Lucene search
K
GentooMost viewed

3816 matches found

Gentoo Linux
Gentoo Linux
added 2005/03/01 12:0 a.m.31 views

phpWebSite: Arbitrary PHP execution and path disclosure

Background phpWebSite provides a complete web site content management system. Description NST discovered that, when submitting an announcement, uploaded files aren't correctly checked for malicious code. They also found out that phpWebSite is vulnerable to a path disclosure. Impact A remote...

7.5CVSS7.2AI score0.021EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2005/01/16 12:0 a.m.31 views

Squid: Multiple vulnerabilities

Background Squid is a full-featured Web proxy cache designed to run on Unix systems. It supports proxying and caching of HTTP, FTP, and other URLs, as well as SSL support, cache hierarchies, transparent caching, access control lists and many other features. Description Squid contains a...

10CVSS7.1AI score0.68776EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2004/11/24 12:0 a.m.31 views

TWiki: Arbitrary command execution

Background TWiki is a Web-based groupware tool based around the concept of wiki pages that can be edited by anybody with a Web browser. Description The TWiki search function, which uses a shell command executed via the Perl backtick operator, does not properly escape shell metacharacters in the...

10CVSS6.9AI score0.61668EPSS
Exploits8
Gentoo Linux
Gentoo Linux
added 2004/11/19 12:0 a.m.31 views

X.Org, XFree86: libXpm vulnerabilities

Background libXpm is a pixmap manipulation library for the X Window System, included in both X.Org and XFree86. Description Several issues were discovered in libXpm, including integer overflows, out-of-bounds memory accesses, insecure path traversal and an endless loop. Impact An attacker could...

10CVSS7.1AI score0.08698EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2004/11/06 12:0 a.m.31 views

Gallery: Cross-site scripting vulnerability

Background Gallery is a web application written in PHP which is used to organize and publish photo albums. It allows multiple users to build and maintain their own albums. It also supports the mirroring of images on other servers. Description Jim Paris has discovered a cross-site scripting...

6.8CVSS3.3AI score0.01477EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2004/10/25 12:0 a.m.31 views

MIT krb5: Insecure temporary file use in send-pr.sh

Background MIT krb5 is the free implementation of the Kerberos network authentication protocol written by the Massachusetts Institute of Technology. Description The send-pr.sh script creates temporary files in world-writeable directories with predictable names. Impact A local attacker could creat...

2.1CVSS6.4AI score0.00328EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2004/10/20 12:0 a.m.31 views

OpenOffice.org: Temporary files disclosure

Background OpenOffice.org is an office productivity suite, including word processing, spreadsheets, presentations, drawings, data charting, formula editing, and file conversion facilities. Description On start-up, OpenOffice.org 1.1.2 creates a temporary directory with insecure permissions. When ...

2.1CVSS6AI score0.00559EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2004/10/18 12:0 a.m.31 views

phpMyAdmin: Vulnerability in MIME-based transformation system

Background phpMyAdmin is a popular web-based MySQL administration tool written in PHP. It allows users to browse and administer a MySQL database from a web-browser. Transformations are a phpMyAdmin feature allowing plug-ins to rewrite the contents of any column seen in phpMyAdmin's Browsing mode,...

7.5CVSS1.7AI score0.02926EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2004/09/12 12:0 a.m.31 views

Webmin, Usermin: Multiple vulnerabilities in Usermin

Background Webmin and Usermin are web-based system administration consoles. Webmin allows an administrator to easily configure servers and other features. Usermin allows users to configure their own accounts, execute commands, and read e-mail. The Usermin functionality, including webmail, is also...

7.5CVSS7.2AI score0.03608EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2004/09/01 12:0 a.m.31 views

MySQL: Insecure temporary file creation in mysqlhotcopy

Background MySQL is a popular open-source multi-threaded, multi-user SQL database server. Description Jeroen van Wolffelaar discovered that the MySQL database hot copy utility mysqlhotcopy.sh, when using the scp method, uses temporary files with predictable names. A malicious local user with writ...

4.6CVSS6.7AI score0.00515EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2004/07/12 12:0 a.m.31 views

rsync: Directory traversal in rsync daemon

Background rsync is a utility that provides fast incremental file transfers. It is used to efficiently synchronize files between hosts and is used by emerge to fetch Gentoo's Portage tree. rsyncd is the rsync daemon, which listens to connections from rsync clients. Description When rsyncd is used...

5CVSS6.3AI score0.03404EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2004/05/18 12:0 a.m.31 views

Pound format string vulnerability

Background Pound is a reverse proxy, load balancer and HTTPS front-end. It allows to distribute the load on several web servers and offers a SSL wrapper for web servers that do not support SSL directly. Description A format string flaw in the processing of syslog messages was discovered and...

7.5CVSS1AI score0.0664EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2004/04/07 12:0 a.m.31 views

ClamAV RAR Archive Remote Denial Of Service Vulnerability

Background From http://www.clamav.net/ : "Clam AntiVirus is a GPL anti-virus toolkit for UNIX. The main purpose of this software is the integration with mail servers attachment scanning. The package provides a flexible and scalable multi-threaded daemon, a command line scanner, and a tool for...

2.6CVSS0.9AI score0.01406EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2025/07/22 12:0 a.m.30 views

Roundcube: Multiple Vulnerabilities

Background Free and open source webmail software for the masses, written in PHP. Description Multiple vulnerabilities have been discovered in Roundcube. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround Ther...

9.8CVSS7.6AI score0.42751EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2024/12/08 12:0 a.m.30 views

HashiCorp Consul: Multiple Vulnerabilities

Background HashiCorp Consul is a tool for service discovery, monitoring and configuration. Description Multiple vulnerabilities have been discovered in HashiCorp Consul. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details...

8.7CVSS8.5AI score0.99999EPSS
Exploits19
Gentoo Linux
Gentoo Linux
added 2024/07/24 12:0 a.m.30 views

ExifTool: Multiple vulnerabilities

Background ExifTool is a platform-independent Perl library plus a command-line application for reading, writing and editing meta information in a wide variety of files. Description Multiple vulnerabilities have been discovered in ExifTool. Please review the CVE identifiers referenced below for...

7.8CVSS7.3AI score0.99981EPSS
Exploits44
Gentoo Linux
Gentoo Linux
added 2024/07/05 12:0 a.m.30 views

BusyBox: Multiple Vulnerabilities

Background BusyBox is set of tools for embedded systems and is a replacement for GNU Coreutils. Description Multiple vulnerabilities have been discovered in BusyBox. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details...

9.8CVSS7.7AI score0.03379EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2024/05/05 12:0 a.m.30 views

Mozilla Firefox: Multiple Vulnerabilities

Background Mozilla Firefox is a popular open-source web browser from the Mozilla project. Description Multiple vulnerabilities have been discovered in Mozilla Firefox. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details...

9.8CVSS7.1AI score0.00937EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2024/02/26 12:0 a.m.30 views

GNU Aspell: Heap Buffer Overflow

Background GNU Aspell is a popular spell-checker. Dictionaries are available for many languages. Description Multiple vulnerabilities have been discovered in GNU Aspell. Please review the CVE identifiers referenced below for details. Impact GNU Aspell has a heap-based buffer overflow in...

7.8CVSS7.8AI score0.00549EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2024/01/17 12:0 a.m.30 views

OpenJDK: Multiple Vulnerabilities

Background OpenJDK is an open source implementation of the Java programming language. Description Multiple vulnerabilities have been discovered in OpenJDK. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround...

9.8CVSS7.6AI score0.17673EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2024/01/15 12:0 a.m.30 views

KTextEditor: Arbitrary Local Code Execution

Background Framework providing a full text editor component for KDE. Description A vulnerability has been discovered in KTextEditor. Please review the CVE identifiers referenced below for details. Impact KTextEditor executes binaries without user interaction in a few cases, e.g. KTextEditor will...

7.8CVSS7.2AI score0.00894EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2024/01/10 12:0 a.m.30 views

FAAD2: Multiple Vulnerabilities

Background FAAD2 is an open source MPEG-4 and MPEG-2 AAC decoder. Description Multiple vulnerabilities have been discovered in FAAD2. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known...

6.5CVSS7.7AI score0.00898EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2024/01/07 12:0 a.m.30 views

Eclipse Mosquitto: Multiple Vulnerabilities

Background Eclipse Mosquitto is an open source MQTT v3 broker. Description Multiple vulnerabilities have been discovered in Eclipse Mosquitto. Please review the CVE identifier referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no kno...

7.5CVSS7.4AI score0.01107EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2023/09/29 12:0 a.m.30 views

GMP: Buffer Overflow Vulnerability

Background The GNU Multiple Precision Arithmetic Library is a library forarbitrary-precision arithmetic on different types of numbers. Description There is an integer overflow leading to a buffer overflow when processing untrusted input via GMP's mpzinpraw function. Impact Untrusted input can cau...

7.5CVSS7.3AI score0.03425EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2023/05/30 12:0 a.m.30 views

Mozilla Thunderbird: Multiple Vulnerabilities

Background Mozilla Thunderbird is a popular open-source email client from the Mozilla project. Description Multiple vulnerabilities have been discovered in Mozilla Thunderbird. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for...

8.8CVSS7.4AI score0.01185EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2023/05/03 12:0 a.m.30 views

ISC DHCP: Multiple Vulnerabilities

Background ISC DHCP is ISC's reference implementation of all aspects of the Dynamic Host Configuration Protocol. Description Multiple vulnerabilities have been discovered in ISC DHCP. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifie...

7.4CVSS8AI score0.06118EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2023/05/03 12:0 a.m.30 views

AtomicParsley: Multiple Vulnerabilities

Background AtomicParsley is a command line program for manipulating iTunes-style metadata in MPEG4 files. Description Multiple vulnerabilities have been discovered in AtomicParsley. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers...

9.8CVSS9.6AI score0.02155EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2021/04/30 12:0 a.m.30 views

ClamAV: Denial of service

Background ClamAV is a GPL virus scanner. Description A vulnerability has been discovered in ClamAV. Please review the CVE identifier referenced below for details. Impact A remote attacker could cause ClamAV to scan a specially crafted file, possibly resulting a Denial of Service condition...

7.5CVSS3.8AI score0.03155EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2021/04/30 12:0 a.m.30 views

X.Org X Server: Privilege escalation

Background The X Window System is a graphical windowing system based on a client/server model. Description It was discovered that X.Org X Server did not sufficiently check the length of the XInput extension’s ChangeFeedbackControl request. Impact An authorized attacker could possibly escalate...

7.8CVSS7.9AI score0.0105EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2020/08/27 12:0 a.m.30 views

X.Org X11 library: Multiple vulnerabilities

Background X.Org is an implementation of the X Window System. The X.Org X11 library provides the X11 protocol library files. Description Multiple vulnerabilities have been discovered in X.org X11 library. Please review the CVE identifiers referenced below for details. Impact Please review the...

7.8CVSS3.3AI score0.00575EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2018/04/17 12:0 a.m.30 views

GDK-PixBuf: Remote code execution

Background GDK-PixBuf is an image loading library for GTK+. Description Several integer overflows were discovered in GDK-PixBuf’s gifgetlzw function. Impact A remote attacker, by enticing a user to process a specially crafted image file, could execute arbitrary code or cause a Denial of Service...

8.8CVSS8.4AI score0.02021EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2018/04/08 12:0 a.m.30 views

mailx: Multiple vulnerabilities

Background A utility program for sending and receiving mail, also known as a Mail User Agent program. Description Multiple vulnerabilities have been discovered in mailx. Please review the CVE identifiers referenced below for details. Impact A remote attacker could execute arbitrary commands...

7.8CVSS8.5AI score0.06858EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2018/01/07 12:0 a.m.30 views

MiniUPnPc: Arbitrary code execution

Background The client library, enabling applications to access the services provided by an UPnP “Internet Gateway Device” present on the network. Description An exploitable buffer overflow vulnerability exists in the XML parser functionality of the MiniUPnP library. Impact A remote attacker, by...

6.8CVSS7.3AI score0.04783EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2018/01/07 12:0 a.m.30 views

OptiPNG: Multiple vulnerabilities

Background OptiPNG is a PNG optimizer that re-compresses image files to a smaller size, without losing any information. Description Multiple vulnerabilities have been discovered in OptiPNG. Please review the referenced CVE identifiers for details. Impact A remote attacker could entice a user to...

7.8CVSS8.3AI score0.01968EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2017/06/06 12:0 a.m.30 views

ImageWorsener: Multiple vulnerabilities

Background ImageWorsener is a cross-platform command-line utility and library for image scaling and other image processing. Description Multiple vulnerabilities have been discovered in ImageWorsener. Please review the CVE identifiers referenced below for details. Impact A remote attacker could...

8.8CVSS3.6AI score0.02569EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2017/02/10 12:0 a.m.30 views

Graphviz: Multiple vulnerabilities

Background Graphviz is an open source graph visualization software. Description Multiple vulnerabilities in Graphviz were discovered. Please review the CVE identifiers referenced below for details. Impact A remote attacker, able to control input matched against a regular expression or by enticing...

10CVSS7.7AI score0.06082EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2017/02/06 12:0 a.m.30 views

RTMPDump: Multiple vulnerabilities

Background RTMPDump is an RTMP client intended to stream audio or video flash content Description Multiple vulnerabilities have been discovered in RTMPDump. The following is a list of vulnerabilities fixed: Additional decode input size checks Ignore zero-length packets Potential integer overflow ...

8.5AI score
Exploits0
Gentoo Linux
Gentoo Linux
added 2017/01/01 12:0 a.m.30 views

Xdg-Utils: Command injection

Background Xdg-Utils is a set of tools allowing all applications to easily integrate with the Free Desktop configuration. Description An eval injection vulnerability was discovered in Xdg-Utils. Impact A context-dependent attacker could execute arbitrary code via the URL argument to xdg-open...

6.8CVSS9.2AI score0.03256EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2016/12/13 12:0 a.m.30 views

Zabbix: Multiple vulnerabilities

Background Zabbix is software for monitoring applications, networks, and servers. Description Multiple vulnerabilities have been discovered in Zabbix. Please review the CVE identifiers referenced below for details. Impact A remote attacker could possibly execute arbitrary code with the privileges...

8.1CVSS3.8AI score0.21141EPSS
Exploits6
Gentoo Linux
Gentoo Linux
added 2016/12/13 12:0 a.m.30 views

Pixman: Buffer overflow

Background Pixman is a pixel manipulation library. Description In pixman-general, careless computations done with the ‘destbuffer’ pointer may overflow, failing the buffer upper limit check. Impact A remote attacker could possibly cause a Denial of Service condition, or execute arbitrary code wit...

8.4AI score
Exploits0
Gentoo Linux
Gentoo Linux
added 2016/04/26 12:0 a.m.30 views

libksba: Multiple vulnerabilities

Background Libksba is a X.509 and CMS PKCS7 library. Description libksba is vulnerable to two integer overflows and a Denial of Service vulnerability. Please read the references for additional details. Impact Remote attackers could cause Denial of Service or unspecified other vectors through...

4.8AI score
Exploits0
Gentoo Linux
Gentoo Linux
added 2015/03/14 12:0 a.m.30 views

hivex: User-assisted execution of arbitrary code

Background hivex is a library for reading and writing Windows Registry ‘hive’ binary files. Description Manipulating a short or truncated hive file may trigger an out-of-bounds read or write in hivex. Impact A context-dependent attacker could cause an application linked against hivex to pass a...

4.6CVSS6AI score0.00625EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2014/12/26 12:0 a.m.30 views

Icecast: Multiple Vulnerabilities

Background Icecast is an open source alternative to SHOUTcast that supports MP3, OGG Vorbis/Theora and AAC streaming. Description Two vulnerabilities have been discovered in Icecast: Icecast does not properly handle shared file descriptors CVE-2014-9018 Supplementary group privileges are not...

5CVSS6.8AI score0.02965EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2014/12/13 12:0 a.m.30 views

FreeRDP: User-assisted execution of arbitrary code

Background FreeRDP is a free implementation of the remote desktop protocol. Description FreeRDP does not properly validate user-supplied input, which could lead to an integer overflow in the xfPointerNew function. Impact A remote attacker could execute arbitrary code with the privileges of the...

7.5CVSS8.7AI score0.0367EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2014/11/23 12:0 a.m.30 views

Openswan: Denial of service

Background Openswan is an implementation of IPsec for Linux. Description A NULL pointer dereference has been found in Openswan. Impact A remote attacker could create a Denial of Service condition. Workaround There is no known workaround at this time. Resolution Gentoo has discontinued support for...

5CVSS6.4AI score0.02664EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2014/11/16 12:0 a.m.30 views

GNU Wget: Arbitrary code execution

Background GNU Wget is a free software package for retrieving files using HTTP, HTTPS and FTP, the most widely-used Internet protocols. Description An absolute path traversal vulnerability has been found in GNU Wget. Impact A remote FTP server is able to write to arbitrary files, and consequently...

9.3CVSS7.6AI score0.39883EPSS
Exploits4
Gentoo Linux
Gentoo Linux
added 2014/11/05 12:0 a.m.30 views

TigerVNC: User-assisted execution of arbitrary code

Background TigerVNC is a high-performance VNC server/client. Description Two boundary errors in TigerVNC could lead to a heap-based buffer overflow. Impact A remote attacker could entice a user to connect to a malicious VNC server using TigerVNC, possibly resulting in execution of arbitrary code...

9.8CVSS9.5AI score0.02494EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2014/08/26 12:0 a.m.30 views

file: Denial of service

Background file is a utility that guesses a file format by scanning binary data for patterns. Description BEGIN regular expression in the awk script detector in magic/Magdir/commands uses multiple wildcards with unlimited repetitions. Impact A context-dependent attacker could entice a user to ope...

5CVSS7.6AI score0.0304EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2014/02/21 12:0 a.m.30 views

TCPTrack: Arbitrary code execution

Background TCPTrack is a simple libpcap based program for live TCP connection monitoring. Description A heap-based buffer overflow vulnerability exists in TCPTrack’s parsing of command line arguments. This is only a vulnerability in limited scenarios in which TCPTrack is “configured as a handler...

6.8CVSS7.8AI score0.02333EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2014/02/20 12:0 a.m.30 views

GNU Midnight Commander: User-assisted execution of arbitrary code

Background GNU Midnight Commander is a text based file manager. Description GNU Midnight Commander does not properly sanitize environment variables. Impact A remote attacker could entice a user to open a specially crafted archive file using GNU Midnight Commander, possibly resulting in execution ...

5.1CVSS7AI score0.01867EPSS
Exploits0
Total number of security vulnerabilities3816