Lucene search
K
GentooRecent

3816 matches found

Gentoo Linux
Gentoo Linux
added 2022/08/10 12:0 a.m.79 views

Mozilla Thunderbird: Multiple Vulnerabilities

Background Mozilla Thunderbird is a popular open-source email client from the Mozilla project. Description Multiple vulnerabilities have been discovered in Mozilla Thunderbird. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for...

10CVSS2.7AI score0.26709EPSS
Exploits33
Gentoo Linux
Gentoo Linux
added 2022/08/10 12:0 a.m.55 views

Mozilla Firefox: Multiple Vulnerabilities

Background Mozilla Firefox is a popular open-source web browser from the Mozilla project. Description Multiple vulnerabilities have been discovered in Mozilla Firefox. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details...

9.8CVSS8.2AI score0.26709EPSS
Exploits23
Gentoo Linux
Gentoo Linux
added 2022/08/04 12:0 a.m.41 views

Babel: Remote code execution

Background Babel is a collection of tools for internationalizing Python applications. Description Babel does not properly restrict which sources a locale can be loaded from. If Babel loads an attacker-controlled .dat file, arbitrary code execution can be achieved via unsafe Pickle deserialization...

4.6AI score
Exploits0
Gentoo Linux
Gentoo Linux
added 2022/08/04 12:0 a.m.98 views

Go: Multiple Vulnerabilities

Background Go is an open source programming language that makes it easy to build simple, reliable, and efficient software. Description Multiple vulnerabilities have been discovered in Go. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE...

9.8CVSS8.5AI score0.10299EPSS
Exploits12
Gentoo Linux
Gentoo Linux
added 2022/08/04 12:0 a.m.35 views

libmcpp: Denial of service

Background libmcpp is a portable C/C++ preprocessor. Description A buffer overflow and an out-of-bounds read vulnerability have been discovered in libmcpp, which could be exploited for denial of service. Impact An attacker that can provide crafted input to libmcpp could achieve denial of service...

5.5CVSS4.3AI score0.01569EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2022/08/04 12:0 a.m.43 views

3MF Consortium lib3mf: Remote code execution

Background lib3mf is an implementation of the 3D Manufacturing Format file standard. Description Incorrect memory handling within lib3mf could result in a use-after-free. Impact An attacker that can provide malicious input to an application using 3MF Consortium's lib3mf could achieve remote code...

8.1CVSS3.9AI score0.04339EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2022/08/04 12:0 a.m.189 views

Icinga Web 2: Multiple Vulnerabilities

Background Icinga Web 2 is a frontend for icinga2. Description Multiple vulnerabilities have been discovered in Icinga Web 2. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workaround at...

8.8CVSS3.5AI score0.89378EPSS
Exploits14
Gentoo Linux
Gentoo Linux
added 2022/07/29 12:0 a.m.75 views

HashiCorp Vault: Multiple Vulnerabilities

Background HashiCorp Vault is a tool for managing secrets. Description Multiple vulnerabilities have been discovered in HashiCorp Vault. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known...

8.8CVSS1.7AI score0.01407EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2022/02/21 12:0 a.m.65 views

Mozilla Firefox: Multiple vulnerabilities

Background Mozilla Firefox is a popular open-source web browser from the Mozilla project. Description Multiple vulnerabilities have been discovered in Mozilla Firefox. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details...

10CVSS2.9AI score0.0383EPSS
Exploits18
Gentoo Linux
Gentoo Linux
added 2022/02/20 12:0 a.m.40 views

Chromium, Google Chrome: Multiple vulnerabilities

Background Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web. Google Chrome is one, fast, simple, and secure browser for all your devices. Description Multiple vulnerabilities have been discovered in Chromium and...

9.6CVSS2AI score0.23546EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2022/02/01 12:0 a.m.70 views

WebkitGTK+: Multiple vulnerabilities

Background WebKitGTK+ is a full-featured port of the WebKit rendering engine, suitable for projects requiring any kind of web integration, from hybrid HTML/CSS applications to full-fledged web browsers. Description Multiple vulnerabilities have been discovered in WebkitGTK+. Please review the CVE...

9.8CVSS2.6AI score0.13486EPSS
Exploits9
Gentoo Linux
Gentoo Linux
added 2022/01/31 12:0 a.m.72 views

Chromium, Google Chrome: Multiple vulnerabilities

Background Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web. Google Chrome is one, fast, simple, and secure browser for all your devices. Description Multiple vulnerabilities have been discovered in Chromium and...

9.6CVSS8.2AI score0.85352EPSS
Exploits75
Gentoo Linux
Gentoo Linux
added 2022/01/27 12:0 a.m.103 views

Polkit: Local privilege escalation

Background polkit is a toolkit for managing policies related to unprivileged processes communicating with privileged process. Description Flawed input validation of arguments was discovered in the 'pkexec' program's main function. Impact A local attacker could achieve root privilege escalation...

7.8CVSS2.7AI score0.94921EPSS
Exploits151
Gentoo Linux
Gentoo Linux
added 2021/07/24 12:0 a.m.103 views

libyang: Multiple vulnerabilities

Background YANG data modeling language library. Description Multiple vulnerabilities have been discovered in libyang. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workaround at this...

7.5CVSS2.7AI score0.02425EPSS
Exploits5
Gentoo Linux
Gentoo Linux
added 2021/07/24 12:0 a.m.109 views

Leptonica: Multiple vulnerabilities

Background Leptonica is a C library for image processing and analysis. Description Multiple vulnerabilities have been discovered in Leptonica. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no...

7.5CVSS2.8AI score0.02871EPSS
Exploits5
Gentoo Linux
Gentoo Linux
added 2021/07/24 12:0 a.m.111 views

SDL 2: Multiple vulnerabilities

Background Simple DirectMedia Layer is a cross-platform development library designed to provide low level access to audio, keyboard, mouse, joystick, and graphics hardware via OpenGL and Direct3D. Description Multiple vulnerabilities have been discovered in SDL 2. Please review the CVE identifier...

7.8CVSS3.7AI score0.01666EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2021/07/23 12:0 a.m.60 views

IcedTeaWeb: Multiple vulnerabilities

Background FOSS Java browser plugin and Web Start implementation. Description Multiple vulnerabilities have been discovered in IcedTeaWeb. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known...

8.6CVSS3.2AI score0.04022EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2021/07/23 12:0 a.m.80 views

Apache Velocity: Multiple vulnerabilities

Background Apache Velocity is a general purpose template engine. Description Multiple vulnerabilities have been discovered in Apache Velocity. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no...

9CVSS3.1AI score0.22709EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2021/07/22 12:0 a.m.71 views

Chromium, Google Chrome: Multiple vulnerabilities

Background Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web. Google Chrome is one fast, simple, and secure browser for all your devices. Description Multiple vulnerabilities have been discovered in chromium, and...

8.8CVSS1.9AI score0.21623EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2021/07/22 12:0 a.m.69 views

Singularity: Remote code execution

Background Singularity is the container platform for performance sensitive workloads. Description Singularity always uses the default remote endpoint, ‘cloud.syslabs.io’, for action commands using the ‘library://’ URI rather than the configured remote endpoint. Impact An attacker that that can pu...

6.8CVSS6.6AI score0.01415EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2021/07/20 12:0 a.m.76 views

mpv: Format string vulnerability

Background Video player based on MPlayer/mplayer2. Description mpv uses untrusted input within format strings. Impact A remote attacker could entice a user to open a specially crafted m3u playlist file using mpv, possibly resulting in execution of arbitrary code with the privileges of the process...

7.8CVSS3.9AI score0.02409EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2021/07/20 12:0 a.m.37 views

systemd: Multiple vulnerabilities

Background A system and service manager. Description Multiple vulnerabilities have been discovered in systemd. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workaround at this time...

6.1CVSS3.1AI score0.0865EPSS
Exploits3
Gentoo Linux
Gentoo Linux
added 2021/07/20 12:0 a.m.90 views

RPM: Multiple vulnerabilities

Background The Red Hat Package Manager RPM is a command line driven package management system capable of installing, uninstalling, verifying, querying, and updating computer software packages. Description Multiple vulnerabilities have been discovered in RPM. Please review the CVE identifiers...

7CVSS2.5AI score0.01706EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2021/07/20 12:0 a.m.68 views

libpano13: Format string vulnerability

Background libpano13 is Helmut Dersch’s panorama toolbox library. Description A format string issue exists within panoFileOutputNamesCreate where unvalidated input is passed directly into the formatter. Impact A remote attacker could entice a user to open a specially crafted file using libpano1...

9.8CVSS9.7AI score0.01941EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2021/07/20 12:0 a.m.77 views

PJSIP: Multiple vulnerabilities

Background PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Description Multiple vulnerabilities have been discovered in PJSIP. Please review the CVE identifiers referenced belo...

6.8CVSS1.9AI score0.02088EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2021/07/20 12:0 a.m.76 views

libslirp: Multiple vulnerabilities

Background libslirp is a TCP/IP emulator used to provide virtual networking services. Description Multiple vulnerabilities have been discovered in libslirp. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround...

3.8CVSS2.6AI score0.00326EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2021/07/20 12:0 a.m.82 views

PyCharm Community, Professional: Remote code execution

Background PyCharm is the Python IDE for professional developers. Description Insufficient validation exists within PyCharm’s checks for fetching projects from VCS. Impact If a victim can be enticed into fetching a VCS project via PyCharm, a remote attacker could achieve remote code execution...

7.8CVSS8.2AI score0.00847EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2021/07/18 12:0 a.m.81 views

Dovecot: Multiple vulnerabilities

Background Dovecot is an open source IMAP and POP3 email server. Description Multiple vulnerabilities have been discovered in Dovecot. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known...

7.5CVSS2.6AI score0.02837EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2021/07/17 12:0 a.m.115 views

MediaWiki: Multiple vulnerabilities

Background MediaWiki is a collaborative editing software used by large projects such as Wikipedia. Description Multiple vulnerabilities have been discovered in MediaWiki. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for detail...

7.5CVSS3.4AI score0.01943EPSS
Exploits7
Gentoo Linux
Gentoo Linux
added 2021/07/17 12:0 a.m.139 views

Apache Commons FileUpload: Multiple vulnerabilities

Background The Apache Commons FileUpload package makes it easy to add robust, high-performance, file upload capability to your servlets and web applications. Description Multiple vulnerabilities have been discovered in Apache Commons FileUpload. Please review the CVE identifiers referenced below...

7.8CVSS7.9AI score0.83175EPSS
Exploits9
Gentoo Linux
Gentoo Linux
added 2021/07/17 12:0 a.m.162 views

Apache: Multiple vulnerabilities

Background The Apache HTTP server is one of the most popular web servers on the Internet. Description Multiple vulnerabilities have been discovered in Apache. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaroun...

9.8CVSS2AI score0.68067EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2021/07/16 12:0 a.m.131 views

Apache Commons Collections: Remote code execution

Background Apache Commons Collections extends the JCF classes with new interfaces, implementations and utilities. Description Some classes in the Apache Commons Collections functor package deserialized potentially untrusted input by default. Impact Deserializing untrusted input using Apache Commo...

9.8CVSS5.7AI score0.17741EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2021/07/15 12:0 a.m.78 views

FluidSynth: Remote code execution

Background FluidSynth is a real-time synthesizer based on the Soundfont 2 specifications. Description FluidSynth contains a use-after-free in sfloader/fluidsffile.c which occurs when parsing Soundfile 2 files. Impact A remote attacker could entice a user to open a specially crafted Soundfont 2 fi...

5AI score
Exploits0
Gentoo Linux
Gentoo Linux
added 2021/07/15 12:0 a.m.113 views

urllib3: Multiple vulnerabilities

Background The urllib3 library is an HTTP library with thread-safe connection pooling, file post, and more. Description Multiple vulnerabilities have been discovered in urllib3. Please review the CVE identifiers referenced below for details. Impact An attacker could cause a possible Denial of...

7.5CVSS0.9AI score0.03273EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2021/07/15 12:0 a.m.66 views

OpenSCAD: Buffer overflow

Background OpenSCAD is the programmer’s solid 3D CAD modeller. Description A buffer overflow exists in OpenSCAD when parsing STL files. Impact A remote attacker could entice a user to open a specially crafted STL file using OpenSCAD, possibly resulting in execution of arbitrary code with the...

8.8CVSS8.2AI score0.01956EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2021/07/14 12:0 a.m.57 views

Apache Thrift: Multiple vulnerabilities

Background Apache Thrift is a software framework that combines a software stack with a code generation engine to build services that work efficiently and seamlessly between many languages. Description Multiple vulnerabilities have been discovered in Apache Thrift. Please review the CVE identifier...

7.8CVSS3.3AI score0.09082EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2021/07/14 12:0 a.m.52 views

Pillow: Multiple vulnerabilities

Background Python Imaging Library fork Description Multiple vulnerabilities have been discovered in Pillow. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workaround at this time...

9.8CVSS3.6AI score0.04851EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2021/07/13 12:0 a.m.71 views

polkit: Privilege escalation

Background polkit is a toolkit for managing policies related to unprivileged processes communicating with privileged process. Description The function polkitsystembusnamegetcredssync was called without checking for error, and as such temporarily treats the authentication request as coming from...

7.8CVSS3.2AI score0.22193EPSS
Exploits37
Gentoo Linux
Gentoo Linux
added 2021/07/12 12:0 a.m.133 views

Xen: Multiple vulnerabilities

Background Xen is a bare-metal hypervisor. Description Multiple vulnerabilities have been discovered in Xen. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workaround at this time...

8.8CVSS7.7AI score0.01428EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2021/07/12 12:0 a.m.104 views

GNU Chess: Buffer overflow

Background GNU Chess is a console based chess interfae. Description The cmdpgnload and cmdpgnreplay functions in cmd.cc in GNU Chess to not sufficiently validate PGN file input, potentially resulting in a buffer overflow. Impact A remote attacker could entice a user to open a specially crafted PG...

7.8CVSS4.5AI score0.01769EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2021/07/12 12:0 a.m.82 views

ConnMan: Multiple vulnerabilities

Background ConnMan provides a daemon for managing Internet connections. Description Multiple vulnerabilities have been discovered in connman. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no kno...

9.8CVSS2.9AI score0.02863EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2021/07/11 12:0 a.m.150 views

OpenEXR: Multiple vulnerabilities

Background OpenEXR is a high dynamic-range HDR image file format developed by Industrial Light & Magic for use in computer imaging applications. Description Multiple vulnerabilities have been discovered in OpenEXR. Please review the CVE identifiers referenced below for details. Impact Please revi...

5.5CVSS7.1AI score0.01848EPSS
Exploits8
Gentoo Linux
Gentoo Linux
added 2021/07/10 12:0 a.m.96 views

Tor: Multiple vulnerabilities

Background Tor is an implementation of second generation Onion Routing, a connection-oriented anonymizing communication service. Description Multiple vulnerabilities have been discovered in Tor. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CV...

7.5CVSS2.8AI score0.02721EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2021/07/10 12:0 a.m.119 views

Docker: Multiple vulnerabilities

Background Docker is the world’s leading software containerization platform. Description Multiple vulnerabilities have been discovered in Docker. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no...

6.8CVSS7.7AI score0.03287EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2021/07/10 12:0 a.m.118 views

runC: Container breakout

Background runC is a CLI tool for spawning and running containers according to the OCI specification. Description A vulnerability in runC could allow an attacker to achieve privilege escalation if specific mount configuration prerequisites are satisfied. Impact An attacker may be able to escalati...

8.5CVSS8.5AI score0.06604EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2021/07/10 12:0 a.m.134 views

Binutils: Multiple vulnerabilities

Background The GNU Binutils are a collection of tools to create, modify and analyse binary files. Many of the files use BFD, the Binary File Descriptor library, to do low-level manipulation. Description Multiple vulnerabilities have been discovered in Binutils. Please review the CVE identifiers...

7.8CVSS7.1AI score0.01976EPSS
Exploits14
Gentoo Linux
Gentoo Linux
added 2021/07/09 12:0 a.m.91 views

Redis: Multiple vulnerabilities

Background Redis is an open source BSD licensed, in-memory data structure store, used as a database, cache and message broker. Description Multiple vulnerabilities have been discovered in Redis. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CV...

8.8CVSS2.1AI score0.04028EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2021/07/09 12:0 a.m.72 views

InspIRCd: Information disclosure

Background InspIRCd is a modular Internet Relay Chat IRC server written in C++ which was created from scratch to be stable, modern and lightweight. Description InspIRCd incorrectly handled malformed PONG messages, resulting in access of freed memory. Impact A remote attacker could send crafted...

4.3CVSS2.4AI score0.0089EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2021/07/09 12:0 a.m.100 views

Wireshark: Multiple vulnerabilities

Background Wireshark is a network protocol analyzer formerly known as ethereal. Description Multiple vulnerabilities have been discovered in Wireshark. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There...

8.8CVSS3.4AI score0.03639EPSS
Exploits3
Gentoo Linux
Gentoo Linux
added 2021/07/08 12:0 a.m.35 views

Jinja: Denial of service

Background Jinja is a template engine written in pure Python. Description The ‘urlize’ filter in Jinja utilized an inefficient regular expression that could be exploited to consume excess CPU. Impact An attacker could cause a Denial of Service condition via crafted input to the ‘urlize’ Jinja...

5.3CVSS5.9AI score0.03546EPSS
Exploits1
Total number of security vulnerabilities3816