Lucene search
K
GentooMost viewed

3816 matches found

Gentoo Linux
Gentoo Linux
added 2004/12/30 12:0 a.m.29 views

PHProjekt: Remote code execution vulnerability

Background PHProjekt is a modular groupware web application used to coordinate group activities and share files. Description cYon discovered that the authform.inc.php script allows a remote user to define the global variable $pathpre. Impact A remote attacker can exploit this vulnerability to for...

4.1AI score
Exploits0
Gentoo Linux
Gentoo Linux
added 2004/12/21 12:0 a.m.29 views

Zwiki: XSS vulnerability

Background Zwiki is a Zope wiki-clone for easy-to-edit collaborative websites. Description Due to improper input validation, Zwiki can be exploited to perform cross-site scripting attacks. Impact By enticing a user to read a specially-crafted wiki entry, an attacker can execute arbitrary script...

6.8CVSS3.6AI score0.04945EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2004/11/08 12:0 a.m.29 views

OpenSSL, Groff: Insecure tempfile handling

Background OpenSSL is a toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols as well as a general-purpose cryptography library. It includes the derchop script, which is used to convert DER-encoded certificates to PEM format. Groff GNU Troff is a typesetting package...

2.1CVSS6AI score0.00415EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2004/11/06 12:0 a.m.29 views

ImageMagick: EXIF buffer overflow

Background ImageMagick is a collection of tools to read, write and manipulate images in many formats. Description ImageMagick fails to do proper bounds checking when handling image files with EXIF information. Impact An attacker could use an image file with specially-crafted EXIF information to...

10CVSS7AI score0.05843EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2004/11/02 12:0 a.m.29 views

libxml2: Remotely exploitable buffer overflow

Background libxml2 is an XML parsing library written in C. Description Multiple buffer overflows have been detected in the nanoftp and nanohttp modules. These modules are responsible for parsing URLs with ftp information, and resolving names via DNS. Impact An attacker could exploit an applicatio...

10CVSS7AI score0.21686EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2004/10/27 12:0 a.m.29 views

rssh: Format string vulnerability

Background rssh is a restricted shell, allowing only a few commands like scp or sftp. It is often used as a complement to OpenSSH to provide limited access to users. Description Florian Schilhabel from the Gentoo Linux Security Audit Team found a format string vulnerability in rssh syslogging of...

9CVSS1.7AI score0.04702EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2004/10/09 12:0 a.m.29 views

ed: Insecure temporary file handling

Background ed is a line-oriented text editor, used to create or modify text files, both interactively and via shell scripts. Description ed insecurely creates temporary files in world-writeable directories with predictable names. Given that ed is used in various system shell scripts, they are by...

4.6CVSS6.2AI score0.00392EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2004/09/14 12:0 a.m.29 views

SUS: Local root vulnerability

Background SUS is a utility that allows regular users to be able to execute certain commands as root. Description Leon Juranic found a bug in the logging functionality of SUS that can lead to local privilege escalation. A format string vulnerability exists in the log function due to an incorrect...

7.2CVSS3.5AI score0.0062EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2004/08/05 12:0 a.m.29 views

Opera: Multiple new vulnerabilities

Background Opera is a multi-platform web browser. Description Multiple vulnerabilities have been found in the Opera web browser. Opera fails to deny write access to the "location" browser object. An attacker can overwrite methods in this object and gain script access to any page that uses one of...

5CVSS1.7AI score0.02989EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2004/05/23 12:0 a.m.29 views

Buffer Overflow in Firebird

Background Firebird is an open source relational database that runs on Linux, Windows, and various UNIX systems. Description A buffer overflow exists in three Firebird binaries gdsinetserver, gdslockmgr, and gdsdrop that is exploitable by setting a large value to the INTERBASE environment variabl...

4.6CVSS7AI score0.01012EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2004/05/20 12:0 a.m.29 views

cadaver heap-based buffer overflow

Background cadaver is a command-line WebDAV client. Description Stefan Esser discovered a vulnerability in the code of the neon library see GLSA 200405-13. This library is also included in cadaver. Impact When connected to a malicious WebDAV server, this vulnerability could allow remote execution...

7.5CVSS7AI score0.05015EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2004/05/11 12:0 a.m.29 views

ClamAV VirusEvent parameter vulnerability

Background From http://www.clamav.net/ : "Clam AntiVirus is a GPL anti-virus toolkit for UNIX. The main purpose of this software is the integration with mail servers attachment scanning. The package provides a flexible and scalable multi-threaded daemon, a command line scanner, and a tool for...

4.6CVSS1.3AI score0.00585EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2004/04/26 12:0 a.m.29 views

Multiple Vulnerabilities in ssmtp

Background SSMTP is a very simple mail transfer agent MTA that relays mail from the local machine to another SMTP host. It is not designed to function as a full mail server; its sole purpose is to relay mail. Description There are two format string vulnerabilities inside the logevent and die...

5CVSS7.2AI score0.03504EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2024/09/22 12:0 a.m.28 views

Rust: Multiple Vulnerabilities

Background A systems programming language that runs blazingly fast, prevents segfaults, and guarantees thread safety. Description Multiple vulnerabilities have been discovered in Rust. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE...

7.9CVSS7.7AI score0.00763EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2024/08/07 12:0 a.m.28 views

aiohttp: Multiple Vulnerabilities

Background aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. Description Multiple vulnerabilities have been discovered in aiohttp. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details...

7.5CVSS7.7AI score0.01085EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2024/07/10 12:0 a.m.28 views

Buildah: Multiple Vulnerabilities

Background Buildah is a tool that facilitates building Open Container Initiative OCI container images Description Please review the referenced CVE identifiers for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workaround at this time...

10CVSS7.3AI score0.02983EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2024/07/09 12:0 a.m.28 views

LIVE555 Media Server: Multiple Vulnerabilities

Background LIVE555 Media Server is a set of libraries for multimedia streaming. Description Multiple vulnerabilities have been discovered in LIVE555 Media Server. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details...

9.8CVSS7.3AI score0.01612EPSS
Exploits6
Gentoo Linux
Gentoo Linux
added 2024/05/12 12:0 a.m.28 views

Mozilla Thunderbird: Multiple Vulnerabilities

Background Mozilla Thunderbird is a popular open-source email client from the Mozilla project. Description Multiple vulnerabilities have been discovered in Mozilla Thunderbird. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for...

8.8CVSS7.6AI score0.00937EPSS
Exploits4
Gentoo Linux
Gentoo Linux
added 2024/05/08 12:0 a.m.28 views

Epiphany: Buffer Overflow

Background Epiphany is a GNOME webbrowser based on the Mozilla rendering engine Gecko. Description A vulnerability has been discovered in Epiphany. Please review the CVE identifier referenced below for details. Impact In GNOME Epiphany an HTML document can trigger a client buffer overflow in...

7.5CVSS7.5AI score0.01952EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2024/05/04 12:0 a.m.28 views

systemd: Multiple Vulnerabilities

Background A system and service manager. Description Multiple vulnerabilities have been discovered in systemd. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workaround at this time...

5.5CVSS10AI score0.00867EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2024/02/21 12:0 a.m.28 views

LibreOffice: Multiple Vulnerabilities

Background LibreOffice is a powerful office suite; its clean interface and powerful tools let you unleash your creativity and grow your productivity. Description Multiple vulnerabilities have been discovered in LibreOffice. Please review the CVE identifiers referenced below for details. Impact...

8.8CVSS7.6AI score0.01017EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2024/02/19 12:0 a.m.28 views

Mozilla Thunderbird: Multiple Vulnerabilities

Background Mozilla Thunderbird is a popular open-source email client from the Mozilla project. Description Multiple vulnerabilities have been discovered in Mozilla Thunderbird. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for...

9.8CVSS10AI score0.20472EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2024/02/18 12:0 a.m.28 views

GNU Tar: Out of Bounds Read

Background The GNU Tar program provides the ability to create tar archives, as well as various other kinds of manipulation. Description A vulnerability have been discovered in GNU Tar. Please review the CVE identifier referenced below for details. Impact GNU Tar has a one-byte out-of-bounds read...

5.5CVSS6.9AI score0.04524EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2024/01/31 12:0 a.m.28 views

libaom: Multiple Vulnerabilities

Background libaom is the Alliance for Open Media's AV1 Codec SDK. Description Multiple vulnerabilities have been discovered in libaom. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known...

9.8CVSS7.7AI score0.02216EPSS
Exploits6
Gentoo Linux
Gentoo Linux
added 2024/01/24 12:0 a.m.28 views

GOCR: Multiple Vulnerabilities

Background GOCR is an OCR Optical Character Recognition program, developed under the GNU Public License. It converts scanned images of text back to text files. Description Multiple vulnerabilities have been discovered in GOCR. Please review the CVE identifiers referenced below for details. Impact...

7.8CVSS7.2AI score0.01141EPSS
Exploits3
Gentoo Linux
Gentoo Linux
added 2023/10/30 12:0 a.m.28 views

rxvt-unicode: Arbitrary Code Execution

Background rxvt-unicode is a clone of the well known terminal emulator rxvt. Description A vulnerability has been discovered in rxvt-unicode. Please review the CVE identifiers referenced below for details. Impact in the Perl background extension, when an attacker can control the data written to t...

9.8CVSS6.6AI score0.02058EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2023/09/17 12:0 a.m.28 views

Wireshark: Multiple Vulnerabilities

Background Wireshark is a versatile network protocol analyzer. Description Multiple vulnerabilities have been discovered in Wireshark. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known...

7.5CVSS7.4AI score0.0462EPSS
Exploits14
Gentoo Linux
Gentoo Linux
added 2023/01/11 12:0 a.m.28 views

Alpine: Multiple Vulnerabilities

Background Alpine is an easy to use text-based based mail and news client. Description Multiple vulnerabilities have been discovered in Alpine. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no...

5.9CVSS2.6AI score0.01565EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2022/11/22 12:0 a.m.28 views

Mozilla Thunderbird: Multiple Vulnerabilities

Background Mozilla Thunderbird is a popular open-source email client from the Mozilla project. Description Multiple vulnerabilities have been discovered in Mozilla Thunderbird. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for...

9.8CVSS2.7AI score0.01061EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2022/08/10 12:0 a.m.28 views

Motion: Denial of service

Background Motion is a program that monitors the video signal from one or more cameras and is able to detect motions. Description The Motion HTTP server does not correctly perform URL decoding. If the HTTP server receives a request for a URL containing an incomplete percent-encoded character, a...

7.5CVSS1.9AI score0.04431EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2020/07/26 12:0 a.m.28 views

HylaFAX: Multiple vulnerabilities

Background HylaFAX is an enterprise-class system for sending and receiving facsimile messages and for sending alpha-numeric pages. Description Multiple vulnerabilities have been discovered in HylaFAX. Please review the CVE identifiers referenced below for details. Impact Please review the...

7.8CVSS2.1AI score0.00538EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2019/08/15 12:0 a.m.28 views

ZNC: Privilege escalation

Background ZNC is an advanced IRC bouncer. Description It was discovered that ZNC’s “Modules.cpp” allows remote authenticated non-admin users to escalate privileges. Impact A remote authenticated attacker could escalate privileges and subsequently execute arbitrary code or conduct a Denial of...

8.8CVSS9AI score0.04127EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2017/06/22 12:0 a.m.28 views

libksba: Denial of Service and information disclosure

Background Libksba is a X.509 and CMS PKCS7 library. Description It was found that an unproportionate amount of memory is allocated when parsing crafted certificates in libskba, which may lead to Denial of Service condition. Moreover in libksba 1.3.4, allocated memory is uninitialized and could...

7.5CVSS3.2AI score0.03205EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2017/06/22 12:0 a.m.28 views

Urban Terror: Multiple vulnerabilities

Background Urban Terror is a free multiplayer first person shooter developed by FrozenSand, that will run on any Quake III Arena compatible engine. Description Multiple vulnerabilities have been discovered in Urban Terror. Please review the CVE identifiers referenced below for details. Impact A...

10CVSS7.3AI score0.0869EPSS
Exploits4
Gentoo Linux
Gentoo Linux
added 2017/01/01 12:0 a.m.28 views

e2fsprogs: Heap-based buffer overflow

Background e2fsprogs is a set of utilities for maintaining the ext2, ext3 and ext4 file systems. Description A heap-based buffer overflow was discovered in openfs.c in the libext2fs library in e2fsprogs. Impact A remote attacker could entice a user to use ext2fs library for example, fsck on a...

4.6CVSS9.7AI score0.00897EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2016/07/20 12:0 a.m.28 views

Varnish: Multiple vulnerabilities

Background Varnish is a web application accelerator. Description Varnish fails to properly validate input from HTTP headers, and does not deny requests with multiple Content-Length headers. Impact Remote attackers could conduct an HTTP response splitting attack, which may further enable them to...

7.5CVSS7.3AI score0.03524EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2016/05/30 12:0 a.m.28 views

rsync: Multiple vulnerabilities

Background File transfer program to keep remote files into sync. Description Multiple vulnerabilities have been discovered in rsync. Please review the CVE identifiers referenced below for details. Impact Remote attackers could write arbitrary files via symlink attacks. Workaround There is no know...

6.4CVSS9.3AI score0.06499EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2015/02/06 12:0 a.m.28 views

mpg123: User-assisted execution of arbitrary code

Background mpg123 is a realtime MPEG 1.0/2.0/2.5 audio player for layers 1, 2 and 3. Description An issue has been found in mpg123 when decoding specifically crafted MP3 file, that causes a heap-based buffer overflow. Impact A remote attacker could entice a user to open a specially crafted MPEG...

7.5CVSS7.8AI score0.02291EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2014/11/16 12:0 a.m.28 views

GNU Wget: Arbitrary code execution

Background GNU Wget is a free software package for retrieving files using HTTP, HTTPS and FTP, the most widely-used Internet protocols. Description An absolute path traversal vulnerability has been found in GNU Wget. Impact A remote FTP server is able to write to arbitrary files, and consequently...

9.3CVSS7.6AI score0.39883EPSS
Exploits4
Gentoo Linux
Gentoo Linux
added 2014/06/25 12:0 a.m.28 views

DenyHosts: Denial of service

Background DenyHosts is a script intended to be run by Linux system administrators to help thwart SSH server attacks. Description DenyHosts does not properly define the regular expressions used when parsing SSH authentication logs. Impact A remote attacker could possibly cause a Denial of Service...

5CVSS6.4AI score0.08896EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2014/06/05 12:0 a.m.28 views

Mutt: Arbitrary code execution

Background Mutt is a small but powerful text-based mail client. Description A heap-based buffer overflow has been discovered in the muttcopyhdr function. Impact A remote attacker could send a specially crafted message, possibly resulting in execution of arbitrary code with the privileges of the...

5CVSS7.4AI score0.05155EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2014/05/18 12:0 a.m.28 views

Charybdis, ShadowIRCd: Denial of service

Background Charybdis is the Atheme Project’s IRC daemon based on ratbox. ShadowIRCd is an IRC daemon based on Charybdis that adds several useful features. Description A vulnerability has been discovered in Charybdis and ShadowIRCd. Please review the CVE identifier referenced below for details...

5CVSS6.4AI score0.03049EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2014/03/13 12:0 a.m.28 views

QtCore: Denial of service

Background The Qt toolkit is a comprehensive C++ application development framework. Description A vulnerability in QXmlSimpleReader’s XML entity parsing has been discovered. Impact A remote attacker could entice a user to open a specially crafted XML file using an application linked against QtCor...

5CVSS6.4AI score0.03105EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2014/02/28 12:0 a.m.28 views

Chrony: Multiple vulnerabilities

Background Chrony is a pair of programs which are used to maintain the accuracy of the system clock on a computer. Description Multiple vulnerabilities have been discovered in Chrony. Please review the CVE identifiers referenced below for details. Impact A remote attacker could possibly cause a...

5CVSS8AI score0.03271EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2014/02/26 12:0 a.m.28 views

pidgin-knotify: Arbitrary code execution

Background pidgin-knotify is a Pidgin plug-in to display message notifications in KDE. Description pidgin-knotify does not properly sanitize shell metacharacters from received messages. Impact A remote attacker could send a specially crafted instant message, possibly resulting in execution of...

5.1CVSS7.1AI score0.01518EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2014/02/21 12:0 a.m.28 views

libXfont: Multiple vulnerabilities

Background libXfont is an X11 font rasterisation library. Description Multiple vulnerabilities have been discovered in libXfont. Please review the CVE identifiers referenced below for details. Impact A local attacker could use a specially crafted file to gain privileges or cause a Denial of Servi...

9.3CVSS8.1AI score0.10254EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2014/02/10 12:0 a.m.28 views

International Components for Unicode: Denial of service

Background International Components for Unicode is a set of C/C++ and Java libraries providing Unicode and Globalization support for software applications. Description Multiple vulnerabilities have been discovered in International Components for Unicode. Please review the CVE identifiers referenc...

7.5CVSS6.9AI score0.02531EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2014/02/05 12:0 a.m.28 views

Banshee: Arbitrary code execution

Background Banshee is a multimedia management and playback application for GNOME. Description Banshee places a zero-length directory name in PATH, which allows libraries to be loaded from the working directory. Impact A local attacker could put specially crafted library into working directory of...

6.9CVSS6.8AI score0.00422EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2014/01/20 12:0 a.m.28 views

GNUstep Base library: Multiple vulnerabilities

Background GNUstep Base library is a free software package implementing the API of the OpenStep Foundation Kit tm, including later additions. Description Multiple vulnerabilities have been discovered in GNUstep Base library. Please review the CVE identifiers referenced below for details. Impact A...

7.2CVSS7.1AI score0.00862EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2014/01/05 12:0 a.m.28 views

Libgdiplus: Arbitrary code execution

Background Libgdiplus is the Mono library that provide a GDI+ comptible API on non-Windows operating systems. Description An integer overflow flaw has been discovered in Libgdiplus. Impact A remote attacker could entice a user to open a specially-crafted TIFF/JPEG/BMP file, potentially resulting ...

6.8CVSS7.1AI score0.01914EPSS
Exploits0
Total number of security vulnerabilities3816