Lucene search
K
GentooMost viewed

3816 matches found

Gentoo Linux
Gentoo Linux
added 2020/09/13 12:0 a.m.91 views

GNOME Shell: Information disclosure

Background GNOME Shell provides core user interface functions for the GNOME 3 desktop, like switching to windows and launching applications. Description It was discovered that GNOME Shell incorrectly handled the login screen password dialog. Impact Please review the referenced CVE identifiers for...

4.3CVSS1.2AI score0.00553EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2020/05/14 12:0 a.m.91 views

LIVE555 Media Server: Multiple vulnerabilities

Background LIVE555 Media Server is a set of libraries for multimedia streaming. Description Multiple vulnerabilities have been discovered in LIVE555 Media Server. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details...

10CVSS3.6AI score0.09487EPSS
Exploits5
Gentoo Linux
Gentoo Linux
added 2019/11/25 12:0 a.m.91 views

Adobe Flash Player: Multiple vulnerabilities

Background The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Description Multiple vulnerabilities have been discovered in Adobe Flash Player. Please review the CVE identifiers referenced below for details. Impact Please review th...

10CVSS3AI score0.06054EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2018/04/04 12:0 a.m.91 views

libxslt: Multiple vulnerabilities

Background libxslt is the XSLT C library developed for the GNOME project. XSLT is an XML language to define transformations for XML. Description Multiple vulnerabilities have been discovered in libxslt. Please review the CVE identifiers referenced below for details. Impact A remote attacker, via ...

9.3CVSS9.1AI score0.04147EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2016/12/07 12:0 a.m.91 views

OpenSSL: Multiple vulnerabilities

Background OpenSSL is an Open Source toolkit implementing the Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 as well as a general purpose cryptography library. Description Multiple vulnerabilities have been discovered in OpenSSL. Please review the CVE identifiers and the...

10CVSS8AI score0.95707EPSS
Exploits15
Gentoo Linux
Gentoo Linux
added 2021/07/20 12:0 a.m.90 views

RPM: Multiple vulnerabilities

Background The Red Hat Package Manager RPM is a command line driven package management system capable of installing, uninstalling, verifying, querying, and updating computer software packages. Description Multiple vulnerabilities have been discovered in RPM. Please review the CVE identifiers...

7CVSS2.5AI score0.01706EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2021/01/29 12:0 a.m.90 views

ImageMagick: Command injection

Background A collection of tools and libraries for many image formats. Description A flaw in ImageMagick’s handling of password protected PDFs was discovered. Impact A remote attacker could entice a user to open a specially crafted PDF using ImageMagick possibly resulting in execution of arbitrar...

7.8CVSS8.2AI score0.07508EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2021/01/10 12:0 a.m.90 views

Firejail: Multiple vulnerabilities

Background A SUID program that reduces the risk of security breaches by restricting the running environment of untrusted applications using Linux namespaces and seccomp-bpf. Description Multiple vulnerabilities have been discovered in Firejail. Please review the CVE identifiers referenced below f...

9.8CVSS1.8AI score0.04098EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2020/03/30 12:0 a.m.90 views

QEMU: Multiple vulnerabilities

Background QEMU is a generic and open source machine emulator and virtualizer. Description Multiple vulnerabilities have been discovered in QEMU. Please review the CVE identifiers referenced below for details. Impact An attacker could possibly execute arbitrary code with the privileges of the...

7.8CVSS3.9AI score0.02486EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2019/04/02 12:0 a.m.90 views

Poppler: Multiple vulnerabilities

Background Poppler is a PDF rendering library based on the xpdf-3.0 code base. Description Multiple vulnerabilities have been discovered in Poppler. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is...

6.5CVSS2.6AI score0.0274EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2018/12/02 12:0 a.m.90 views

PHP: Multiple vulnerabilities

Background PHP is an open source general-purpose scripting language that is especially suited for web development. Description Multiple vulnerabilities have been discovered in PHP. Please review the referenced CVE identifiers for details. Impact An attacker could cause a Denial of Service conditi...

8.8CVSS2.5AI score0.10433EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2017/10/29 12:0 a.m.90 views

Apache: Multiple vulnerabilities

Background The Apache HTTP server is one of the most popular web servers on the Internet. Description Multiple vulnerabilities have been discovered in Apache. Please review the referenced CVE identifiers for details. Impact The Optionsbleed vulnerability can leak arbitrary memory from the server...

9.8CVSS9.6AI score0.94999EPSS
Exploits13
Gentoo Linux
Gentoo Linux
added 2017/10/23 12:0 a.m.90 views

Chromium, Google Chrome: Multiple vulnerabilities

Background Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web. Google Chrome is one fast, simple, and secure browser for all your devices Description Multiple vulnerabilities have been discovered in Chromium and...

8.8CVSS8.9AI score0.05245EPSS
Exploits6
Gentoo Linux
Gentoo Linux
added 2017/08/21 12:0 a.m.90 views

RAR and UnRAR: User-assisted execution of arbitrary code

Background RAR and UnRAR provide command line interfaces for compressing and decompressing RAR files. Description A VMSFDELTA memory corruption was discovered in which an integer overflow can be caused in DataSize+CurChannel. The result is a negative value of the “DestPos” variable which allows...

10CVSS9.5AI score0.10027EPSS
Exploits4
Gentoo Linux
Gentoo Linux
added 2009/08/18 12:0 a.m.90 views

ISC DHCP: dhcpd Denial of service

Background ISC DHCP is the reference implementation of the Dynamic Host Configuration Protocol as specified in RFC 2131. Description Christoph Biedl discovered that dhcpd does not properly handle certain DHCP requests when configured both using "dhcp-client-identifier" and "hardware ethernet"...

5CVSS6.4AI score0.08566EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2019/09/06 12:0 a.m.89 views

Pango: Buffer overflow

Background Pango is a library for layout and rendering of internationalized text. Description A buffer overflow has been discovered in Pango’s pangolog2visgetembeddinglevels function. Impact A remote attacker could entice a user to process a specially crafted string with functions like...

9.8CVSS10AI score0.06274EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2019/04/02 12:0 a.m.89 views

Unbound: Multiple vulnerabilities

Background Unbound is a validating, recursive, and caching DNS resolver. Description Multiple vulnerabilities have been discovered in Unbound. Please review the referenced bugs for details. Impact Please review the referenced bugs for details. Workaround There is no known workaround at this time...

2.3AI score
Exploits0
Gentoo Linux
Gentoo Linux
added 2018/12/15 12:0 a.m.89 views

SpamAssassin: Multiple vulnerabilities

Background SpamAssassin is an extensible email filter used to identify junk email. Description Multiple vulnerabilities have been discovered in SpamAssassin. Please review the referenced CVE identifiers for details. Impact A remote attacker could execute arbitrary code, escalate privileges, or...

9.8CVSS3.8AI score0.1082EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2015/07/10 12:0 a.m.89 views

Adobe Flash Player: Multiple vulnerabilities

Background The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Description Multiple vulnerabilities have been discovered in Adobe Flash Player. Please review the CVE identifiers referenced below for details. Impact A remote attacke...

10CVSS7.7AI score0.9994EPSS
Exploits10
Gentoo Linux
Gentoo Linux
added 2004/07/29 12:0 a.m.89 views

Samba: Multiple buffer overflows

Background Samba is a package which allows nix systems to act as file servers for Windows computers. It also allows nix systems to mount shares exported by a Samba/CIFS/Windows server. The Samba Web Administration Tool SWAT is a web-based configuration tool part of the Samba package. Description...

10CVSS7.7AI score0.29441EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2021/01/25 12:0 a.m.88 views

OpenJDK: Multiple vulnerabilities

Background OpenJDK is a free and open-source implementation of the Java Platform, Standard Edition. Description Multiple vulnerabilities have been discovered in OpenJDK. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details...

8.1CVSS2.4AI score0.04903EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2017/04/10 12:0 a.m.88 views

QEMU: Multiple vulnerabilities

Background QEMU is a generic and open source machine emulator and virtualizer. Description Multiple vulnerabilities have been discovered in QEMU. Please review the CVE identifiers referenced below for details. Impact Remote server can cause a crash in the client causing execution of arbitrary cod...

9.9CVSS8.9AI score0.03918EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2017/01/19 12:0 a.m.88 views

cURL: Multiple vulnerabilities

Background cURL is a tool and libcurl is a library for transferring data with URL syntax. Description Multiple vulnerabilities have been discovered in cURL. Please review the CVE identifiers and bug reports referenced for details. Impact Remote attackers could conduct a Man-in-the-Middle attack t...

9.8CVSS8.5AI score0.15063EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2006/02/15 12:0 a.m.88 views

Sun JDK/JRE: Applet privilege escalation

Background Sun's JDK and JRE provide interpreters for Java Applets in a sandboxed environment. These implementations provide the Java Web Start technology that can be used for easy client-side deployment of Java applications. Description Applets executed using JRE or JDK can use "reflection" APIs...

6.4CVSS7.5AI score0.05335EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2021/01/26 12:0 a.m.87 views

PEAR Archive_Tar: Directory traversal

Background This class provides handling of tar files in PHP. Description Multiple vulnerabilities have been discovered in PEAR ArchiveTar. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known...

7.8CVSS1.7AI score0.84554EPSS
Exploits5
Gentoo Linux
Gentoo Linux
added 2020/08/02 12:0 a.m.87 views

Python: Multiple vulnerabilities

Background Python is an interpreted, interactive, object-oriented programming language. Description Multiple vulnerabilities have been discovered in Python. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround...

7.5CVSS2.7AI score0.12826EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2019/11/07 12:0 a.m.87 views

OpenSSH: Integer overflow

Background OpenSSH is a complete SSH protocol implementation that includes SFTP client and server support. Description OpenSSH, when built with “xmss” USE flag enabled, has a pre-authentication integer overflow if a client or server is configured to use a crafted XMSS key. NOTE: This USE flag is...

7.8CVSS8.1AI score0.0217EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2017/10/08 12:0 a.m.87 views

RubyGems: Multiple vulnerabilities

Background RubyGems is a sophisticated package manager for Ruby. Description Multiple vulnerabilities have been discovered in RubyGems. Please review the referenced CVE identifiers for details. Impact A remote attacker, by enticing a user to install a specially crafted gem, could possibly execute...

9.8CVSS9.9AI score0.29442EPSS
Exploits5
Gentoo Linux
Gentoo Linux
added 2017/09/24 12:0 a.m.87 views

Postfix: Privilege escalation

Background Postfix is a mail server and an alternative to the widely-used Sendmail program. Description By default, Berkeley DB reads a DBCONFIG configuration file from the current working directory. This is an undocumented behavior. Impact A local attacker, by using a specially crafted DGCONFIG...

3.2AI score
Exploits0
Gentoo Linux
Gentoo Linux
added 2017/07/08 12:0 a.m.87 views

JasPer: Multiple vulnerabilities

Background JasPer is a software-based implementation of the codec specified in the JPEG-2000 Part-1 standard. Description Multiple vulnerabilities have been discovered in JasPer. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to open a...

8.8CVSS8.1AI score0.0251EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2014/09/25 12:0 a.m.87 views

Bash: Code Injection (Updated fix for GLSA 201409-09)

Background Bash is the standard GNU Bourne Again SHell. Description Stephane Chazelas reported that Bash incorrectly handles function definitions, allowing attackers to inject arbitrary code CVE-2014-6271. Gentoo Linux informed about this issue in GLSA 201409-09. Tavis Ormandy reported that the...

10CVSS9.9AI score0.99999EPSS
Exploits140
Gentoo Linux
Gentoo Linux
added 2022/08/21 12:0 a.m.86 views

Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities

Background Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web. Google Chrome is one fast, simple, and secure browser for all your devices. Microsoft Edge is a browser that combines a minimal design with...

9.6CVSS2AI score0.70461EPSS
Exploits4
Gentoo Linux
Gentoo Linux
added 2021/07/07 12:0 a.m.86 views

Schism Tracker: Multiple vulnerabilities

Background Schism Tracker is a free implementation of Impulse Tracker, a tool used to create high quality music. Description Multiple vulnerabilities have been discovered in Schism Tracker. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE...

7.8CVSS2.5AI score0.01238EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2020/03/26 12:0 a.m.86 views

UnZip: User-assisted execution of arbitrary code

Background Info-ZIP’s UnZip is a tool to list and extract files inside PKZIP compressed files. Description Multiple vulnerabilities have been discovered in UnZip. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to open a specially craft...

7.8CVSS8AI score0.30469EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2018/04/22 12:0 a.m.86 views

mbed TLS: Multiple vulnerabilites

Background mbed TLS previously PolarSSL is an “easy to understand, use, integrate and expand” implementation of the TLS and SSL protocols and the respective cryptographic algorithms and support code required. Description Multiple vulnerabilities have been discovered in mbed TLS. Please review the...

9.8CVSS10AI score0.04884EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2017/10/23 12:0 a.m.86 views

OpenJPEG: Multiple vulnerabilities

Background OpenJPEG is an open-source JPEG 2000 library. Description Multiple vulnerabilities have been discovered in OpenJPEG. Please review the references below for details. Impact A remote attacker, via a crafted BMP, PDF, or j2k document, could execute arbitrary code, cause a Denial of Servic...

8.8CVSS8.4AI score0.08253EPSS
Exploits13
Gentoo Linux
Gentoo Linux
added 2017/09/24 12:0 a.m.86 views

CVS: Command injection

Background CVS Concurrent Versions System is an open-source network-transparent version control system. It contains both a client utility and a server. Description It was discovered that when CVS is configured to use SSH for remote repositories it allows remote attackers to execute arbitrary code...

7.5CVSS8.4AI score0.05968EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2016/03/09 12:0 a.m.86 views

LibreOffice, OpenOffice: Multiple vulnerabilities

Background Apache OpenOffice is the leading open-source office software suite for word processing, spreadsheets, presentations, graphics, databases and more. LibreOffice is a powerful office suite; its clean interface and powerful tools let you unleash your creativity and grow your productivity...

9.3CVSS8.2AI score0.14596EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2006/07/28 12:0 a.m.86 views

OpenOffice.org: Multiple vulnerabilities

Background OpenOffice.org is an open source office productivity suite, including word processing, spreadsheet, presentation, drawing, data charting, formula editing, and file conversion facilities. Description Internal security audits by OpenOffice.org have discovered three security vulnerabiliti...

7.6CVSS10AI score0.04274EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2022/11/01 12:0 a.m.85 views

OpenSSL: Multiple Vulnerabilities

Background OpenSSL is an Open Source toolkit implementing the Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 as well as a general purpose cryptography library. Description Multiple buffer overflows exist in OpenSSL's handling of TLS certificates for client authentication. Impa...

7.5CVSS2.7AI score0.92488EPSS
Exploits6
Gentoo Linux
Gentoo Linux
added 2021/05/26 12:0 a.m.85 views

MuPDF: Multiple vulnerabilities

Background MuPDF is a lightweight PDF viewer and toolkit written in portable C. Description Multiple vulnerabilities have been discovered in MuPDF. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to open a specially crafted PDF document...

7.8CVSS3AI score0.50234EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2020/06/13 12:0 a.m.85 views

glibc: Multiple vulnerabilities

Background glibc is a package that contains the GNU C library. Description Multiple vulnerabilities have been discovered in glibc. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workarou...

9.8CVSS2.8AI score0.04731EPSS
Exploits3
Gentoo Linux
Gentoo Linux
added 2020/03/15 12:0 a.m.85 views

gdb: Buffer overflow

Background gdb is the GNU project’s debugger, facilitating the analysis and debugging of applications. The BFD library provides a uniform method of accessing a variety of object file formats. Description It was discovered that gdb didn’t properly validate the ELF section sizes from input file...

7.8CVSS7.7AI score0.02628EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2018/12/15 12:0 a.m.85 views

CouchDB: Multiple vulnerabilities

Background Apache CouchDB is a distributed, fault-tolerant and schema-free document-oriented database. Description Multiple vulnerabilities have been discovered in CouchDB. Please review the CVE identifiers referenced below for details. Impact A remote attacker could execute arbitrary code or...

9CVSS4.2AI score0.11681EPSS
Exploits3
Gentoo Linux
Gentoo Linux
added 2017/10/23 12:0 a.m.85 views

PCRE: Multiple vulnerabilities

Background The PCRE Library provides functions for Perl-compatible regular expressions. Description Multiple vulnerabilities have been discovered in The PCRE Library. Please review the references below for details. Impact A remote attacker could possibly cause a Denial of Service condition or oth...

7.8CVSS7.2AI score0.05033EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2017/07/08 12:0 a.m.85 views

feh: Arbitrary remote code execution

Background feh is an X11 image viewer aimed mostly at console users. Description Tobias Stoeckmann discovered it was possible to trigger an out-of-boundary heap write with the image viewer feh while receiving an IPC message. Impact A remote attacker, pretending to be the E17 window manager, could...

9.8CVSS5.4AI score0.02266EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2012/03/28 12:0 a.m.85 views

nginx: Multiple vulnerabilities

Background nginx is a robust, small, and high performance HTTP and reverse proxy server. Description Multiple vulnerabilities have been found in nginx: The TLS protocol does not properly handle session renegotiation requests CVE-2009-3555. The "ngxhttpprocessrequestheaders" function in...

6.8CVSS9.8AI score0.87264EPSS
Exploits19
Gentoo Linux
Gentoo Linux
added 2023/09/30 12:0 a.m.84 views

Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities

Background Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web. Google Chrome is one fast, simple, and secure browser for all your devices. Microsoft Edge is a browser that combines a minimal design with...

9.8CVSS7.2AI score0.40798EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2021/07/07 12:0 a.m.84 views

GLib: Multiple vulnerabilities

Background GLib is a library providing a number of GNOME’s core objects and functions. Description Multiple vulnerabilities have been discovered in GLib. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround The...

7.5CVSS7.9AI score0.0408EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2020/04/01 12:0 a.m.84 views

VirtualBox: Multiple vulnerabilities

Background VirtualBox is a powerful virtualization product from Oracle. Description Multiple vulnerabilities have been discovered in VirtualBox. Please review the CVE identifiers referenced below for details. Impact An attacker could take control of VirtualBox resulting in the execution of...

8.8CVSS3.5AI score0.00898EPSS
Exploits0
Total number of security vulnerabilities3816