Lucene search
K
GentooMost viewed

3816 matches found

Gentoo Linux
Gentoo Linux
added 2017/06/06 12:0 a.m.79 views

Libtirpc and RPCBind: Denial of Service

Background The RPCBind utility is a server that converts RPC program numbers into universal addresses. Libtirpc is a port of Suns Transport-Independent RPC library to Linux. Description It was found that due to the way RPCBind uses libtirpc libntirpc, a memory leak can occur when parsing speciall...

7.8CVSS3.1AI score0.81921EPSS
Exploits4
Gentoo Linux
Gentoo Linux
added 2016/01/16 12:0 a.m.79 views

OpenSSH: Multiple vulnerabilities

Background OpenSSH is a complete SSH protocol implementation that includes SFTP client and server support. Description Qualys have reported two issues in the “roaming” code included in the OpenSSH client, which provides undocumented, experimental support for resuming SSH connections. An OpenSSH...

8.1CVSS7.7AI score0.63468EPSS
Exploits3
Gentoo Linux
Gentoo Linux
added 2009/11/17 12:0 a.m.79 views

Sun JDK/JRE: Multiple vulnerabilities

Background The Sun Java Development Kit JDK and the Sun Java Runtime Environment JRE provide the Sun Java platform. Description Multiple vulnerabilities have been reported in the Sun Java implementation. Please review the CVE identifiers referenced below and the associated Sun Alerts for details...

10CVSS8.2AI score0.84807EPSS
Exploits54
Gentoo Linux
Gentoo Linux
added 2009/07/12 12:0 a.m.79 views

git: git-daemon Denial of service

Background git - the stupid content tracker, the revision control system used by the Linux kernel team. Description Shawn O. Pearce reported that git-daemon runs into an infinite loop when handling requests that contain unrecognized arguments. Impact A remote unauthenticated attacker could send a...

5CVSS6.4AI score0.05819EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2009/03/10 12:0 a.m.79 views

Ganglia: Execution of arbitrary code

Background Ganglia is a scalable distributed monitoring system for clusters and grids. Description Spike Spiegel reported a stack-based buffer overflow in the processpath function when processing overly long pathnames in gmetad/server.c. Impact A remote attacker could send a specially crafted...

7.5CVSS6.3AI score0.05346EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2007/01/10 12:0 a.m.79 views

SeaMonkey: Multiple vulnerabilities

Background The SeaMonkey project is a community effort to deliver production-quality releases of code derived from the application formerly known as the 'Mozilla Application Suite'. Description An anonymous researcher found evidence of memory corruption in the way SeaMonkey handles certain types ...

9.3CVSS7.7AI score0.08604EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2024/02/26 12:0 a.m.78 views

PyYAML: Arbitrary Code Execution

Background PyYAML is a YAML parser and emitter for Python. Description A vulnerability has been discovered in PyYAML. Please review the CVE identifier referenced below for details. Impact A vulnerability was discovered in the PyYAML library, where it is susceptible to arbitrary code execution whe...

10CVSS8.3AI score0.05984EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2023/05/03 12:0 a.m.78 views

Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities

Background Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web. Google Chrome is one fast, simple, and secure browser for all your devices. Microsoft Edge is a browser that combines a minimal design with...

9.6CVSS7.9AI score0.31864EPSS
Exploits3
Gentoo Linux
Gentoo Linux
added 2023/05/03 12:0 a.m.78 views

Python, PyPy3: Multiple Vulnerabilities

Background Python is an interpreted, interactive, object-oriented, cross-platform programming language. Description Multiple vulnerabilities have been discovered in Python and PyPy3. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifier...

9.8CVSS8.1AI score0.26792EPSS
Exploits6
Gentoo Linux
Gentoo Linux
added 2021/07/20 12:0 a.m.78 views

PJSIP: Multiple vulnerabilities

Background PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Description Multiple vulnerabilities have been discovered in PJSIP. Please review the CVE identifiers referenced belo...

6.8CVSS1.9AI score0.02088EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2021/07/07 12:0 a.m.78 views

OpenDoas: Insufficient environment filtering

Background OpenDoas allows users to run commands as other users. Description OpenDoas does not properly filter the PATH variable from the resulting shell after escalating privileges. Impact A local attacker with control of a user’s PATH variable could escalate privileges if that user uses OpenDoa...

8.8CVSS8.9AI score0.02654EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2021/05/26 12:0 a.m.78 views

Samba: Multiple vulnerabilities

Background Samba is a suite of SMB and CIFS client/server programs. Description Multiple vulnerabilities have been discovered in Samba. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known...

7.5CVSS3.1AI score0.04328EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2021/01/29 12:0 a.m.78 views

NSD: Symbolic link traversal

Background An authoritative only, high performance, open source name server Description A local vulnerability was discovered that would allow for a local symlink attack due to how NSD handles PID files. Impact A local attacker could cause a Denial of Service condition. Workaround There is no know...

5.5CVSS2.3AI score0.00484EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2019/08/09 12:0 a.m.78 views

Redis: Multiple vulnerabilities

Background Redis is an open source BSD licensed, in-memory data structure store, used as a database, cache and message broker. Description Multiple vulnerabilities have been discovered in Redis. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CV...

9.8CVSS2.2AI score0.59422EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2017/09/17 12:0 a.m.78 views

Binutils: Multiple vulnerabilities

Background The GNU Binutils are a collection of tools to create, modify and analyse binary files. Many of the files use BFD, the Binary File Descriptor library, to do low-level manipulation. Description Multiple vulnerabilities have been discovered in Binutils. Please review References for...

9.8CVSS2.5AI score0.08075EPSS
Exploits5
Gentoo Linux
Gentoo Linux
added 2017/05/18 12:0 a.m.78 views

Apache Tomcat: Multiple vulnerabilities

Background Apache Tomcat is a Servlet-3.0/JSP-2.2 Container. Description Multiple vulnerabilities have been discovered in Tomcat. Please review the CVE identifiers referenced below for details. Impact A remote attacker may be able to cause a Denial of Service condition, obtain sensitive...

9.8CVSS8.2AI score0.35927EPSS
Exploits8
Gentoo Linux
Gentoo Linux
added 2004/05/19 12:0 a.m.78 views

ProFTPD Access Control List bypass vulnerability

Background ProFTPD is an FTP daemon. Description ProFTPD 1.2.9 introduced a vulnerability that allows CIDR-based ACLs such as 10.0.0.1/24 to be bypassed. The CIDR ACLs are disregarded, with the net effect being similar to an "AllowAll" directive. Impact This vulnerability may allow unauthorized...

7.5CVSS6.5AI score0.09197EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2004/05/09 12:0 a.m.78 views

Multiple vulnerabilities in LHa

Background LHa is a console-based program for packing and unpacking LHarc archives. Description Ulf Harnhammar found two stack overflows and two directory traversal vulnerabilities in LHa version 1.14 and 1.17. A stack overflow occurs when testing or extracting archives containing long file or...

10CVSS7.5AI score0.10262EPSS
Exploits4
Gentoo Linux
Gentoo Linux
added 2024/09/28 12:0 a.m.77 views

Apache HTTPD: Multiple Vulnerabilities

Background The Apache HTTP server is one of the most popular web servers on the Internet. Description Multiple vulnerabilities have been discovered in Apache HTTPD. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details...

9.8CVSS7.7AI score0.99957EPSS
Exploits10
Gentoo Linux
Gentoo Linux
added 2024/02/03 12:0 a.m.77 views

Microsoft Edge: Multiple Vulnerabilities

Background Microsoft Edge is a browser that combines a minimal design with sophisticated technology to make the web faster, safer, and easier. Description Multiple vulnerabilities have been discovered in Microsoft Edge. Please review the CVE identifiers referenced below for details. Impact Please...

9.6CVSS7.2AI score0.08619EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2021/07/20 12:0 a.m.77 views

mpv: Format string vulnerability

Background Video player based on MPlayer/mplayer2. Description mpv uses untrusted input within format strings. Impact A remote attacker could entice a user to open a specially crafted m3u playlist file using mpv, possibly resulting in execution of arbitrary code with the privileges of the process...

7.8CVSS3.9AI score0.02409EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2021/02/01 12:0 a.m.77 views

Mozilla Thunderbird: Multiple vulnerabilities

Background Mozilla Thunderbird is a popular open-source email client from the Mozilla project. Description Multiple vulnerabilities have been discovered in Mozilla Thunderbird. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for...

8.8CVSS2.7AI score0.01556EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2020/12/24 12:0 a.m.77 views

Samba: Multiple vulnerabilities

Background Samba is a suite of SMB and CIFS client/server programs. Description Multiple vulnerabilities have been discovered in Samba. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known...

10CVSS3.1AI score0.99512EPSS
Exploits75
Gentoo Linux
Gentoo Linux
added 2020/12/23 12:0 a.m.77 views

PHP: Multiple vulnerabilities

Background PHP is an open source general-purpose scripting language that is especially suited for web development. Description Multiple vulnerabilities have been discovered in PHP. Please review the CVE identifiers and change log referenced below for details. Impact An attacker could cause a Deni...

6.5CVSS2.2AI score0.05029EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2020/12/07 12:0 a.m.77 views

Mozilla Thunderbird: Multiple vulnerabilities

Background Mozilla Thunderbird is a popular open-source email client from the Mozilla project. Description Multiple vulnerabilities have been discovered in Mozilla Thunderbird. Please review the referenced Mozilla Foundation Security Advisories and CVE identifiers below for details. Impact Please...

9.6CVSS8.1AI score0.5063EPSS
Exploits3
Gentoo Linux
Gentoo Linux
added 2019/08/15 12:0 a.m.77 views

SQLite: Multiple vulnerabilities

Background SQLite is a C library that implements an SQL database engine. Description Multiple vulnerabilities have been discovered in SQLite. Please review the CVE identifiers referenced below for details. Impact A remote attacker could, by executing arbitrary SQL statements against a vulnerable...

8.1CVSS3AI score0.06683EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2018/03/06 12:0 a.m.77 views

Exim: Multiple vulnerabilities

Background Exim is a message transfer agent MTA designed to be a a highly configurable, drop-in replacement for sendmail. Description Multiple vulnerabilities have been discovered in Exim. Please review the CVE identifiers referenced below for details. Impact A remote attacker, by connecting to t...

9.8CVSS9.9AI score0.82238EPSS
Exploits27
Gentoo Linux
Gentoo Linux
added 2017/10/08 12:0 a.m.77 views

ICU: Multiple vulnerabilities

Background ICU is a mature, widely used set of C/C++ and Java libraries providing Unicode and Globalization support for software applications. Description Multiple vulnerabilities have been discovered in ICU. Please review the referenced CVE identifiers for details. Impact A remote attacker could...

7.5CVSS2.8AI score0.0463EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2017/09/25 12:0 a.m.77 views

Tcpdump: Multiple vulnerabilities

Background Tcpdump is a tool for network monitoring and data acquisition. Description Multiple vulnerabilities have been discovered in Tcpdump. Please review the referenced CVE identifiers for details. Impact A remote attacker could possibly execute arbitrary code with the privileges of the proce...

9.8CVSS10.1AI score0.06196EPSS
Exploits3
Gentoo Linux
Gentoo Linux
added 2017/09/17 12:0 a.m.77 views

Git: Command injection

Background Git is a small and fast distributed version control system designed to handle small and large projects. Description Specially crafted ‘ssh://...’ URLs may allow the owner of the repository to execute arbitrary commands on client’s machine if those commands are already installed on the...

8.8CVSS9AI score0.77823EPSS
Exploits9
Gentoo Linux
Gentoo Linux
added 2017/07/08 12:0 a.m.77 views

GNOME applet for NetworkManager: Arbitrary file read/write

Background GNOME applet for NetworkManager is a GTK+ 3 front-end which works under Xorg environments with a systray. Description Frederic Bardy and Quentin Biguenet discovered that GNOME applet for NetworkManager incorrectly checked permissions when connecting to certain wireless networks. Impact...

6.9CVSS6.3AI score0.00269EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2016/11/20 12:0 a.m.77 views

MongoDB: Denial of service

Background MongoDB from “humongous” is a scalable, high-performance, open source, schema-free, document-oriented database. Description MongoDB’s ‘mongod’ server fails to validate some cases of malformed BSON. Impact A remote attacker could send a specially crafted BSON request possibly resulting ...

5CVSS8AI score0.028EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2015/04/11 12:0 a.m.77 views

Xen: Multiple vulnerabilities

Background Xen is a bare-metal hypervisor. Description Multiple vulnerabilities have been discovered in Xen. Please review the CVE identifiers referenced below for details. Impact A local attacker could possibly cause a Denial of Service condition or obtain sensitive information. Workaround There...

7.8CVSS7.6AI score0.02513EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2014/06/15 12:0 a.m.77 views

Opera: Multiple vulnerabilities

Background Opera is a fast web browser that is available free of charge. Description Multiple vulnerabilities have been discovered in Opera. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to open a specially crafted web page using Oper...

9.3CVSS6.8AI score0.08036EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2014/06/01 12:0 a.m.77 views

libarchive: Multiple vulnerabilities

Background libarchive is a library for manipulating different streaming archive formats, including certain tar variants, several cpio formats, and both BSD and GNU ar variants. Description Multiple vulnerabilities have been discovered in libarchive. Please review the CVE identifiers referenced...

7.5CVSS9.4AI score0.04246EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2013/01/08 12:0 a.m.77 views

Mozilla Products: Multiple vulnerabilities

Background Mozilla Firefox is an open-source web browser and Mozilla Thunderbird an open-source email client, both from the Mozilla Project. The SeaMonkey project is a community effort to deliver production-quality releases of code derived from the application formerly known as the ‘Mozilla...

10CVSS9.8AI score0.87264EPSS
Exploits329
Gentoo Linux
Gentoo Linux
added 2004/12/19 12:0 a.m.77 views

PHP: Multiple vulnerabilities

Background PHP is a general-purpose scripting language widely used to develop web-based applications. It can run inside a web server using the modphp module or the CGI version of PHP, or can run stand-alone in a CLI. Description Stefan Esser and Marcus Boerger reported several different issues in...

10CVSS7.6AI score0.10042EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2021/07/20 12:0 a.m.76 views

libslirp: Multiple vulnerabilities

Background libslirp is a TCP/IP emulator used to provide virtual networking services. Description Multiple vulnerabilities have been discovered in libslirp. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround...

3.8CVSS2.6AI score0.00326EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2020/12/07 12:0 a.m.76 views

Linux-PAM: Authentication bypass

Background Linux-PAM Pluggable Authentication Modules is an architecture allowing the separation of the development of privilege granting software from the development of secure and appropriate authentication schemes. Description A flaw was found in Linux-Pam in the way it handle empty passwords...

10CVSS3AI score0.01959EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2018/04/22 12:0 a.m.76 views

unADF: Remote code execution

Background An unzip like for .ADF files. Description Multiple vulnerabilities were discovered in unADF that can lead to remote code execution. Please review the CVE identifiers referenced below for details. Impact A remote attacker, by enticing a user to process a specially crafted file, could...

9.8CVSS5AI score0.05282EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2018/02/20 12:0 a.m.76 views

Ruby: Command injection

Background Ruby is an interpreted object-oriented programming language. The elaborate standard library includes an HTTP server “WEBRick” and a class for XML parsing “REXML”. Description A command injection flaw was discovered in Net::FTP which impacts Ruby. Impact A remote attacker, by enticing a...

9.3CVSS8.7AI score0.73927EPSS
Exploits5
Gentoo Linux
Gentoo Linux
added 2018/01/27 12:0 a.m.76 views

Fossil: User-assisted execution of arbitrary code

Background Fossil is a simple, high-reliability, distributed software configuration management system. Description Fossil does not properly validate SSH sync protocol URLs. Impact A remote attacker, by enticing a user to open a specially crafted URL, could possibly execute arbitrary commands with...

9.3CVSS9AI score0.02805EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2017/06/27 12:0 a.m.76 views

FreeRADIUS: Security bypass

Background FreeRADIUS is an open source RADIUS authentication server. Description It was discovered that the implementation of TTLS and PEAP in FreeRADIUS skips inner authentication when it handles a resumed TLS connection. The affected versions of FreeRADIUS fails to reliably prevent the...

9.8CVSS9.8AI score0.03914EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2014/08/30 12:0 a.m.76 views

QEMU: Multiple vulnerabilities

Background QEMU is a generic and open source machine emulator and virtualizer. Description Multiple vulnerabilities have been discovered in QEMU. Please review the CVE identifiers referenced below for details. Impact A local attacker could possibly execute arbitrary code with the privileges of th...

8.6CVSS8.7AI score0.02696EPSS
Exploits6
Gentoo Linux
Gentoo Linux
added 2011/11/19 12:0 a.m.76 views

Chromium, V8: Multiple vulnerabilities

Background Chromium is an open-source web browser project. V8 is Google's open source JavaScript engine. Description Multiple vulnerabilities have been discovered in Chromium and V8. Please review the CVE identifiers and release notes referenced below for details. Impact A context-dependent...

7.5CVSS10AI score0.02073EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2022/10/16 12:0 a.m.75 views

libvirt: Multiple Vulnerabilities

Background libvirt is a C toolkit for manipulating virtual machines. Description Multiple vulnerabilities have been discovered in libvirt. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known...

8.8CVSS2.7AI score0.01366EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2022/07/29 12:0 a.m.75 views

HashiCorp Vault: Multiple Vulnerabilities

Background HashiCorp Vault is a tool for managing secrets. Description Multiple vulnerabilities have been discovered in HashiCorp Vault. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known...

8.8CVSS1.7AI score0.01407EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2021/05/26 12:0 a.m.75 views

PHP: Multiple vulnerabilities

Background PHP is an open source general-purpose scripting language that is especially suited for web development. Description Multiple vulnerabilities have been discovered in PHP. Please review the CVE identifiers and bugs referenced below for details. Impact Please review the referenced CVE...

7.5CVSS1.8AI score0.03179EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2021/03/31 12:0 a.m.75 views

Redis: Remote code execution

Background Redis is an open source BSD licensed, in-memory data structure store, used as a database, cache and message broker. Description It was discovered that there were a number of integer overflow issues in Redis. Impact A remote attacker, able to connect to a Redis instance, could send a...

8.8CVSS4.7AI score0.047EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2021/03/31 12:0 a.m.75 views

SQLite: Remote code execution

Background SQLite is a C library that implements an SQL database engine. Description It was discovered that SQLite incorrectly handled certain sub-queries. Impact A remote attacker could possibly execute arbitrary code with the privileges of the process, or cause a Denial of Service condition...

5.5CVSS4.1AI score0.00496EPSS
Exploits0
Total number of security vulnerabilities3816