Lucene search
K
GentooMost viewed

3816 matches found

Gentoo Linux
Gentoo Linux
added 2017/07/08 12:0 a.m.99 views

VLC: Multiple vulnerabilities

Background VLC is a cross-platform media player and streaming server. Description Multiple vulnerabilities have been discovered in VLC. Please review the CVE identifiers referenced below for details. Impact A remote attacker, by enticing a user to open a specially crafted subtitles file, could...

7.8CVSS3.8AI score0.08765EPSS
Exploits4
Gentoo Linux
Gentoo Linux
added 2022/08/04 12:0 a.m.98 views

Go: Multiple Vulnerabilities

Background Go is an open source programming language that makes it easy to build simple, reliable, and efficient software. Description Multiple vulnerabilities have been discovered in Go. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE...

9.8CVSS8.5AI score0.10299EPSS
Exploits12
Gentoo Linux
Gentoo Linux
added 2021/05/26 12:0 a.m.98 views

Firejail: Privilege escalation

Background A SUID program that reduces the risk of security breaches by restricting the running environment of untrusted applications using Linux namespaces and seccomp-bpf. Description It was discovered that a flaw in Firejail’s OverlayFS code allowed restricted programs to escape sandbox. Impac...

7.8CVSS7.6AI score0.00444EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2021/01/26 12:0 a.m.98 views

libvirt: Unintended access to /dev/mapper/control

Background libvirt is a C toolkit for manipulating virtual machines. Description A file descriptor for /dev/mapper/control was insufficiently protected. Impact A local attacker may be able to escalate to root privileges. Workaround There is no known workaround at this time. Resolution All libvirt...

8.8CVSS4AI score0.00416EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2020/03/16 12:0 a.m.98 views

ProFTPd: Multiple vulnerabilities

Background ProFTPD is an advanced and very configurable FTP server. Description Multiple vulnerabilities have been discovered in ProFTPd. Please review the CVE identifiers referenced below for details. Impact A remote attacker, by interrupting the data transfer channel, could possibly execute...

9CVSS2.8AI score0.19507EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2020/03/15 12:0 a.m.98 views

GStreamer Base Plugins: Heap-based buffer overflow

Background A well-groomed and well-maintained collection of GStreamer plug-ins and elements, spanning the range of possible types of elements one would want to write for GStreamer. Description It was discovered that GStreamer Base Plugins did not correctly handle certain malformed RTSP streams...

8.8CVSS3.3AI score0.05962EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2018/03/22 12:0 a.m.98 views

collectd: Multiple vulnerabilities

Background collectd is a daemon which collects system and application performance metrics periodically and provides mechanisms to store the values in a variety of ways, for example in RRD files. Description Multiple vulnerabilities have been found in Gentoo’s collectd package. Please review the...

10CVSS8.3AI score0.03997EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2021/07/10 12:0 a.m.97 views

Tor: Multiple vulnerabilities

Background Tor is an implementation of second generation Onion Routing, a connection-oriented anonymizing communication service. Description Multiple vulnerabilities have been discovered in Tor. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CV...

7.5CVSS2.8AI score0.02721EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2021/02/01 12:0 a.m.97 views

Mozilla Firefox: Multiple vulnerabilities

Background Mozilla Firefox is a popular open-source web browser from the Mozilla project. Description Multiple vulnerabilities have been discovered in Mozilla Firefox. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details...

8.8CVSS3AI score0.01323EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2021/01/22 12:0 a.m.97 views

VirtualBox: Multiple vulnerabilities

Background VirtualBox is a powerful virtualization product from Oracle. Description Multiple vulnerabilities have been discovered in VirtualBox. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no...

8.2CVSS3.4AI score0.00999EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2021/01/10 12:0 a.m.97 views

ipmitool: Multiple vulnerabilities

Background Utility for controlling IPMI enabled devices. Description Multiple vulnerabilities have been discovered in ipmiool. Please review the CVE identifiers referenced below for details. Impact A remote attacker could possibly execute arbitrary code with the privileges of the process or cause...

8.8CVSS4.4AI score0.0329EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2020/03/15 12:0 a.m.97 views

libssh: Arbitrary command execution

Background libssh is a multiplatform C library implementing the SSHv2 protocol on client and server side. Description It was discovered that libssh incorrectly handled certain scp commands. Impact A remote attacker could trick a victim into using a specially crafted scp command, possibly resultin...

9.3CVSS3.1AI score0.0316EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2019/08/09 12:0 a.m.97 views

JasPer: Multiple vulnerabilities

Background JasPer is a software-based implementation of the codec specified in the JPEG-2000 Part-1 standard. Description Multiple vulnerabilities have been discovered in JasPer. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers fo...

7.8CVSS3.2AI score0.04676EPSS
Exploits15
Gentoo Linux
Gentoo Linux
added 2018/11/28 12:0 a.m.97 views

RPM: Multiple vulnerabilities

Background The Red Hat Package Manager RPM is a command line driven package management system capable of installing, uninstalling, verifying, querying, and updating computer software packages. Description Multiple vulnerabilities have been discovered in RPM. Please review the CVE identifiers...

10CVSS8.4AI score0.07669EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2017/09/24 12:0 a.m.97 views

Mercurial: Multiple vulnerabilities

Background Mercurial is a distributed source control management system. Description Multiple vulnerabilities have been discovered in Mercurial. Please review the referenced CVE identifiers for details. Impact A remote attacker could possibly execute arbitrary code with the privileges of the...

10CVSS9.9AI score0.21512EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2017/07/08 12:0 a.m.97 views

RoundCube: Security bypass

Background Free and open source webmail software for the masses, written in PHP. Description Authenticated users can arbitrarily reset passwords due to a problem caused by an improperly restricted exec call in the virtualmin and sasl drivers of the password plugin. Impact Authenticated users can...

8.8CVSS2.2AI score0.03471EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2015/12/30 12:0 a.m.97 views

Mozilla Products: Multiple vulnerabilities

Background Mozilla Firefox is an open-source web browser and Mozilla Thunderbird an open-source email client, both from the Mozilla Project. Description Multiple vulnerabilities have been discovered in Mozilla Firefox and Mozilla Thunderbird. Please review the CVE identifiers referenced below for...

10CVSS7.3AI score0.9986EPSS
Exploits20
Gentoo Linux
Gentoo Linux
added 2012/06/24 12:0 a.m.97 views

Apache HTTP Server: Multiple vulnerabilities

Background Apache HTTP Server is one of the most popular web servers on the Internet. Description Multiple vulnerabilities have been discovered in Apache HTTP Server. Please review the CVE identifiers referenced below for details. Impact A remote attacker might obtain sensitive information, gain...

7.8CVSS7.9AI score0.98945EPSS
Exploits46
Gentoo Linux
Gentoo Linux
added 2022/10/16 12:0 a.m.96 views

Rust: Multiple Vulnerabilities

Background A systems programming language that runs blazingly fast, prevents segfaults, and guarantees thread safety. Description Multiple vulnerabilities have been discovered in Rust. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE...

9.8CVSS2.7AI score0.12205EPSS
Exploits12
Gentoo Linux
Gentoo Linux
added 2020/12/07 12:0 a.m.95 views

X.Org X Server: Multiple vulnerabilities

Background The X Window System is a graphical windowing system based on a client/server model. Description Multiple vulnerabilities have been discovered in X.org X Server. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for...

7.8CVSS4.3AI score0.00629EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2019/09/06 12:0 a.m.95 views

VLC: Multiple vulnerabilities

Background VLC is a cross-platform media player and streaming server. Description Multiple vulnerabilities have been discovered in VLC. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known...

9.8CVSS2.9AI score0.036EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2019/08/03 12:0 a.m.95 views

libpng: Multiple vulnerabilities

Background libpng is a standard library used to process PNG Portable Network Graphics images. It is used by several programs, including web browsers and potentially server processes. Description Multiple vulnerabilities have been discovered in libpng. Please review the CVE identifiers referenced...

8.8CVSS3.5AI score0.09393EPSS
Exploits5
Gentoo Linux
Gentoo Linux
added 2019/04/02 12:0 a.m.95 views

Cairo: Denial of service

Background Cairo is a 2D vector graphics library with cross-device output support. Description Multiple vulnerabilities have been discovered in Cairo. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There ...

7.5CVSS2.7AI score0.03463EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2018/12/21 12:0 a.m.95 views

Go: Multiple vulnerabilities

Background Go is an open source programming language that makes it easy to build simple, reliable, and efficient software. Description Multiple vulnerabilities have been discovered in Go. Please review the CVE identifiers referenced below for details. Impact A remote attacker could cause arbitrar...

8.1CVSS8.4AI score0.66252EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2017/01/03 12:0 a.m.95 views

Mozilla Firefox, Thunderbird: Multiple vulnerabilities

Background Mozilla Firefox is a cross-platform web browser from Mozilla. The Mozilla Thunderbird mail client is a redesign of the Mozilla Mail component. The goal is to produce a cross-platform stand-alone mail application using XUL XML User Interface Language. Description Multiple vulnerabilitie...

10CVSS3.5AI score0.87598EPSS
Exploits33
Gentoo Linux
Gentoo Linux
added 2021/01/25 12:0 a.m.94 views

Flatpak: Sandbox escape

Background Flatpak is a Linux application sandboxing and distribution framework. Description A bug was discovered in the flatpak-portal service that can allow sandboxed applications to execute arbitrary code on the host system a sandbox escape. Impact A remote attacker could entice a user to open...

8.8CVSS3.9AI score0.0057EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2021/01/10 12:0 a.m.94 views

Mozilla Firefox: Remote code execution

Background Mozilla Firefox is a popular open-source web browser from the Mozilla project. Description A use-after-free bug was discovered in Mozilla Firefox’s handling of SCTP. Impact A remote attacker could possibly execute arbitrary code with the privileges of the process, or cause a Denial of...

8.8CVSS9.5AI score0.01304EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2019/04/22 12:0 a.m.94 views

SQLite: Remote code execution

Background SQLite is a C library that implements an SQL database engine. Description An integer overflow was discovered in SQLite’s FTS3 extension. Impact A remote attacker could, by executing arbitrary SQL statements against a vulnerable host, execute arbitrary code. Workaround There is no known...

8.1CVSS8.6AI score0.09683EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2018/04/22 12:0 a.m.94 views

tenshi: Privilege escalation

Background A log monitoring program, designed to watch one or more log files for lines matching user defined regular expressions and report on the matches. Description It was discovered that the tenshi ebuild creates a tenshi.pid file after dropping privileges to a non-root account. Impact A loca...

7.8CVSS2.6AI score0.0109EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2018/02/20 12:0 a.m.94 views

MySQL: Multiple vulnerabilities

Background A fast, multi-threaded, multi-user SQL database server. Description Multiple vulnerabilities have been discovered in MySQL. Please review the referenced CVE identifiers for details. Impact A remote attacker could execute arbitrary code without authentication or cause a partial denial o...

7.8CVSS8.5AI score0.89924EPSS
Exploits8
Gentoo Linux
Gentoo Linux
added 2017/11/10 12:0 a.m.94 views

libxml2: Multiple vulnerabilities

Background libxml2 is the XML eXtended Markup Language C parser and toolkit initially developed for the Gnome project. Description Multiple vulnerabilities have been discovered in libxml2. Please review the CVE identifiers referenced below for details. Impact A remote attacker, by enticing a user...

9.8CVSS8.9AI score0.04888EPSS
Exploits6
Gentoo Linux
Gentoo Linux
added 2017/06/20 12:0 a.m.94 views

mbed TLS: Multiple vulnerabilities

Background mbed TLS previously PolarSSL is an “easy to understand, use, integrate and expand” implementation of the TLS and SSL protocols and the respective cryptographic algorithms and support code required. Description Multiple vulnerabilities have been discovered in mbed TLS. Please review the...

8.1CVSS8AI score0.03629EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2013/10/25 12:0 a.m.94 views

FFmpeg: Multiple vulnerabilities

Background FFmpeg is a complete solution to record, convert and stream audio and video. Description Multiple vulnerabilities have been discovered in FFmpeg. Please review the CVE identifiers and FFmpeg changelogs referenced below for details. Impact A remote attacker could entice a user to open a...

10CVSS9.8AI score0.17038EPSS
Exploits16
Gentoo Linux
Gentoo Linux
added 2007/10/07 12:0 a.m.94 views

PHP: Multiple vulnerabilities

Background PHP is a widely-used general-purpose scripting language that is especially suited for Web development and can be embedded into HTML. Description Several vulnerabilities were found in PHP. Mattias Bengtsson and Philip Olausson reported integer overflows in the gdImageCreate and...

7.8CVSS8.9AI score0.13818EPSS
Exploits16
Gentoo Linux
Gentoo Linux
added 2021/01/26 12:0 a.m.93 views

FreeRADIUS: Root privilege escalation

Background FreeRADIUS is a modular, high performance free RADIUS suite. Description It was discovered that Gentoo’s FreeRADIUS systemd unit set permissions on an unsafe directory on start. Impact A local attacker could escalate privileges. Workaround There is no known workaround at this time...

7.2AI score
Exploits0
Gentoo Linux
Gentoo Linux
added 2020/03/16 12:0 a.m.93 views

Mozilla Network Security Service: Multiple vulnerabilities

Background The Mozilla Network Security Service NSS is a library implementing security features like SSL v.2/v.3, TLS, PKCS 5, PKCS 7, PKCS 11, PKCS 12, S/MIME and X.509 certificates. Description Multiple vulnerabilities have been discovered in Mozilla Network Security Service NSS. Please review...

8.8CVSS3.8AI score0.02994EPSS
Exploits4
Gentoo Linux
Gentoo Linux
added 2018/03/19 12:0 a.m.93 views

Oracle JDK/JRE: Multiple vulnerabilities

Background Java Platform, Standard Edition Java SE lets you develop and deploy Java applications on desktops and servers, as well as in today’s demanding embedded environments. Java offers the rich user interface, performance, versatility, portability, and security that today’s applications...

8.3CVSS8.9AI score0.06905EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2017/10/22 12:0 a.m.93 views

Kodi: Arbitrary code execution

Background Kodi is a free and open source media-center and entertainment hub previously known as XBMC. Description Kodi is vulnerable due to shipping with an embedded version of UnRAR. Please review the referenced CVE identifier for details. Impact A remote attacker, by enticing a user to process...

10CVSS9.6AI score0.10027EPSS
Exploits4
Gentoo Linux
Gentoo Linux
added 2023/05/03 12:0 a.m.92 views

Firejail: Local Privilege Escalation

Background A SUID program that reduces the risk of security breaches by restricting the running environment of untrusted applications using Linux namespaces and seccomp-bpf. Description Firejail does not sufficiently validate the user's environment prior to using it as the root user when using th...

7.8CVSS7.5AI score0.00382EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2022/08/21 12:0 a.m.92 views

Vim, gVim: Multiple Vulnerabilities

Background Vim is an efficient, highly configurable improved version of the classic ‘vi’ text editor. gVim is the GUI version of Vim. Description Multiple vulnerabilities have been discovered in Vim and gVim. Please review the CVE identifiers referenced below for details. Impact Please review the...

9.8CVSS8.9AI score0.12272EPSS
Exploits92
Gentoo Linux
Gentoo Linux
added 2021/07/09 12:0 a.m.92 views

Redis: Multiple vulnerabilities

Background Redis is an open source BSD licensed, in-memory data structure store, used as a database, cache and message broker. Description Multiple vulnerabilities have been discovered in Redis. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CV...

8.8CVSS2.1AI score0.04028EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2021/05/26 12:0 a.m.92 views

Bash: Privilege escalation

Background Bash is the standard GNU Bourne Again SHell. Description It was discovered that Bash incorrectly dropped privileges by setting its effective UID to its real UID. Impact A local attacker could possibly escalate privileges. Workaround There is no known workaround at this time. Resolution...

7.8CVSS7.7AI score0.02608EPSS
Exploits5
Gentoo Linux
Gentoo Linux
added 2019/11/07 12:0 a.m.92 views

OpenSSL: Multiple vulnerabilities

Background OpenSSL is an Open Source toolkit implementing the Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 as well as a general purpose cryptography library. Description Multiple vulnerabilities have been discovered in OpenSSL. Please review the CVE identifiers referenced...

4.7CVSS2.3AI score0.03838EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2019/08/03 12:0 a.m.92 views

Binutils: Multiple vulnerabilities

Background The GNU Binutils are a collection of tools to create, modify and analyse binary files. Many of the files use BFD, the Binary File Descriptor library, to do low-level manipulation. Description Multiple vulnerabilities have been discovered in Binutils. Please review the referenced CVE...

9.8CVSS2.9AI score0.0669EPSS
Exploits9
Gentoo Linux
Gentoo Linux
added 2019/04/02 12:0 a.m.92 views

Subversion: Denial of service

Background Subversion is a version control system intended to eventually replace CVS. Like CVS, it has an optional client-server architecture where the server can be an Apache server running modsvn, or an ssh program as in CVS’s :ext: method. In addition to supporting the features found in CVS,...

7.5CVSS7.7AI score0.57822EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2018/04/04 12:0 a.m.92 views

libxslt: Multiple vulnerabilities

Background libxslt is the XSLT C library developed for the GNOME project. XSLT is an XML language to define transformations for XML. Description Multiple vulnerabilities have been discovered in libxslt. Please review the CVE identifiers referenced below for details. Impact A remote attacker, via ...

9.3CVSS9.1AI score0.04147EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2018/03/19 12:0 a.m.92 views

JabberD 2.x: Multiple vulnerabilities

Background JabberD 2.x is an open source Jabber server written in C. Description Multiple vulnerabilities have been discovered in Gentoo’s JabberD 2.x ebuild. Please review the referenced CVE identifiers for details. Impact An attacker could possibly escalate privileges by owning system binaries ...

9.8CVSS8.6AI score0.0289EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2018/03/19 12:0 a.m.92 views

KDE Plasma Workspaces: Multiple vulnerabilities

Background KDE Plasma workspace is a widget based desktop environment designed to be fast and efficient. Description Multiple vulnerabilities have been discovered in KDE Plasma Workspaces. Please review the referenced CVE identifiers for details. Impact An attacker could execute arbitrary command...

7.2CVSS7.1AI score0.02127EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2017/09/24 12:0 a.m.92 views

Chromium: Multiple vulnerabilities

Background Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web. Description Multiple vulnerabilities have been discovered in Chromium. Please review the referenced CVE identifiers for details. Impact A remote...

8.8CVSS8.9AI score0.26331EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2017/01/19 12:0 a.m.92 views

IcedTea: Multiple vulnerabilities

Background IcedTea’s aim is to provide OpenJDK in a form suitable for easy configuration, compilation and distribution with the primary goal of allowing inclusion in GNU/Linux distributions. Description Various OpenJDK attack vectors in IcedTea, such as 2D, Corba, Hotspot, Libraries, and JAXP,...

9.6CVSS8.7AI score0.0669EPSS
Exploits0
Total number of security vulnerabilities3816