Lucene search
K
GentooRecent

3816 matches found

Gentoo Linux
Gentoo Linux
added 2024/06/22 12:0 a.m.22 views

GLib: Privilege Escalation

Background GLib is a library providing a number of GNOME's core objects and functions. Description A vulnerability has been discovered in GLib. Please review the CVE identifier referenced below for details. Impact When a GDBus-based client subscribes to signals from a trusted system service such ...

5.2CVSS6.9AI score0.00756EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2024/06/22 12:0 a.m.22 views

LZ4: Memory Corruption

Background LZ4 is a lossless compression algorithm, providing compression speed 500 MB/s per core, scalable with multi-cores CPU. It features an extremely fast decoder, with speed in multiple GB/s per core, typically reaching RAM speed limits on multi-core systems. Description An attacker who...

9.8CVSS9.7AI score0.03216EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2024/06/22 12:0 a.m.21 views

RDoc: Remote Code Execution

Background RDoc produces HTML and command-line documentation for Ruby projects. Description A vulnerability has been discovered in RDoc. Please review the CVE identifier referenced below for details. Impact When parsing .rdocoptions used for configuration in RDoc as a YAML file, object injection...

4.5CVSS8.3AI score0.01571EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2024/06/22 12:0 a.m.34 views

Flatpak: Sandbox Escape

Background Flatpak is a Linux application sandboxing and distribution framework. Description A vulnerability has been discovered in Flatpak. Please review the CVE identifier referenced below for details. Impact A malicious or compromised Flatpak app could execute arbitrary code outside its sandbo...

8.4CVSS7.7AI score0.00512EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2024/06/22 12:0 a.m.36 views

JHead: Multiple Vulnerabilities

Background JHead is an EXIF JPEG header manipulation tool. Description Multiple vulnerabilities have been discovered in JHead. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workaround a...

9.8CVSS7.7AI score0.01435EPSS
Exploits5
Gentoo Linux
Gentoo Linux
added 2024/05/12 12:0 a.m.23 views

Rebar3: Command Injection

Background A sophisticated build-tool for Erlang projects that follows OTP principles. Description Rebar3 is vulnerable to OS command injection via the URL parameter of a dependency specification. Impact A vulnerability has been discovered in Rebar3. Please review the CVE identifier referenced...

10CVSS7.7AI score0.0675EPSS
Exploits3
Gentoo Linux
Gentoo Linux
added 2024/05/12 12:0 a.m.27 views

PoDoFo: Multiple Vulnerabilities

Background PoDoFo is a free portable C++ library to work with the PDF file format. Description Please review the referenced CVE identifiers for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workaround at this time. Resolution All PoDoFo use...

8.8CVSS7.3AI score0.0074EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2024/05/12 12:0 a.m.28 views

Kubelet: Privilege Escalation

Background Kubelet is a Kubernetes Node Agent. Description A vulnerability has been discovered in Kubelet. Please review the CVE identifier referenced below for details. Impact A security issue was discovered in Kubernetes where a user that can create pods and persistent volumes on Windows nodes...

8.8CVSS7.5AI score0.03578EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2024/05/12 12:0 a.m.28 views

Mozilla Thunderbird: Multiple Vulnerabilities

Background Mozilla Thunderbird is a popular open-source email client from the Mozilla project. Description Multiple vulnerabilities have been discovered in Mozilla Thunderbird. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for...

8.8CVSS7.6AI score0.00937EPSS
Exploits4
Gentoo Linux
Gentoo Linux
added 2024/05/08 12:0 a.m.21 views

qtsvg: Multiple Vulnerabilities

Background qtsvg is a SVG rendering library for the Qt framework. Description Multiple vulnerabilities have been discovered in qtsvg. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known...

6.5CVSS7.1AI score0.01343EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2024/05/08 12:0 a.m.27 views

Epiphany: Buffer Overflow

Background Epiphany is a GNOME webbrowser based on the Mozilla rendering engine Gecko. Description A vulnerability has been discovered in Epiphany. Please review the CVE identifier referenced below for details. Impact In GNOME Epiphany an HTML document can trigger a client buffer overflow in...

7.5CVSS7.5AI score0.01896EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2024/05/08 12:0 a.m.45 views

NVIDIA Drivers: Multiple Vulnerabilities

Background NVIDIA Drivers are NVIDIA's accelerated graphics driver. Description Multiple vulnerabilities have been discovered in NVIDIA Drivers. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no...

7.8CVSS7.6AI score0.00228EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2024/05/08 12:0 a.m.41 views

MariaDB: Multiple Vulnerabilities

Background MariaDB is an enhanced, drop-in replacement for MySQL. Description Multiple vulnerabilities have been discovered in MariaDB. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known...

7.8CVSS7.3AI score0.03726EPSS
Exploits40
Gentoo Linux
Gentoo Linux
added 2024/05/08 12:0 a.m.39 views

Commons-BeanUtils: Improper Access Restriction

Background Commons-beanutils provides easy-to-use wrappers around Reflection and Introspection APIs Description A vulnerability has been discovered in Commons-BeanUtils. Please review the CVE identifier referenced below for details. Impact Please review the referenced CVE identifiers for details...

7.5CVSS7.3AI score0.28839EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2024/05/08 12:0 a.m.25 views

U-Boot tools: double free vulnerability

Background U-Boot tools provides utiiities for working with Das U-Boot. Description A vulnerability has been discovered in U-Boot tools. Please review the CVE identifier referenced below for details. Impact In Das U-Boot a double free has been found in the cmd/gpt.c dorenamegptparts function...

10CVSS7.5AI score0.03701EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2024/05/08 12:0 a.m.103 views

Node.js: Multiple Vulnerabilities

Background Node.js is a JavaScript runtime built on Chrome’s V8 JavaScript engine. Description Multiple vulnerabilities have been discovered in Node.js. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround Ther...

9.8CVSS9.3AI score0.91153EPSS
Exploits30
Gentoo Linux
Gentoo Linux
added 2024/05/08 12:0 a.m.32 views

rsync: Multiple Vulnerabilities

Background rsync is a server and client utility that provides fast incremental file transfers. It is used to efficiently synchronize files between hosts and is used by emerge to fetch Gentoo's Portage tree. Description Multiple vulnerabilities have been discovered in rsync. Please review the CVE...

7.5CVSS10AI score0.51733EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2024/05/08 12:0 a.m.40 views

ytnef: Multiple Vulnerabilities

Background ytnef is a TNEF stream reader for reading winmail.dat files. Description The TNEFSubjectHandler function in lib/ytnef.c allows remote attackers to cause a denial-of-service and potentially code execution due to a double free which can be triggered via a crafted file. The SwapWord...

7.8CVSS7.5AI score0.0193EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2024/05/07 12:0 a.m.43 views

Xpdf: Multiple Vulnerabilities

Background Xpdf is an X viewer for PDF files. Description Multiple vulnerabilities have been discovered in Xpdf. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workaround at this time...

7.8CVSS7.7AI score0.02057EPSS
Exploits4
Gentoo Linux
Gentoo Linux
added 2024/05/07 12:0 a.m.36 views

libjpeg-turbo: Multiple Vulnerabilities

Background libjpeg-turbo is a MMX, SSE, and SSE2 SIMD accelerated JPEG library. Description Multiple vulnerabilities have been discovered in libjpeg-turbo. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround...

8.8CVSS7.6AI score0.02728EPSS
Exploits4
Gentoo Linux
Gentoo Linux
added 2024/05/07 12:0 a.m.24 views

xar: Unsafe Extraction

Background xar provides an easily extensible archive format. Description A vulnerability has been discovered in xar. Please review the CVE identifier referenced below for details. Impact xar allows for a forward-slash separated path to be specified in the file name property, e.g. x/foo – as long ...

5.5CVSS6.7AI score0.42674EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2024/05/06 12:0 a.m.59 views

glibc: Multiple Vulnerabilities

Background glibc is a package that contains the GNU C library. Description Multiple vulnerabilities have been discovered in glibc. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workarou...

8.1CVSS7.6AI score0.8833EPSS
Exploits16
Gentoo Linux
Gentoo Linux
added 2024/05/05 12:0 a.m.33 views

Pillow: Multiple Vulnerabilities

Background The friendly PIL fork. Description Multiple vulnerabilities have been discovered in Pillow. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workaround at this time. Resolution...

8.1CVSS8.7AI score0.01703EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2024/05/05 12:0 a.m.34 views

QtWebEngine: Multiple Vulnerabilities

Background QtWebEngine is a library for rendering dynamic web content in Qt5 and Qt6 C++ and QML applications. Description Multiple vulnerabilities have been discovered in QtWebEngine. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE...

9.8CVSS7.7AI score0.0152EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2024/05/05 12:0 a.m.18 views

borgmatic: Shell Injection

Background borgmatic is simple, configuration-driven backup software for servers and workstations. Description Prevent shell injection attacks within the PostgreSQL hook, the MongoDB hook, the SQLite hook, the "borgmatic borg" action, and command hook variable/constant interpolation. Impact Shell...

8.3AI score
Exploits0
Gentoo Linux
Gentoo Linux
added 2024/05/05 12:0 a.m.31 views

MIT krb5: Multiple Vulnerabilities

Background MIT krb5 is the free implementation of the Kerberos network authentication protocol by the Massachusetts Institute of Technology. Description Multiple vulnerabilities have been discovered in MIT krb5. Please review the CVE identifiers referenced below for details. Impact Please review...

8.8CVSS10AI score0.10276EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2024/05/05 12:0 a.m.31 views

Setuptools: Denial of Service

Background Setuptools is a manager for Python packages. Description A vulnerability has been discovered in Setuptools. See the impact field. Impact An inefficiency in a regular expression may end in a denial of service if an user is fetching malicious HTML from a package in PyPI or a custom...

5.9CVSS8.7AI score0.02617EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2024/05/05 12:0 a.m.51 views

Apache Commons BCEL: Remote Code Execution

Background The Byte Code Engineering Library Apache Commons BCEL™ is intended to give users a convenient way to analyze, create, and manipulate binary Java class files those ending with .class. Description A vulnerability has been discovered in U-Boot tools. Please review the CVE identifier...

9.8CVSS8.2AI score0.17673EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2024/05/05 12:0 a.m.29 views

Mozilla Firefox: Multiple Vulnerabilities

Background Mozilla Firefox is a popular open-source web browser from the Mozilla project. Description Multiple vulnerabilities have been discovered in Mozilla Firefox. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details...

9.8CVSS7.1AI score0.00937EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2024/05/04 12:0 a.m.15 views

MediaInfo, MediaInfoLib: Multiple Vulnerabilities

Background MediaInfo supplies technical and tag information about media files. MediaInfoLib contains MediaInfo libraries. Description Multiple vulnerabilities have been discovered in MediaInfo and MediaInfoLib. Please review the CVE identifiers referenced below for details. Impact Please review t...

7.4AI score
Exploits0
Gentoo Linux
Gentoo Linux
added 2024/05/04 12:0 a.m.31 views

mujs: Multiple Vulnerabilities

Background mujs is an embeddable Javascript interpreter in C. Description Multiple vulnerabilities have been discovered in mujs. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workaround...

9.8CVSS7.4AI score0.02248EPSS
Exploits3
Gentoo Linux
Gentoo Linux
added 2024/05/04 12:0 a.m.60 views

HTMLDOC: Multiple Vulnerabilities

Background HTMLDOC is a HTML indexer and HTML to PS and PDF converter. Description Multiple vulnerabilities have been discovered in HTMLDOC. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no know...

10CVSS7.5AI score0.07349EPSS
Exploits20
Gentoo Linux
Gentoo Linux
added 2024/05/04 12:0 a.m.25 views

strongSwan: Multiple Vulnerabilities

Background strongSwan is an IPSec implementation for Linux. Description Multiple vulnerabilities have been discovered in strongSwan. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known...

9.8CVSS7.6AI score0.04804EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2024/05/04 12:0 a.m.36 views

Python, PyPy3: Multiple Vulnerabilities

Background Python is an interpreted, interactive, object-oriented, cross-platform programming language. Description Multiple vulnerabilities have been discovered in Python, PyPy3. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers f...

7.8CVSS7.7AI score0.20459EPSS
Exploits3
Gentoo Linux
Gentoo Linux
added 2024/05/04 12:0 a.m.39 views

Dalli: Code Injection

Background Dalli is a high performance pure Ruby client for accessing memcached servers. Description A vulnerability was found in Dalli. Affected is the function self.metaset of the file lib/dalli/protocol/meta/requestformatter.rb of the component Meta Protocol Handler. The manipulation leads to...

6.3CVSS7.2AI score0.01284EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2024/05/04 12:0 a.m.64 views

MPlayer: Multiple Vulnerabilities

Background MPlayer is a media player capable of handling multiple multimedia file formats. Description Multiple vulnerabilities have been discovered in MPlayer. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details...

7.8CVSS7.3AI score0.00358EPSS
Exploits13
Gentoo Linux
Gentoo Linux
added 2024/05/04 12:0 a.m.27 views

systemd: Multiple Vulnerabilities

Background A system and service manager. Description Multiple vulnerabilities have been discovered in systemd. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workaround at this time...

5.5CVSS10AI score0.00867EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2024/05/04 12:0 a.m.47 views

ImageMagick: Multiple Vulnerabilities

Background ImageMagick is a software suite to create, edit, and compose bitmap images, that can also read, write, and convert images in many other formats. Description Multiple vulnerabilities have been discovered in ImageMagick. Please review the CVE identifiers referenced below for details...

7.8CVSS7.1AI score0.89855EPSS
Exploits37
Gentoo Linux
Gentoo Linux
added 2024/03/29 12:0 a.m.36 views

XZ utils: Backdoor in release tarballs

Background XZ Utils is free general-purpose data compression software with a high compression ratio. Description A backdoor has been discovered in XZ utils. Please review the CVE identifier referenced below for details. Impact Our current understanding of the backdoor is that is does not affect...

10CVSS9.7AI score0.85974EPSS
Exploits40
Gentoo Linux
Gentoo Linux
added 2024/03/03 12:0 a.m.22 views

Blender: Multiple Vulnerabilities

Background Blender is a 3D Creation/Animation/Publishing System. Description Multiple vulnerabilities have been discovered in Blender. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known...

7.8CVSS7.3AI score0.01135EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2024/03/03 12:0 a.m.32 views

Tox: Remote Code Execution

Background Tox is easy-to-use software that connects you with friends and family without anyone else listening in. Description A vulnerability has been discovered in btrbk. Please review the CVE identifier referenced below for details. Impact A stack-based buffer overflow allows remote attackers ...

9.8CVSS8.4AI score0.03954EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2024/03/03 12:0 a.m.30 views

UltraJSON: Multiple Vulnerabilities

Background UltraJSON is an ultra fast JSON encoder and decoder written in pure C with bindings for Python 3.8+. Description Affected versions were found to improperly decode certain characters. JSON strings that contain escaped surrogate characters not part of a proper surrogate pair were decoded...

7.5CVSS6.9AI score0.02283EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2024/02/26 12:0 a.m.19 views

btrbk: Remote Code Execution

Background btrbk is a backup tool for btrfs subvolumes, taking advantage of btrfs specific capabilities to create atomic snapshots and transfer them incrementally to your backup locations. Description A vulnerability has been discovered in btrbk. Please review the CVE identifier referenced below...

9.8CVSS7.2AI score0.03155EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2024/02/26 12:0 a.m.30 views

GNU Aspell: Heap Buffer Overflow

Background GNU Aspell is a popular spell-checker. Dictionaries are available for many languages. Description Multiple vulnerabilities have been discovered in GNU Aspell. Please review the CVE identifiers referenced below for details. Impact GNU Aspell has a heap-based buffer overflow in...

7.8CVSS7.8AI score0.00549EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2024/02/26 12:0 a.m.9 views

Glances: Arbitrary Code Execution

Background Glances is an open-source system cross-platform monitoring tool. It allows real-time monitoring of various aspects of your system such as CPU, memory, disk, network usage etc. Description A vulnerability in XML parsing may lead to a variety of XML attacks. Impact A vulnerability in XML...

7.2AI score
Exploits0
Gentoo Linux
Gentoo Linux
added 2024/02/26 12:0 a.m.77 views

PyYAML: Arbitrary Code Execution

Background PyYAML is a YAML parser and emitter for Python. Description A vulnerability has been discovered in PyYAML. Please review the CVE identifier referenced below for details. Impact A vulnerability was discovered in the PyYAML library, where it is susceptible to arbitrary code execution whe...

10CVSS8.3AI score0.05984EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2024/02/21 12:0 a.m.28 views

LibreOffice: Multiple Vulnerabilities

Background LibreOffice is a powerful office suite; its clean interface and powerful tools let you unleash your creativity and grow your productivity. Description Multiple vulnerabilities have been discovered in LibreOffice. Please review the CVE identifiers referenced below for details. Impact...

8.8CVSS7.6AI score0.01017EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2024/02/19 12:0 a.m.12 views

Seamonkey: Multiple Vulnerabilities

Background The Seamonkey project is a community effort to deliver production-quality releases of code derived from the application formerly known as the ‘Mozilla Application Suite’. Description Multiple vulnerabilities have been discovered in Seamonkey. Please review the CVE identifiers reference...

7.8AI score
Exploits0
Gentoo Linux
Gentoo Linux
added 2024/02/19 12:0 a.m.45 views

Samba: Multiple Vulnerabilities

Background Samba is a suite of SMB and CIFS client/server programs. Description Multiple vulnerabilities have been discovered in Samba. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known...

9.8CVSS7.7AI score0.62606EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2024/02/19 12:0 a.m.19 views

Glade: Denial of Service

Background Glade is a RAD tool to enable quick & easy development of user interfaces for the GTK+ toolkit Version 3 only and the GNOME desktop environment. Description A vulnerability has been found in Glade which can lead to a denial of service when working with specific glade files. Impact A...

5.5CVSS5.4AI score0.00214EPSS
Exploits0
Total number of security vulnerabilities3816