heap-corruption on duplicate IDs

Background polkit is a toolkit for managing policies relating to unprivileged processes communicating with privileged processes. Description A vulnerability was discovered in polkit’s polkitbackendactionpoolinit function due to duplicate action IDs in action descriptions. Impact Local attackers a...

4.6CVSS5.2AI score0.00365EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2016/07/20 12:0 a.m.36 views

Bugzilla: Multiple vulnerabilities

Background Bugzilla is the bug-tracking system from the Mozilla project. Description Multiple vulnerabilities have been discovered in Bugzilla. Please review the CVE identifiers referenced below for details. Impact Privileged account holders could execute system level commands, and the new user...

6.5CVSS6.9AI score0.02326EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2016/03/12 12:0 a.m.36 views

QtGui: Multiple vulnerabilities

Background QtGui is the GUI module and platform plugins for the Qt framework Description Multiple buffer overflow vulnerabilities have been discovered in QtGui. It is possible for remote attackers to construct specially crafted BMP, ICO, or GIF images that lead to buffer overflows. After...

6.8CVSS9.7AI score0.08736EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2015/12/30 12:0 a.m.36 views

ClamAV: Multiple vulnerabilities

Background ClamAV is a GPL virus scanner. Description Multiple vulnerabilities have been discovered in ClamAV. Please review the CVE identifiers referenced below for details. Impact A remote attacker could cause ClamAV to scan a specially crafted file, possibly resulting in a Denial of Service...

7.5CVSS6.9AI score0.03234EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2015/10/31 12:0 a.m.36 views

cups-filters: Multiple vulnerabilities

Background cups-filters is an OpenPrinting CUPS Filters. Description Multiple vulnerabilities have been discovered in cups-filters. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to open a specially crafted print job using cups-filters...

7.5CVSS7.4AI score0.08295EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2015/07/23 12:0 a.m.36 views

e2fsprogs: Arbitrary code execution

Background e2fsprogs is a set of utilities for maintaining the ext2, ext3 and ext4 file systems. Description e2fsprogs has a heap-based buffer overflow in closefs.c in the libext2fs library. Impact A local attacker could execute arbitrary code via a specially crafted block group descriptor...

4.6CVSS9.6AI score0.00596EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2015/06/22 12:0 a.m.36 views

GnuTLS: Multiple vulnerabilities

Background GnuTLS is an Open Source implementation of the TLS and SSL protocols. Description Multiple vulnerabilities have been discovered in GnuTLS. Please review the CVE identifiers and external references below for details. Impact A context-dependent attacker can cause a denial of service...

7.5CVSS6.6AI score0.03921EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2015/04/11 12:0 a.m.36 views

sudo: Information disclosure

Background sudo allows a system administrator to give users the ability to run commands as other users. Access to commands may also be granted on a range to hosts. Description sudo does not handle the TZ environment variable properly. Impact A local attacker may be able to read arbitrary files or...

3.3CVSS5.3AI score0.0047EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2015/02/25 12:0 a.m.36 views

grep: Denial of service

Background grep is the GNU regular expression matcher. Description A heap buffer overrun has been fixed in the bmexectrans function in kwset.c. Impact A local user can cause Denial of Service. Workaround There is no known workaround at this time. Resolution All grep users should upgrade to the...

2.1CVSS9.1AI score0.00486EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2015/02/07 12:0 a.m.36 views

nginx: Information disclosure

Background nginx is a robust, small, and high performance HTTP and reverse proxy server. Description An SSL session fixation vulnerability has been found in nginx when multiple servers use the same shared sslsessioncache or sslsessionticketkey. Impact A remote attacker may be able to obtain...

4.3CVSS6.2AI score0.05654EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2014/12/27 12:0 a.m.36 views

file: Denial of service

Background The file utility attempts to identify a file’s format by scanning binary data for patterns. Description An issue with the ELF parser used by the file utility can cause a resource consumption when reading a specially-crafted ELF binary. Impact A context-dependent attacker may be able to...

5CVSS7.7AI score0.05926EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2014/12/22 12:0 a.m.36 views

sendmail: Information disclosure

Background sendmail is a widely-used Mail Transport Agent MTA. Description The smcloseonexec function in conf.c has arguments in the wrong order. Impact A local attacker could get access to unintended high-numbered file descriptors via a specially crafted program. Workaround There is no known...

1.9CVSS6AI score0.0063EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2014/12/13 12:0 a.m.36 views

MCollective: Privilege escalation

Background MCollective is a framework to build server orchestration or parallel job execution systems. Description Two vulnerabilities have been found in MCollective: An untrusted search path vulnerability exists in MCollective CVE-2014-3248 MCollective does not properly validate server...

6.2CVSS7.7AI score0.00537EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2014/12/13 12:0 a.m.36 views

CouchDB: Denial of service

Background Apache CouchDB is a distributed, fault-tolerant and schema-free document-oriented database. Description CouchDB does not properly sanitize the count parameter for Universally Unique Identifiers UUID requests. Impact A remote attacker could send a specially crafted request to CouchDB,...

5CVSS6.4AI score0.22289EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2014/12/13 12:0 a.m.36 views

Xfig: User-assisted execution of arbitrary code

Background Xfig is an interactive drawing tool. Description A stack-based buffer overflow and a stack consumption vulnerability have been found in Xfig. Impact A remote attacker could entice a user to open a specially-crafted file, potentially resulting in arbitrary code execution or a Denial of...

6.8CVSS7.6AI score0.10603EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2014/09/19 12:0 a.m.36 views

libxml2: Denial of service

Background libxml2 is the XML C parser and toolkit developed for the Gnome project. Description A vulnerability in the xmlParserHandlePEReference function of parser.c, when expanding entity references, can be exploited to consume large amounts of memory and cause a crash or hang. Impact A remote...

4.3CVSS7.7AI score0.081EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2014/08/29 12:0 a.m.36 views

Libgcrypt: Side-channel attack

Background Libgcrypt is a general purpose cryptographic library derived out of GnuPG. Description A vulnerability in the implementation of ElGamal decryption procedures of Libgcrypt leaks information to various side-channels. Impact A physical side-channel attack allows a remote attacker to fully...

2.1CVSS5.9AI score0.00531EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2014/08/29 12:0 a.m.36 views

Jinja2: Multiple vulnerabilities

Background Jinja2 is a template engine written in pure Python. Description Multiple vulnerabilities have been discovered in Jinja2. Please review the CVE identifiers referenced below for details. Impact A local attacker could gain escalated privileges via a specially crafted cache file or...

4.4CVSS6.7AI score0.0043EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2014/08/29 12:0 a.m.36 views

GNU Libtasn1: Multiple vulnerabilities

Background The ASN.1 library used in GNUTLS. Description Multiple vulnerabilities have been discovered in GNU Libtasn1. Please review the CVE identifiers referenced below for details. Impact A context-dependent attacker could possibly cause a Denial of Service condition. Workaround There is no...

7.5CVSS6.3AI score0.068EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2014/08/14 12:0 a.m.36 views

libpng: Multiple vulnerabilities

Background libpng is a standard library used to process PNG Portable Network Graphics images. It is used by several programs, including web browsers and potentially server processes. Description The pngpushreadchunk function in pngpread.c in the progressive decoder enters an infinite loop, when i...

6.5CVSS9.2AI score0.03321EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2014/07/09 12:0 a.m.36 views

Adobe Flash Player: Multiple vulnerabilities

Background The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Description Multiple vulnerabilities have been discovered in Adobe Flash Player. Please review the CVE identifiers referenced below for details. Impact A remote attacke...

7.5CVSS7.7AI score0.23024EPSS
Exploits4
Gentoo Linux
Gentoo Linux
added 2014/05/18 12:0 a.m.36 views

Mono: Denial of service

Background Mono is an open source implementation of Microsoft’s .NET Framework. Description Mono does not properly randomize hash functions for form posts to protect against hash collision attacks. Impact A remote attacker could send specially crafted parameters, possibly resulting in a Denial of...

7.5CVSS7.5AI score0.02583EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2014/05/18 12:0 a.m.36 views

Symfony: Information disclosure

Background Symfony is a professional, open-source PHP5 web development framework. Description Symfony does not properly sanitize input for upload requests. Impact A remote attacker could send a specially crafted file upload request, possibly resulting in disclosure of sensitive information...

5CVSS6.4AI score0.0349EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2014/02/21 12:0 a.m.36 views

GnuPG, Libgcrypt: Multiple vulnerabilities

Background The GNU Privacy Guard, GnuPG, is a free replacement for the PGP suite of cryptographic software. Libgcrypt is a cryptographic library based on GnuPG. Description Multiple vulnerabilities have been discovered in GnuPG and Libgcrypt. Please review the CVE identifiers referenced below for...

5.8CVSS9AI score0.0503EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2013/12/16 12:0 a.m.36 views

MIT Kerberos 5: Multiple vulnerabilities

Background MIT Kerberos 5 is a suite of applications that implement the Kerberos network protocol. Description Multiple vulnerabilities have been discovered in the Key Distribution Center in MIT Kerberos 5. Please review the CVE identifiers referenced below for details. Impact A remote attacker...

9.3CVSS7.4AI score0.06485EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2013/11/28 12:0 a.m.36 views

Namazu: Multiple vulnerabilities

Background Namazu is a full-text search engine intended for easy use. Description Multiple vulnerabilities have been discovered in Namazu. Please review the CVE identifiers referenced below for details. Impact A remote attacker could execute arbitrary code or cause a Denial of Service condition...

7.5CVSS7.3AI score0.04502EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2013/11/28 12:0 a.m.36 views

cpio: Arbitrary code execution

Background GNU cpio copies files into or out of a cpio or tar archive. Description Cpio contains a heap-based buffer overflow in the rmtread function in lib/rtapelib.c. Impact A remote server could sending more data than was requested, related to archive filenames that contain a : colon character...

6.8CVSS8.2AI score0.04747EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2013/10/17 12:0 a.m.36 views

Perl Parallel-ForkManager Module: Insecure temporary file usage

Background Parallel-ForkManager is a simple parallel processing fork manager for Perl. Description The Perl Parallel-ForkManager module does not handle temporary files securely. Impact A local attacker could perform symlink attacks to overwrite arbitrary files with the privileges of the user...

7.5CVSS7.3AI score0.01735EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2013/09/15 12:0 a.m.36 views

Adobe Reader: Arbitrary Code Execution

Background Adobe Reader is a closed-source PDF reader. Description An unspecified vulnerability exists in Adobe Reader. Impact An attacker could execute arbitrary code or cause a Denial of Service condition. Workaround There is no known workaround at this time. Resolution All Adobe Reader users...

10CVSS7.1AI score0.78581EPSS
Exploits8
Gentoo Linux
Gentoo Linux
added 2013/09/01 12:0 a.m.36 views

strongSwan: Multiple vulnerabilities

Background strongSwan is an IPSec implementation for Linux. Description Multiple vulnerabilities have been discovered in strongSwan. Please review the CVE identifiers referenced below for details. Impact A remote attacker could use ECDSA to authenticate as another user with an invalid signature...

5.1CVSS6.8AI score0.02985EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2012/10/18 12:0 a.m.36 views

qemu-kvm: Multiple vulnerabilities

Background qemu-kvm provides QEMU and Kernel-based Virtual Machine userland tools. Description Multiple vulnerabilities have been discovered in qemu-kvm. Please review the CVE identifiers referenced below for details. Impact These vulnerabilities allow a remote attacker to cause a Denial of Servi...

7.4CVSS7.5AI score0.01903EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2012/06/25 12:0 a.m.36 views

sendmail: X.509 NULL spoofing vulnerability

Background sendmail is a widely-used Mail Transport Agent MTA. Description A vulnerability has been discovered in sendmail. Please review the CVE identifier referenced below for details. Impact A remote attacker might employ a specially crafted certificate to conduct man-in-the-middle attacks on...

7.5CVSS6.2AI score0.02374EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2012/06/23 12:0 a.m.36 views

NVIDIA Drivers: Privilege escalation

Background The NVIDIA drivers provide X11 and GLX support for NVIDIA graphic boards. Description A vulnerability has been found in the way NVIDIA drivers handle read/write access to GPU device nodes, allowing access to arbitrary system memory locations. NOTE: Exposure to this vulnerability is...

4.6CVSS6.5AI score0.00725EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2012/06/23 12:0 a.m.36 views

Adobe Flash Player: Multiple vulnerabilities

Background The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Description Multiple vulnerabilities have been discovered in Adobe Flash Player. Please review the CVE identifiers referenced below for details. Impact A remote attacke...

9.3CVSS7.5AI score0.85698EPSS
Exploits11
Gentoo Linux
Gentoo Linux
added 2012/06/21 12:0 a.m.36 views

Asterisk: Multiple vulnerabilities

Background Asterisk is an open source telephony engine and toolkit. Description Multiple vulnerabilities have been found in Asterisk: An error in manager.c allows shell access through the MixMonitor application, GetVar, or Status CVE-2012-2414. An error in chanskinny.c could cause a heap-based...

6.5CVSS8.1AI score0.02721EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2012/06/21 12:0 a.m.36 views

tftp-hpa: Remote buffer overflow

Background tftp-hpa is the port of the OpenBSD TFTP server. Description A vulnerability has been discovered in tftp-hpa. Please review the CVE identifier referenced below for details. Impact The vulnerability might allow remote attackers to execute arbitrary code. Workaround There is no known...

7.5CVSS4.1AI score0.05246EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2011/11/20 12:0 a.m.36 views

Perl Safe module: Arbitrary Perl code injection

Background Safe is a Perl module to compile and execute code in restricted compartments. Description Unsafe code evaluation prevents the Safe module from properly restricting the code of implicitly called methods on implicitly blessed objects. Impact A remote attacker could entice a user to load ...

7.5CVSS6.9AI score0.03715EPSS
Exploits2
Total number of security vulnerabilities3816