Lucene search
K
GentooMost viewed

3816 matches found

Gentoo Linux
Gentoo Linux
added 2004/10/20 12:0 a.m.37 views

Ghostscript: Insecure temporary file use in multiple scripts

Background Ghostscript is a software package providing an interpreter for the PostScript language and the PDF file format. It also provides output drivers for various file formats and printers. Description The pj-gs.sh, ps2epsi, pv.sh and sysvlp.sh scripts create temporary files in world-writeabl...

7.2CVSS6.1AI score0.00474EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2004/10/18 12:0 a.m.37 views

Squid: Remote DoS vulnerability

Background Squid is a full-featured Web proxy cache designed to run on Unix systems. It supports proxying and caching of HTTP, FTP, and other URLs, as well as SSL support, cache hierarchies, transparent caching, access control lists and many other features. Description A parsing error exists in t...

5CVSS6.1AI score0.1603EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2004/08/22 12:0 a.m.37 views

Qt: Image loader overflows

Background Qt is a cross-platform GUI toolkit used by KDE. Description There are several unspecified bugs in the QImage class which may cause crashes or allow execution of arbitrary code as the user running the Qt application. These bugs affect the PNG, XPM, BMP, GIF and JPEG image types. Impact ...

7.5CVSS7AI score0.14694EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2004/07/19 12:0 a.m.37 views

Unreal Tournament 2003/2004: Buffer overflow in 'secure' queries

Background Unreal Tournament 2003 and 2004 are popular first-person-shooter games. They are both based on the Unreal engine, and can be used in a game server / client setup. Description The Unreal-based game servers support a specific type of query called 'secure'. Part of the Gamespy protocol,...

10CVSS7.5AI score0.73544EPSS
Exploits10
Gentoo Linux
Gentoo Linux
added 2004/06/22 12:0 a.m.37 views

IPsec-Tools: authentication bug in racoon

Background IPsec-Tools is a port of KAME's implementation of the IPsec utilities. It contains a collection of network monitoring tools, including racoon, ping, and ping6. Description The KAME IKE daemon racoon is used to authenticate peers during Phase 1 when using either preshared keys, GSS-API,...

10CVSS6.1AI score0.0544EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2004/06/21 12:0 a.m.37 views

Apache 1.3: Buffer overflow in mod_proxy

Background The Apache HTTP Server Project is an effort to develop and maintain an open-source HTTP server for modern operating systems. The goal of this project is to provide a secure, efficient and extensible server that provides services in tune with the current HTTP standards. Description A bu...

10CVSS7.2AI score0.33639EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2004/06/09 12:0 a.m.37 views

Mailman: Member password disclosure vulnerability

Background Mailman is a python-based mailing list server with an extensive web interface. Description Mailman contains an unspecified vulnerability in the handling of request emails. Impact By sending a carefully crafted email request to the mailman server an attacker could obtain member password...

5CVSS6.3AI score0.02984EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2004/03/31 12:0 a.m.37 views

Multiple Security Vulnerabilities in Monit

Background Monit is a system administration utility that allows management and monitoring of processes, files, directories and devices on a Unix system. Description A denial of service may occur due to Monit not sanitizing remotely supplied HTTP parameters before passing them to memory allocation...

10CVSS7.3AI score0.21107EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2003/10/28 12:0 a.m.37 views

Apache: multiple buffer overflows

Background The Apache HTTP Server is one of the most popular web servers on the Internet. Description Multiple stack-based buffer overflows in modalias and modrewrite allow attackers who can create or edit configuration files including .htaccess files, to cause a denial of service and execute...

7.2CVSS7.4AI score0.1273EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2024/08/12 12:0 a.m.36 views

PHP: Multiple Vulnerabilities

Background PHP is a widely-used general-purpose scripting language that is especially suited for Web development and can be embedded into HTML. Description Multiple vulnerabilities have been discovered in PHP. Please review the CVE identifiers referenced below for details. Impact Please review th...

9.8CVSS7.4AI score0.99987EPSS
Exploits74
Gentoo Linux
Gentoo Linux
added 2024/08/11 12:0 a.m.36 views

matio: Multiple Vulnerabilities

Background matio is a library for reading and writing matlab files. Description Multiple vulnerabilities have been discovered in matio. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known...

8.8CVSS7.6AI score0.01503EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2024/07/24 12:0 a.m.36 views

Dmidecode: Privilege Escalation

Background Dmidecode reports information about your system's hardware as described in your system BIOS according to the SMBIOS/DMI standard see a sample output. This information typically includes system manufacturer, model name, serial number, BIOS version, asset tag as well as a lot of other...

7.1CVSS6.7AI score0.00523EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2024/05/07 12:0 a.m.36 views

libjpeg-turbo: Multiple Vulnerabilities

Background libjpeg-turbo is a MMX, SSE, and SSE2 SIMD accelerated JPEG library. Description Multiple vulnerabilities have been discovered in libjpeg-turbo. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround...

8.8CVSS7.6AI score0.02728EPSS
Exploits4
Gentoo Linux
Gentoo Linux
added 2024/02/19 12:0 a.m.36 views

Mozilla Firefox: Multiple Vulnerabilities

Background Mozilla Firefox is a popular open-source web browser from the Mozilla project. Description Multiple vulnerabilities have been discovered in Mozilla Firefox. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details...

8.8CVSS10AI score0.02155EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2024/01/05 12:0 a.m.36 views

RDoc: Command Injection

Background RDoc produces HTML and command-line documentation for Ruby projects. Description A vulnerability has been discovered in RDoc. Please review the CVE identifier referenced below for details. Impact RDoc used to call Kernelopen to open a local file. If a Ruby project has a file whose name...

7CVSS7.2AI score0.0148EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2023/12/23 12:0 a.m.36 views

Gitea: Multiple Vulnerabilities

Background Gitea is a painless self-hosted Git service. Description Multiple vulnerabilities have been discovered in Gitea. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workaround at...

4.4CVSS7.6AI score0.00485EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2023/11/26 12:0 a.m.36 views

phpMyAdmin: Multiple Vulnerabilities

Background phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the web. Description Multiple vulnerabilities have been discovered in phpMyAdmin. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers...

7.5CVSS7.4AI score0.07936EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2023/11/26 12:0 a.m.36 views

Open vSwitch: Multiple Vulnerabilities

Background Open vSwitch is a production quality multilayer virtual switch. Description Multiple vulnerabilities have been discovered in Open vSwitch. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There i...

9.8CVSS7.7AI score0.08026EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2023/11/25 12:0 a.m.36 views

AIDE: Root Privilege Escalation

Background AIDE Advanced Intrusion Detection Environment is a file and directory integrity checker. It creates a database from the regular expression rules that it finds from the config files. Once this database is initialized it can be used to verify the integrity of the files. It has several...

7.8CVSS6.9AI score0.00493EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2023/11/25 12:0 a.m.37 views

Apptainer: Privilege Escalation

Background Apptainer is the container system for secure high-performance computing. Description A vulnerability has been discovered in Apptainer. Please review the CVE identifier referenced below for details. Impact There is an ext4 use-after-free flaw that is exploitable in vulnerable versions...

7.8CVSS7AI score0.00369EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2023/10/19 12:0 a.m.36 views

GNU Mailutils: unexpected processsing of escape sequences

Background GNU Mailutils is a collection of mail-related utilities, including an IMAP4 server imap4d and a Mail User Agent mail. Description A vulnerability has been discovered in GNU Mailutils. Please review the CVE identifier referenced below for details. Impact mail1 from mailutils would proce...

8.1CVSS7AI score0.03621EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2023/10/10 12:0 a.m.36 views

less: Denial of service

Background less is a pager and text file viewer. Description less suffered from a flaw in its terminal escape sequence handling which made its filtering incomplete. Impact Malicious input could clear the terminal output or otherwise manipulate it with faked interactions. Workaround There is no...

7.5CVSS6.9AI score0.01412EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2023/09/29 12:0 a.m.36 views

Fish: User-assisted execution of arbitrary code

Background Smart and user-friendly command line shell for macOS, Linux, and the rest of the family. It includes features like syntax highlighting, autosuggest-as-you-type, and fancy tab completions that just work, with no configuration required. Description A vulnerability have been discovered in...

7.8CVSS7.7AI score0.01417EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2023/05/30 12:0 a.m.36 views

Mozilla Firefox: Multiple Vulnerabilities

Background Mozilla Firefox is a popular open-source web browser from the Mozilla project. Description Multiple vulnerabilities have been discovered in Mozilla Firefox. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details...

8.8CVSS7.5AI score0.00952EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2023/01/11 12:0 a.m.36 views

liblouis: Multiple Vulnerabilities

Background liblouis is an open-source braille translator and back-translator. Description Multiple vulnerabilities have been discovered in liblouis. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is...

7.8CVSS2.5AI score0.01463EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2022/10/31 12:0 a.m.36 views

Expat: Denial of Service

Background Expat is a set of XML parsing libraries. Description In certain out-of-memory situations, Expat may free memory before it should, leading to a use-after-free. Impact A use-after-free can result in denial of service. Workaround There is no known workaround at this time. Resolution All...

7.5CVSS7.9AI score0.02241EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2022/10/31 12:0 a.m.36 views

Shadow: TOCTOU Race

Background Shadow contains utilities to deal with user accounts Description A TOCTOU race condition was discovered in shadow. A local attacker with write privileges in a directory removed or copied by usermod/userdel could potentially exploit this flaw when the administrator invokes...

4.7CVSS4.4AI score0.00308EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2022/10/31 12:0 a.m.36 views

Net-SNMP: Multiple Vulnerabilities

Background Net-SNMP is a suite of applications used to implement the Simple Network Management Protocol. Description Multiple vulnerabilities have been discovered in Net-SNMP. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for...

8.8CVSS2.8AI score0.01299EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2022/09/29 12:0 a.m.36 views

Mozilla Firefox: Multiple Vulnerabilities

Background Mozilla Firefox is a popular open-source web browser from the Mozilla project. Description Multiple vulnerabilities have been discovered in Mozilla Firefox. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details...

8.8CVSS3AI score0.01342EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2022/08/04 12:0 a.m.36 views

libmcpp: Denial of service

Background libmcpp is a portable C/C++ preprocessor. Description A buffer overflow and an out-of-bounds read vulnerability have been discovered in libmcpp, which could be exploited for denial of service. Impact An attacker that can provide crafted input to libmcpp could achieve denial of service...

5.5CVSS4.3AI score0.01569EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2020/12/23 12:0 a.m.36 views

GDK-PixBuf: Denial of service

Background GDK-PixBuf is an image loading library for GTK+. Description It was discovered that the GDK-PixBuf library did not properly handle certain GIF images. Impact A remote attacker could entice a user to open a specially crafted GIF image in an application linked against GDK-PixBuf library,...

5.5CVSS3.2AI score0.01477EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2020/12/23 12:0 a.m.36 views

PowerDNS Recursor: Denial of service

Background PowerDNS Recursor is a high-end, high-performance resolving name server. Description It was discovered that it was possible to update the DNSSEC validation state to a bogus state for a cached record via DNS ANY query. Impact A remote attacker could send specially crafted DNS queries to...

7.5CVSS4.9AI score0.06465EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2020/08/25 12:0 a.m.36 views

Shadow: Privilege escalation

Background Shadow is a set of tools to deal with user accounts. Description When Shadow was installed with the PAM use flag, setuid binaries provided by Shadow were not properly restricted. Impact A local attacker could escalate privileges to root. Workaround There is no known workaround at this...

7.8CVSS3.7AI score0.00495EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2020/07/27 12:0 a.m.36 views

Thin: Privilege escalation

Background Thin is a small and fast Ruby web server. Description It was discovered that Gentoo’s Thin ebuild does not properly handle its temporary runtime directories. This only affects OpenRC systems, as the flaw was exploitable via the init script. Impact A local attacker could cause denial of...

7.2AI score
Exploits0
Gentoo Linux
Gentoo Linux
added 2020/07/26 12:0 a.m.36 views

libexif: Multiple vulnerabilities

Background libexif is a library for parsing, editing and saving Exif metadata from images. Description Multiple vulnerabilities have been discovered in libexif. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details...

9.1CVSS3.1AI score0.04059EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2020/07/26 12:0 a.m.36 views

QtNetwork: Denial of service

Background QtNetwork provides a set of APIs for programming applications that use TCP/IP. It is part of the Qt framework. Description A flaw was discovered in QtNetwork’s handling of OpenSSL protocol errors. Impact An attacker could cause a possible Denial of Service condition. Workaround There i...

7.5CVSS7.4AI score0.03012EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2020/03/25 12:0 a.m.36 views

WeeChat: Multiple vulnerabilities

Background Wee Enhanced Environment for Chat WeeChat is a light and extensible console IRC client. Description Multiple vulnerabilities have been discovered in WeeChat. Please review the CVE identifiers referenced below for details. Impact A remote attacker, by sending a specially crafted IRC...

9.8CVSS3.1AI score0.03684EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2020/03/25 12:0 a.m.36 views

Xen: Multiple vulnerabilities

Background Xen is a bare-metal hypervisor. Description Multiple vulnerabilities have been discovered in Xen. Please review the referenced CVE identifiers for details. Impact A local attacker could potentially gain privileges on the host system or cause a Denial of Service condition. Workaround...

9.8CVSS4.5AI score0.03133EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2019/08/15 12:0 a.m.36 views

glibc: Multiple vulnerabilities

Background glibc is a package that contains the GNU C library. Description Multiple vulnerabilities have been discovered in glibc. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workarou...

7.5CVSS7.5AI score0.05532EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2018/12/30 12:0 a.m.36 views

Rust: Multiple vulnerabilities

Background A systems programming language that runs blazingly fast, prevents segfaults, and guarantees thread safety. Description Multiple vulnerabilities have been discovered in Rust. Please review the CVE identifiers referenced below for details. Impact A remote attacker able to control the val...

9.8CVSS8.7AI score0.02955EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2018/11/30 12:0 a.m.36 views

PostgreSQL: SQL injection

Background PostgreSQL is an open source object-relational database management system. Description A vulnerability was discovered in PostgreSQL’s pgupgrade and pgdump. Impact An attacker, by enticing a user to process a specially crafted trigger definition, can execute arbitrary SQL statements wit...

9.8CVSS9.2AI score0.0515EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2017/05/26 12:0 a.m.37 views

Adobe Flash Player: Multiple vulnerabilities

Background The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Description Multiple vulnerabilities have been discovered in Adobe Flash Player. Please review the CVE identifiers referenced below for details. Impact A remote attacke...

9.3CVSS9.7AI score0.20353EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2016/11/15 12:0 a.m.36 views

polkit: Heap-corruption on duplicate IDs

Background polkit is a toolkit for managing policies relating to unprivileged processes communicating with privileged processes. Description A vulnerability was discovered in polkit’s polkitbackendactionpoolinit function due to duplicate action IDs in action descriptions. Impact Local attackers a...

4.6CVSS5.2AI score0.00365EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2016/07/20 12:0 a.m.36 views

Bugzilla: Multiple vulnerabilities

Background Bugzilla is the bug-tracking system from the Mozilla project. Description Multiple vulnerabilities have been discovered in Bugzilla. Please review the CVE identifiers referenced below for details. Impact Privileged account holders could execute system level commands, and the new user...

6.5CVSS6.9AI score0.02326EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2016/03/12 12:0 a.m.36 views

QtGui: Multiple vulnerabilities

Background QtGui is the GUI module and platform plugins for the Qt framework Description Multiple buffer overflow vulnerabilities have been discovered in QtGui. It is possible for remote attackers to construct specially crafted BMP, ICO, or GIF images that lead to buffer overflows. After...

6.8CVSS9.7AI score0.08736EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2015/07/23 12:0 a.m.36 views

e2fsprogs: Arbitrary code execution

Background e2fsprogs is a set of utilities for maintaining the ext2, ext3 and ext4 file systems. Description e2fsprogs has a heap-based buffer overflow in closefs.c in the libext2fs library. Impact A local attacker could execute arbitrary code via a specially crafted block group descriptor...

4.6CVSS9.6AI score0.00596EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2015/06/22 12:0 a.m.36 views

GnuTLS: Multiple vulnerabilities

Background GnuTLS is an Open Source implementation of the TLS and SSL protocols. Description Multiple vulnerabilities have been discovered in GnuTLS. Please review the CVE identifiers and external references below for details. Impact A context-dependent attacker can cause a denial of service...

7.5CVSS6.6AI score0.03921EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2015/04/11 12:0 a.m.36 views

sudo: Information disclosure

Background sudo allows a system administrator to give users the ability to run commands as other users. Access to commands may also be granted on a range to hosts. Description sudo does not handle the TZ environment variable properly. Impact A local attacker may be able to read arbitrary files or...

3.3CVSS5.3AI score0.0047EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2015/02/25 12:0 a.m.36 views

grep: Denial of service

Background grep is the GNU regular expression matcher. Description A heap buffer overrun has been fixed in the bmexectrans function in kwset.c. Impact A local user can cause Denial of Service. Workaround There is no known workaround at this time. Resolution All grep users should upgrade to the...

2.1CVSS9.1AI score0.00486EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2015/02/07 12:0 a.m.36 views

nginx: Information disclosure

Background nginx is a robust, small, and high performance HTTP and reverse proxy server. Description An SSL session fixation vulnerability has been found in nginx when multiple servers use the same shared sslsessioncache or sslsessionticketkey. Impact A remote attacker may be able to obtain...

4.3CVSS6.2AI score0.05654EPSS
Exploits0
Total number of security vulnerabilities3816