Lucene search
K
GentooMost viewed

3816 matches found

Gentoo Linux
Gentoo Linux
•added 2024/08/12 12:0 a.m.•14 views

protobuf-c: Multiple Vulnerabilities

Background protobuf-c is a protocol buffers implementation in C. Description Multiple denial of service vulnerabilities have been discovered in protobuf-c. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workaround at this time. Resolution All...

5.5CVSS7.6AI score0.01058EPSS
Exploits1
Gentoo Linux
Gentoo Linux
•added 2019/04/22 12:0 a.m.•14 views

OpenDKIM: Root privilege escalation

Background A community effort to develop and maintain a C library for producing DKIM-aware applications and an open source milter for providing DKIM service. Description It was discovered that Gentoo’s OpenDKIM ebuild does not properly set permissions or place the pid file in a safe directory...

7.2AI score
Exploits0
Gentoo Linux
Gentoo Linux
•added 2019/04/22 12:0 a.m.•14 views

GLib: Multiple vulnerabilities

Background GLib is a library providing a number of GNOME’s core objects and functions. Description Multiple vulnerabilities have been discovered in GLib. Please review the referenced bug for details. Impact Please review the referenced bugs for details. Workaround There is no known workaround at...

7.8AI score
Exploits0
Gentoo Linux
Gentoo Linux
•added 2005/07/26 12:0 a.m.•14 views

Mozilla Suite: Multiple vulnerabilities

Background The Mozilla Suite is an all-in-one Internet application suite including a web browser, an advanced e-mail and newsgroup client, IRC client and HTML editor. Description The following vulnerabilities were found and fixed in the Mozilla Suite: "mozbugra4" and "shutdown" discovered that th...

7.6AI score
Exploits0
Gentoo Linux
Gentoo Linux
•added 2005/05/01 12:0 a.m.•15 views

Horde Framework: Multiple XSS vulnerabilities

Background The Horde Framework is a PHP based framework for building web applications. It provides many modules including calendar, address book, CVS viewer and Internet Messaging Program. Description Cross-site scripting vulnerabilities have been discovered in various modules of the Horde...

0.8AI score
Exploits0
Gentoo Linux
Gentoo Linux
•added 2004/12/20 12:0 a.m.•14 views

MPlayer: Multiple overflows

Background MPlayer is a media player capable of handling multiple multimedia file formats. Description iDEFENSE, Ariel Berkman and the MPlayer development team found multiple vulnerabilities in MPlayer. These include potential heap overflows in Real RTSP and pnm streaming code, stack overflows in...

3.3AI score
Exploits0
Gentoo Linux
Gentoo Linux
•added 2004/11/01 12:0 a.m.•15 views

ppp: No denial of service vulnerability

Background ppp is a Unix implementation of the Point-to-Point Protocol. Description The pppd server improperly verifies header fields, potentially leading to a crash of the pppd process handling the connection. However, since a separate pppd process handles each ppp connection, this would not...

0.9AI score
Exploits0
Gentoo Linux
Gentoo Linux
•added 2004/09/06 12:0 a.m.•14 views

multi-gnome-terminal: Information leak

Background multi-gnome-terminal is an enhanced terminal emulator that is derived from gnome-terminal. Description multi-gnome-terminal contains debugging code that has been known to output active keystrokes to a potentially unsafe location. Output has been seen to show up in the '.xsession-errors...

0.3AI score
Exploits0
Gentoo Linux
Gentoo Linux
•added 2003/11/22 12:0 a.m.•14 views

Ethereal: security problems in ethereal 0.9.15

Background Ethereal is a popular network protocol analyzer. Description Ethereal contains buffer overflow vulnerabilities in the GTP, ISAKMP, and MEGACO protocol dissectors, and a heap overflow vulnerability in the SOCKS protocol dissector, which could cause Ethereal to crash or to execute...

3.2AI score
Exploits0
Gentoo Linux
Gentoo Linux
•added 2026/04/17 12:0 a.m.•13 views

DTrace: Arbitrary file creation via dtprobed

Background DTrace is a dynamic tracing tool for analysing or debugging the whole system. Specifically, dtprobed is a component of the DTrace system that keeps track of USDT probes within running processes, parsing and storing the DOF they provide for later consumption by dtrace proper. Descriptio...

5.5CVSS5.9AI score0.00181EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2026/01/26 12:0 a.m.•13 views

inetutils: Remote Code Execution

Background Inetutils is a collection of common network programs including a telnet client and server. Description The telnetd server invokes /usr/bin/login normally running as root passing the value of the USER environment variable received from the client as the last parameter. If the client...

9.8CVSS5.9AI score0.98871EPSS
Exploits61
Gentoo Linux
Gentoo Linux
•added 2025/11/24 12:0 a.m.•13 views

redict, redis: Multiple Vulnerabilities

Background Redis is an open source BSD licensed, in-memory data structure store, used as a database, cache and message broker. Description Multiple vulnerabilities have been discovered in Redis. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CV...

9.8CVSS7.2AI score0.07802EPSS
Exploits7
Gentoo Linux
Gentoo Linux
•added 2025/06/15 12:0 a.m.•13 views

sysstat: Arbitrary Code Execution

Background sysstat is a package containing a number of performance monitoring utilities for Linux, including sar, mpstat, iostat and sa tools. Description A vulnerability has been discovered in sysstat. Please review the CVE identifier referenced below for details. This CVE improves on an...

7.8CVSS8.1AI score0.01096EPSS
Exploits1
Gentoo Linux
Gentoo Linux
•added 2025/05/12 12:0 a.m.•13 views

glibc: Buffer Overflow

Background glibc is a package that contains the GNU C library. Description A vulnerability has been discovered in glibc. Please review the CVE identifier referenced below for details. Impact Please review the referenced CVE identifier for details. Workaround There is no known workaround at this...

7.5CVSS6.8AI score0.00349EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2024/12/14 12:0 a.m.•13 views

NVIDIA Drivers: Privilege Escalation

Background NVIDIA Drivers are NVIDIA's accelerated graphics driver. Description A vulnerability has been discovered in NVIDIA Drivers. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifier for details. Workaround There is no known...

8.2CVSS7.3AI score0.00338EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2024/12/11 12:0 a.m.•13 views

idna: Denial of Service

Background Internationalized Domain Names for Python IDNA 2008 and UTS 46 Description A vulnerability has been discovered in idna. Please review the CVE identifier referenced below for details. Impact Please review the referenced CVE identifier for details. Workaround There is no known workaround...

7.5CVSS6.9AI score0.01386EPSS
Exploits1
Gentoo Linux
Gentoo Linux
•added 2024/12/11 12:0 a.m.•13 views

libvirt: Multiple Vulnerabilities

Background libvirt is a C toolkit for manipulating virtual machines. Description Multiple vulnerabilities have been discovered in libvirt. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known...

6.5CVSS7.6AI score0.00621EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2024/12/08 12:0 a.m.•13 views

PostgreSQL: Multiple Vulnerabilities

Background PostgreSQL is an open source object-relational database management system. Description Multiple vulnerabilities have been discovered in PostgreSQL. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaroun...

8.8CVSS7.6AI score0.04422EPSS
Exploits1
Gentoo Linux
Gentoo Linux
•added 2024/12/07 12:0 a.m.•13 views

Mozilla Firefox: Multiple Vulnerabilities

Background Mozilla Firefox is a popular open-source web browser from the Mozilla project. Description Multiple vulnerabilities have been discovered in Mozilla Firefox. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details...

9.8CVSS7.5AI score0.32568EPSS
Exploits3
Gentoo Linux
Gentoo Linux
•added 2024/11/06 12:0 a.m.•13 views

libgit2: Multiple Vulnerabilities

Background libgit2 is a portable, pure C implementation of the Git core methods provided as a re-entrant linkable library with a solid API, allowing you to write native speed custom Git applications in any language that supports C bindings. Description Multiple vulnerabilities have been discovere...

5.9CVSS7.3AI score0.0058EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2024/11/06 12:0 a.m.•13 views

Ubiquiti UniFi: Privilege Escalation

Background Ubiquiti UniFi is a Management Controller for Ubiquiti Networks UniFi APs. Description A vulnerability has been discovered in Ubiquiti UniFi. Please review the CVE identifier referenced below for details. Impact The vulnerability allows a malicious actor with a local operational system...

8.8CVSS7.1AI score0.00163EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2008/06/25 12:0 a.m.•13 views

IBM JDK/JRE: Multiple vulnerabilities

Background The IBM Java Development Kit JDK and the IBM Java Runtime Environment JRE provide the IBM Java platform. Description Because of sharing the same codebase, IBM JDK and JRE are affected by the vulnerabilities mentioned in GLSA 200804-20. Impact A remote attacker could entice a user to ru...

3.2AI score
Exploits0
Gentoo Linux
Gentoo Linux
•added 2005/06/23 12:0 a.m.•13 views

sudo: Arbitrary command execution

Background sudo allows a system administrator to give users the ability to run commands as other users. Description The sudoers file is used to define the actions sudo users are permitted to perform. Charles Morris discovered that a specific layout of the sudoers file could cause the results of a...

2.6AI score
Exploits0
Gentoo Linux
Gentoo Linux
•added 2005/05/19 12:0 a.m.•13 views

Cheetah: Untrusted module search path

Background Cheetah is a Python powered template engine and code generator. Description Brian Bird discovered that Cheetah searches for modules in the world-writable /tmp directory. Impact A malicious local user could place a module containing arbitrary code in /tmp, which when imported would run...

2.7AI score
Exploits0
Gentoo Linux
Gentoo Linux
•added 2004/12/10 12:0 a.m.•13 views

PHProjekt: setup.php vulnerability

Background PHProjekt is a modular groupware web application used to coordinate group activities and share files. Description Martin Muench, from it.sec, found a flaw in the setup.php file. Impact Successful exploitation of the flaw allows a remote attacker without admin rights to make unauthorize...

1.3AI score
Exploits0
Gentoo Linux
Gentoo Linux
•added 2004/06/15 12:0 a.m.•13 views

Horde-Chora: Remote code execution

Background Chora is a PHP-based SVN/CVS repository viewer by the HORDE project. Description A vulnerability in the diff viewer of Chora allows an attacker to inject shellcode. An attacker can exploit PHP's file upload functionality to upload a malicious binary to a vulnerable server, chmod it as...

3.3AI score
Exploits0
Gentoo Linux
Gentoo Linux
•added 2004/04/08 12:0 a.m.•13 views

GNU Automake symbolic link vulnerability

Background Automake is a tool for automatically generating Makefile.in' files which is often used in conjuction with Autoconf and other GNU Autotools to ease portability among applications. It also provides a standardized and light way of writing complex Makefiles through the use of many built-in...

2.7AI score
Exploits0
Gentoo Linux
Gentoo Linux
•added 2004/01/26 12:0 a.m.•13 views

GAIM 0.75 Remote overflows

Background Gaim is a multi-platform and multi-protocol instant messaging client. It is compatible with AIM , ICQ, MSN Messenger, Yahoo, IRC, Jabber, Gadu-Gadu, and the Zephyr networks. Description Yahoo changed the authentication methods to their IM servers, rendering GAIM useless. The GAIM team...

7.8AI score
Exploits0
Gentoo Linux
Gentoo Linux
•added 2026/03/09 12:0 a.m.•12 views

Exiv2: Multiple Vulnerabilities

Background Exiv2 is a C++ library and set of tools for parsing, editing and saving Exif and IPTC metadata from images. Description The following vulnerabilities have been discovered in Exiv2: 2 out of bounds reads, an integer overflow, and an uncaught exception. The worst of which can lead to a...

6.5CVSS6.6AI score0.00561EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2025/12/27 12:0 a.m.•12 views

GnuPG: Arbitrary Code Execution

Background The GNU Privacy Guard, GnuPG, is a free replacement for the PGP suite of cryptographic software. Description A vulnerability has been discovered in GnuPG's armor parser. Impact A remote attacker could entice a user or automated system to process a specially crafted signature file,...

7.6AI score
Exploits0
Gentoo Linux
Gentoo Linux
•added 2025/07/01 12:0 a.m.•12 views

sudo: Privilege escalation

Background sudo allows a system administrator to give users the ability to run commands as other users. Description Multiple vulnerabilities have been discovered in sudo. Please review the CVE identifiers referenced below for details. Impact An attacker can escalate privileges to root by providin...

9.3CVSS8AI score0.47467EPSS
Exploits77
Gentoo Linux
Gentoo Linux
•added 2025/04/05 12:0 a.m.•12 views

XZ Utils: Use after free

Background XZ Utils is free general-purpose data compression software with a high compression ratio. Description A use-after-free has been discovered in XZ utils. Please review the CVE identifier referenced below for details. Impact The multithreaded .xz decoder in liblzma has a bug where invalid...

8.7CVSS7.5AI score0.00647EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2024/12/07 12:0 a.m.•12 views

R: Arbitrary Code Execution

Background R is a language and environment for statistical computing and graphics. Description Deserialization of untrusted data can occur in the R statistical programming language, enabling a maliciously crafted RDS R Data Serialization formatted file or R package to run arbitrary code on an end...

8.8CVSS7.4AI score0.23618EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2024/09/24 12:0 a.m.•12 views

ZNC: Remote Code Execution

Background ZNC is an advanced IRC bouncer. Description ZNC's modtcl could allow for remote code execution via a KICK. Impact A vulnerable ZNC with the modtcl module loaded could be exploited for remote code execution. Workaround Unload the modtcl module. Resolution All ZNC users should upgrade to...

9.8CVSS7.7AI score0.03862EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2024/08/09 12:0 a.m.•12 views

Librsvg: Arbitrary File Read

Background Librsvg is a library to render SVG files using cairo as a rendering engine. Description A directory traversal problem in the URL decoder of librsvg could be used by local or remote attackers to disclose files on the local filesystem outside of the expected area, as demonstrated by...

5.5CVSS7.3AI score0.02132EPSS
Exploits1
Gentoo Linux
Gentoo Linux
•added 2024/08/09 12:0 a.m.•12 views

Nautilus: Denial of Service

Background Default file manager for the GNOME desktop Description Please review the CVE identifier referenced below for details. Impact GNOME Nautilus allows a NULL pointer dereference and getbasename application crash via a pasted ZIP archive. Workaround There is no known workaround at this time...

5.5CVSS6.9AI score0.00326EPSS
Exploits1
Gentoo Linux
Gentoo Linux
•added 2024/08/07 12:0 a.m.•12 views

Levenshtein: Remote Code Execution

Background Levenshtein is a Python extension for computing string edit distances and similarities. Description Fixed handling of numerous possible wraparounds in calculating the size of memory allocations; incorrect handling of which could cause denial of service or even possible remote code...

7.9AI score
Exploits0
Gentoo Linux
Gentoo Linux
•added 2024/08/07 12:0 a.m.•12 views

libXpm: Multiple Vulnerabilities

Background The X PixMap image format is an extension of the monochrome X BitMap format specified in the X protocol, and is commonly used in traditional X applications. Description Multiple vulnerabilities have been discovered in libXpm. Please review the CVE identifiers referenced below for...

8.8CVSS7.7AI score0.01273EPSS
Exploits2
Gentoo Linux
Gentoo Linux
•added 2024/07/05 12:0 a.m.•12 views

GraphicsMagick: Multiple Vulnerabilities

Background GraphicsMagick is a collection of tools and libraries which support reading, writing, and manipulating images in many major formats. Description Multiple vulnerabilities have been discovered in GraphicsMagick. Please review the CVE identifiers referenced below for details. Impact Pleas...

7.7AI score
Exploits0
Gentoo Linux
Gentoo Linux
•added 2024/02/19 12:0 a.m.•12 views

Seamonkey: Multiple Vulnerabilities

Background The Seamonkey project is a community effort to deliver production-quality releases of code derived from the application formerly known as the ‘Mozilla Application Suite’. Description Multiple vulnerabilities have been discovered in Seamonkey. Please review the CVE identifiers reference...

7.8AI score
Exploits0
Gentoo Linux
Gentoo Linux
•added 2012/03/16 12:0 a.m.•12 views

Minitube: Insecure temporary file usage

Background Minitube is a Qt4 YouTube desktop client. Description Tomáš Pružina reported that Minitube does not handle temporary files securely. Impact A local attacker could perform symlink attacks to overwrite arbitrary files with the privileges of the user running the application. Workaround...

7.1AI score
Exploits0
Gentoo Linux
Gentoo Linux
•added 2007/07/25 12:0 a.m.•12 views

Festival: Privilege elevation

Background Festival is a text-to-speech accessibility program. Description Konstantine Shirow reported a vulnerability in default Gentoo configurations of Festival. The daemon is configured to run with root privileges and to listen on localhost, without requiring a password. Impact A local attack...

3.9AI score
Exploits0
Gentoo Linux
Gentoo Linux
•added 2005/07/15 12:0 a.m.•12 views

Mozilla Firefox: Multiple vulnerabilities

Background Mozilla Firefox is the next-generation web browser from the Mozilla project. Description The following vulnerabilities were found and fixed in Mozilla Firefox: "mozbugra4" and "shutdown" discovered that Firefox was improperly cloning base objects MFSA 2005-56. Michael Krax reported tha...

8AI score
Exploits0
Gentoo Linux
Gentoo Linux
•added 2004/02/17 12:0 a.m.•12 views

Clam Antivirus DoS vulnerability

Background Clam AntiVirus is a GPLed anti-virus toolkit, designed for integration with mail servers to perform attachment scanning. Clam AV also provides a command line scanner and a tool for fetching updates of the virus database. Description Oliver Eikemeier of Fillmore Labs discovered the...

0.9AI score
Exploits0
Gentoo Linux
Gentoo Linux
•added 2004/02/07 12:0 a.m.•12 views

PHP setting leaks from .htaccess files on virtual hosts

Background PHP is a widely-used general-purpose scripting language that is especially suited for Web development and can be embedded into HTML. Description If the server configuration "php.ini" file has "registerglobals = on" and a request is made to one virtual host which has "phpadminflag...

0.7AI score
Exploits0
Gentoo Linux
Gentoo Linux
•added 2026/01/26 12:0 a.m.•11 views

Commons-BeanUtils: Arbitary Code Execution

Background Commons-beanutils provides easy-to-use wrappers around Reflection and Introspection APIs Description Multiple vulnerabilities have been discovered in Commons-BeanUtils. Please review the CVE identifiers referenced below for details. Impact A special BeanIntrospector class was added in...

8.8CVSS5.8AI score0.01548EPSS
Exploits1
Gentoo Linux
Gentoo Linux
•added 2026/01/26 12:0 a.m.•11 views

Asterisk: Multiple Vulnerabilities

Background Asterisk is an open source telephony engine and toolkit. Description Multiple vulnerabilities have been discovered in Asterisk. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known...

7.8CVSS5.8AI score0.00446EPSS
Exploits2
Gentoo Linux
Gentoo Linux
•added 2025/09/17 12:0 a.m.•11 views

libvpx: Use after free

Background libvpx is the VP8 codec SDK used to encode and decode video streams, typically within a WebM format media file. Description A vulnerability has been discovered in libvpx. Please review the CVE identifier referenced below for details. Impact Please review the referenced CVE identifier f...

5.4CVSS7.3AI score0.00513EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2025/07/08 12:0 a.m.•11 views

NTP: Multiple Vulnerabilities

Background NTP contains software for the Network Time Protocol. Description Multiple vulnerabilities have been discovered in NTP. Please review the CVE identifiers referenced below for details. Impact The first four of these CVEs affect a function in libntp that is only used by ntpq, but not by...

6.4CVSS6.7AI score0.00703EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2025/07/08 12:0 a.m.•11 views

ClamAV: Multiple Vulnerabilities

Background ClamAV is a GPL virus scanner. Description Multiple vulnerabilities have been discovered in ClamAV. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workaround at this time...

7.8CVSS8AI score0.84841EPSS
Exploits1
Total number of security vulnerabilities3816