Lucene search
K
GentooMost viewed

3816 matches found

Gentoo Linux
Gentoo Linux
•added 2024/12/07 12:0 a.m.•11 views

Chromium, Google Chrome, Microsoft Edge. Opera: Multiple Vulnerabilities

Background Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web. Google Chrome is one fast, simple, and secure browser for all your devices. Microsoft Edge is a browser that combines a minimal design with...

9.8CVSS7.7AI score0.19883EPSS
Exploits26
Gentoo Linux
Gentoo Linux
•added 2024/09/24 12:0 a.m.•11 views

ZNC: Remote Code Execution

Background ZNC is an advanced IRC bouncer. Description ZNC's modtcl could allow for remote code execution via a KICK. Impact A vulnerable ZNC with the modtcl module loaded could be exploited for remote code execution. Workaround Unload the modtcl module. Resolution All ZNC users should upgrade to...

9.8CVSS7.7AI score0.03862EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2024/08/11 12:0 a.m.•11 views

rsyslog: Heap Buffer Overflow

Background rsyslog is an enhanced multi-threaded syslogd with database support and more. Description Multiple vulnerabilities have been discovered in rsyslog. Please review the CVE identifiers referenced below for details. Impact Modules for TCP syslog reception have a heap buffer overflow when...

8.1CVSS8.7AI score0.03821EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2012/03/16 12:0 a.m.•11 views

Minitube: Insecure temporary file usage

Background Minitube is a Qt4 YouTube desktop client. Description Tomáš Pružina reported that Minitube does not handle temporary files securely. Impact A local attacker could perform symlink attacks to overwrite arbitrary files with the privileges of the user running the application. Workaround...

7.1AI score
Exploits0
Gentoo Linux
Gentoo Linux
•added 2008/01/30 12:0 a.m.•11 views

GOffice: Multiple vulnerabilities

Background GOffice is a library of document-centric objects and utilities based on GTK. Description GOffice includes a copy of PCRE which is vulnerable to multiple buffer overflows and memory corruptions vulnerabilities GLSA 200711-30. Impact An attacker could entice a user to open specially...

4AI score
Exploits0
Gentoo Linux
Gentoo Linux
•added 2007/12/30 12:0 a.m.•11 views

AMD64 x86 emulation GTK+ library: User-assisted execution of arbitrary code

Background Cairo is a 2D vector graphics library with cross-device output support. The AMD64 x86 emulation GTK+ library packages Cairo libraries for 32bit x86 emulation on AMD64. Description The Cairo versions used by the AMD64 x86 emulation GTK+ libraries were vulnerable to integer overflow...

4.7AI score
Exploits0
Gentoo Linux
Gentoo Linux
•added 2005/06/22 12:0 a.m.•11 views

Trac: File upload vulnerability

Background Trac is a minimalistic web-based project management, wiki and bug tracking system including a Subversion interface. Description Stefan Esser of the Hardened-PHP project discovered that Trac fails to validate the "id" parameter when uploading attachments to the wiki or the bug tracking...

3AI score
Exploits0
Gentoo Linux
Gentoo Linux
•added 2025/11/26 12:0 a.m.•10 views

libpng: Multiple vulnerabilities

Background libpng is the official PNG reference library used to read, write and manipulate PNG images. Description Multiple vulnerabilities have been discovered in libpng. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for...

7.1CVSS7.3AI score0.00352EPSS
Exploits5
Gentoo Linux
Gentoo Linux
•added 2025/11/24 12:0 a.m.•10 views

qtsvg: Multiple Vulnerabilities

Background qtsvg is a SVG rendering library for the Qt framework. Description Multiple vulnerabilities have been discovered in qtsvg. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known...

9.4CVSS7.2AI score0.0035EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2025/09/17 12:0 a.m.•10 views

Django: Multiple Vulnerabilities

Background Django is a Python-based web framework. Description Multiple vulnerabilities have been discovered in Django. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workaround at this...

9.8CVSS7.2AI score0.73274EPSS
Exploits9
Gentoo Linux
Gentoo Linux
•added 2025/06/12 12:0 a.m.•10 views

Qt: Multiple Vulnerabilities

Background Qt is a cross-platform application development framework. Description Multiple vulnerabilities have been discovered in Qt. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known...

8.6CVSS7.6AI score0.00494EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2025/02/18 12:0 a.m.•10 views

OpenSSH: Multiple Vulnerabilities

Background OpenSSH is a free application suite consisting of server and clients that replace tools like telnet, rlogin, rcp and ftp with more secure versions offering additional functionality. Description Multiple vulnerabilities have been discovered in OpenSSH. Please review the CVE identifiers...

6.8CVSS7.5AI score0.38474EPSS
Exploits5
Gentoo Linux
Gentoo Linux
•added 2024/02/26 12:0 a.m.•10 views

Glances: Arbitrary Code Execution

Background Glances is an open-source system cross-platform monitoring tool. It allows real-time monitoring of various aspects of your system such as CPU, memory, disk, network usage etc. Description A vulnerability in XML parsing may lead to a variety of XML attacks. Impact A vulnerability in XML...

7.2AI score
Exploits0
Gentoo Linux
Gentoo Linux
•added 2004/12/19 12:0 a.m.•10 views

abcm2ps: Buffer overflow vulnerability

Background abcm2ps is a utility used to convert ABC music sheet files into PostScript format. Description Limin Wang has located a buffer overflow inside the putwords function in the abcm2ps code. Impact A remote attacker could convince the victim to download a specially-crafted ABC file. Upon...

4.5AI score
Exploits0
Gentoo Linux
Gentoo Linux
•added 2004/10/06 12:0 a.m.•10 views

PHP: Memory disclosure and arbitrary location file upload

Background PHP is a general-purpose scripting language widely used to develop web-based applications. It can run inside a web server using the modphp module or the CGI version of PHP, or can run stand-alone in a CLI. Description Stefano Di Paola discovered two bugs in PHP. The first is a parse...

1.7AI score
Exploits0
Gentoo Linux
Gentoo Linux
•added 2026/04/17 12:0 a.m.•9 views

FUSE: Multiple Vulnerabilities

Background FUSE Filesystem in Userspace is an interface for userspace programs to export a filesystem to the Linux kernel. Description The following vulnerabilities have been discovered in FUSE: a NULL pointer dereference when running with the NUMA architecture and a use-after-free. The worst of...

7.8CVSS5.9AI score0.0031EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2026/01/26 12:0 a.m.•9 views

GIMP: Arbitrary Code Execution

Background GIMP is the GNU Image Manipulation Program. XCF is the native image file format used by GIMP. Description A vulnerability has been discovered in GIMP. Please review the CVE identifier referenced below for details. Impact This vulnerability allows remote attackers to execute arbitrary...

7.8CVSS6.2AI score0.00452EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2025/11/26 12:0 a.m.•9 views

librnp: Weak random number generation

Background librnp is a high performance C++ OpenPGP library. Description The affected librnp version generated weak session keys for its public key encryption PKESK mode. Impact Messages encrypted using the affected librnp version might be readable by an attacker with just the public key...

8.7CVSS6.7AI score0.00274EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2025/11/24 12:0 a.m.•9 views

Chromium, Google Chrome, Microsoft Edge. Opera: Multiple Vulnerabilities

Background Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web. Google Chrome is one fast, simple, and secure browser for all your devices. Microsoft Edge is a browser that combines a minimal design with...

9.8CVSS6.9AI score0.05419EPSS
Exploits3
Gentoo Linux
Gentoo Linux
•added 2025/09/17 12:0 a.m.•9 views

ProFTPd: SSH Terrapin vulnerability

Background ProFTPD is an advanced and very configurable FTP server. Description A vulnerability has been discovered in ProFTPd. Please review the CVE identifier referenced below for details. Impact The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other...

5.9CVSS7.4AI score0.9378EPSS
Exploits4
Gentoo Linux
Gentoo Linux
•added 2025/08/06 12:0 a.m.•9 views

Composer: Multiple Vulnerabilities

Background Composer is a dependency manager for the PHP programming language. Description Integrators using Composer code to call VcsDriver::getFileContent can have a code injection vulnerability if the user can control the $file or $identifier argument. This leads to a vulnerability on...

8.8CVSS9AI score0.01841EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2025/08/06 12:0 a.m.•9 views

FontForge: Arbitrary Code Execution

Background FontForge is a PostScript font editor and converter. Description A vulnerabilitiy has been discovered in FontForge. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workaround a...

6.5CVSS4.6AI score0.0187EPSS
Exploits2
Gentoo Linux
Gentoo Linux
•added 2025/07/08 12:0 a.m.•9 views

REXML: Multiple Vulnerabilities

Background REXML is an XML toolkit for Ruby. Description Multiple vulnerabilities have been discovered in REXML. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workaround at this time...

8.7CVSS7.5AI score0.02064EPSS
Exploits1
Gentoo Linux
Gentoo Linux
•added 2025/06/12 12:0 a.m.•9 views

File-Find-Rule: Shell Injection

Background File-Find-Rule is an alternative interface to File::Find. Description File-Find-Rule uses the legacy '2-arg' open call which is susceptible to shell injection via malicious filenames. Impact Shell injection may be used to execute arbitrary code using a malicious filename. Workaround...

8.8CVSS8.4AI score0.00736EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2025/06/12 12:0 a.m.•9 views

LibreOffice: Multiple Vulnerabilities

Background LibreOffice is a powerful office suite; its clean interface and powerful tools let you unleash your creativity and grow your productivity. Description Multiple vulnerabilities have been discovered in LibreOffice. Please review the CVE identifiers referenced below for details. Impact...

6.7CVSS7.6AI score0.00528EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2025/05/12 12:0 a.m.•9 views

NVIDIA Drivers: Multiple Vulnerabilities

Background NVIDIA Drivers are NVIDIA's accelerated graphics driver. Description A vulnerability has been discovered in NVIDIA Drivers. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifier for details. Workaround There is no known...

7.8CVSS6.9AI score0.002EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2025/01/23 12:0 a.m.•9 views

GPL Ghostscript: Multiple Vulnerabilities

Background Ghostscript is an interpreter for the PostScript language and for PDF. Description Multiple vulnerabilities have been discovered in GPL Ghostscript. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workarou...

8.4CVSS7.7AI score0.0055EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2025/01/23 12:0 a.m.•9 views

Yubico pam-u2f: Partial Authentication Bypass

Background Yubico pam-u2f is a PAM module for FIDO2 and U2F keys. Description Multiple vulnerabilities have been discovered in Yubico pam-u2f. Please review the CVE identifiers referenced below for details. Impact Depending on specific settings and usage scenarios the result of the pam-u2f module...

7.3CVSS7.6AI score0.00397EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2025/01/23 12:0 a.m.•9 views

PHP: Multiple Vulnerabilities

Background PHP is a widely-used general-purpose scripting language that is especially suited for Web development and can be embedded into HTML. Description Multiple vulnerabilities have been discovered in PHP. Please review the CVE identifiers referenced below for details. Impact Please review th...

7.5CVSS7.4AI score0.01077EPSS
Exploits3
Gentoo Linux
Gentoo Linux
•added 2025/01/17 12:0 a.m.•9 views

GIMP: Multiple Vulnerabilities

Background GIMP is the GNU Image Manipulation Program. XCF is the native image file format used by GIMP. Description Multiple vulnerabilities have been discovered in GIMP. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for...

7.8CVSS7.6AI score0.93639EPSS
Exploits2
Gentoo Linux
Gentoo Linux
•added 2025/01/15 12:0 a.m.•9 views

rsync: Multiple Vulnerabilities

Background rsync is a server and client utility that provides fast incremental file transfers. It is used to efficiently synchronize files between hosts and is used by emerge to fetch Gentoo's Portage tree. Description Multiple vulnerabilities have been discovered in rsync. Please review the CVE...

9.8CVSS7.6AI score0.72059EPSS
Exploits8
Gentoo Linux
Gentoo Linux
•added 2024/12/11 12:0 a.m.•9 views

Distrobox: Arbitrary Code Execution

Background Use any Linux distribution inside your terminal. Enable both backward and forward compatibility with software and freedom to use whatever distribution you’re more comfortable with. Distrobox uses podman, docker or lilipod to create containers using the Linux distribution of your choice...

9.8CVSS7.4AI score0.02934EPSS
Exploits1
Gentoo Linux
Gentoo Linux
•added 2024/12/07 12:0 a.m.•9 views

Mozilla Thunderbird: Multiple Vulnerabilities

Background Mozilla Thunderbird is a popular open-source email client from the Mozilla project. Description Multiple vulnerabilities have been discovered in Mozilla Thunderbird. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for...

9.8CVSS7.8AI score0.04395EPSS
Exploits1
Gentoo Linux
Gentoo Linux
•added 2024/11/06 12:0 a.m.•9 views

EditorConfig core C library: arbitrary stack write

Background EditorConfig core library written in C for use by plugins supporting EditorConfig parsing Description A vulnerability has been discovered in EditorConfig Core C library. Please review the CVE identifier referenced below for details. Impact Please review the referenced CVE identifier fo...

7.8CVSS6.9AI score0.00965EPSS
Exploits1
Gentoo Linux
Gentoo Linux
•added 2024/07/05 12:0 a.m.•9 views

Stellarium: Arbitrary File Write

Background Stellarium is a free open source planetarium for your computer. It shows a realistic sky in 3D, just like what you see with the naked eye, binoculars or a telescope. Description A vulnerability has been discovered in Stellarium. Please review the CVE identifier referenced below for...

9.8CVSS6.9AI score0.01545EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2026/01/26 12:0 a.m.•8 views

Vim, gVim: Multiple Vulnerabilities

Background Vim is an efficient, highly configurable improved version of the classic ‘vi’ text editor. gVim is the GUI version of Vim. Description Multiple vulnerabilities have been discovered in Vim, gVim. Please review the CVE identifiers referenced below for details. Impact Please review the...

5.9AI score
Exploits0
Gentoo Linux
Gentoo Linux
•added 2025/11/24 12:0 a.m.•8 views

UDisks: Multiple Vulnerabilities

Background UDisks provides a daemon, tools and libraries to access and manipulate disks, storage devices and technologies. Description Multiple vulnerabilities have been discovered in UDisks. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE...

8.5CVSS7.2AI score0.00808EPSS
Exploits2
Gentoo Linux
Gentoo Linux
•added 2025/09/17 12:0 a.m.•8 views

Plex Media Server: Incorrect resource transfer

Background Plex media server is a media library that is intended for use with a plex client. Description A vulnerability has been discovered in glibc. Please review the CVE identifier referenced below for details. Impact Please review the referenced CVE identifier for details. Workaround There is...

8.5CVSS7.3AI score0.00537EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2025/08/06 12:0 a.m.•8 views

GPL Ghostscript: Multiple Vulnerabilities

Background Ghostscript is an interpreter for the PostScript language and for PDF. Description Multiple vulnerabilities have been discovered in GPL Ghostscript. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workarou...

9.8CVSS6.6AI score0.00806EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2025/08/06 12:0 a.m.•8 views

PAM: Multiple Vulnerabilities

Background PAM Pluggable Authentication Modules is an architecture allowing the separation of the development of privilege granting software from the development of secure and appropriate authentication schemes. Description Multiple vulnerabilities have been discovered in PAM. Please review the C...

7.8CVSS8.5AI score0.00798EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2025/07/08 12:0 a.m.•8 views

strongSwan: Buffer Overflow

Background strongSwan is an IPSec implementation for Linux. Description Multiple vulnerabilities have been discovered in strongSwan. Please review the CVE identifiers referenced below for details. Impact A vulnerability in charon-tkm related to processing DH public values was discovered in...

9.8CVSS10AI score0.0229EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2025/06/12 12:0 a.m.•8 views

X.Org X server, XWayland: Multiple Vulnerabilities

Background The X Window System is a graphical windowing system based on a client/server model. Description Multiple vulnerabilities have been discovered in X.Org X server and XWayland. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE...

7.8CVSS7.6AI score0.00485EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2025/05/14 12:0 a.m.•8 views

Atop: Heap Corruption

Background Atop is an ASCII full-screen performance monitor for Linux that is capable of reporting the activity of all processes even if processes have finished during the interval, daily logging of system and process activity for long-term analysis, highlighting overloaded system resources by...

2.9CVSS7.4AI score0.00192EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2025/01/23 12:0 a.m.•8 views

Qt: Buffer Overflow

Background Qt is a cross-platform application development framework. Description When given specifically crafted data then QXmlStreamReader can end up causing a buffer overflow and subsequently a crash or freeze or get out of memory on recursive entity expansion, with DTD tokens in XML body. Impa...

7.5CVSS7.8AI score0.01324EPSS
Exploits1
Gentoo Linux
Gentoo Linux
•added 2025/01/23 12:0 a.m.•8 views

libgsf: Multiple Vulnerabilities

Background The GNOME Structured File Library is an I/O library that can read and write common file types and handle structured formats that provide file-system-in-a-file semantics. Description Multiple vulnerabilities have been discovered in libgsf. Please review the CVE identifiers referenced...

8.4CVSS7.6AI score0.00457EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2025/01/23 12:0 a.m.•8 views

Mozilla Firefox: Multiple Vulnerabilities

Background Mozilla Firefox is a popular open-source web browser from the Mozilla project. Description Multiple vulnerabilities have been discovered in Mozilla Firefox. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details...

9.8CVSS7.6AI score0.1307EPSS
Exploits0
Gentoo Linux
Gentoo Linux
•added 2024/09/28 12:0 a.m.•8 views

tmux: Null Pointer Dereference

Background tmux is a terminal multiplexer. Description A null pointer dereference issue was discovered in function windowpanesetevent in window.c in which allows attackers to cause denial of service or other unspecified impacts. Impact Manipulating tmux window state could result in a null pointer...

7.2AI score
Exploits0
Gentoo Linux
Gentoo Linux
•added 2025/09/17 12:0 a.m.•7 views

Poppler: Multiple Vulnerabilities

Background Poppler is a PDF rendering library based on the xpdf-3.0 code base. Description Multiple vulnerabilities have been discovered in Poppler. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is...

6.9CVSS7.5AI score0.01547EPSS
Exploits2
Gentoo Linux
Gentoo Linux
•added 2025/07/08 12:0 a.m.•7 views

Git: Multiple Vulnerabilities

Background Git is a free and open source distributed version control system designed to handle everything from small to very large projects with speed and efficiency. Description Multiple vulnerabilities have been discovered in Git. Please review the CVE identifiers referenced below for details...

8.6CVSS6.8AI score0.02775EPSS
Exploits9
Gentoo Linux
Gentoo Linux
•added 2025/07/01 12:0 a.m.•7 views

UDisks, libblockdev: Privilege escalation

Background UDisks provides a daemon, tools and libraries to access and manipulate disks, storage devices and technologies. libblockdev is a library for manipulating block devices. Description Multiple vulnerabilities have been discovered in UDisks and libblockdev. Please review the CVE identifier...

7CVSS7.7AI score0.00423EPSS
Exploits18
Total number of security vulnerabilities3816