Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
GentooLinux*

87 matches found

CVE
CVEadded 2005/03/07 5:0 a.m.53 views

CVE-2005-0667

Buffer overflow in Sylpheed before 1.0.3 and other versions before 1.9.5 allows remote attackers to execute arbitrary code via an e-mail message with certain headers containing non-ASCII characters that are not properly handled when the user replies to the message.

5.1CVSS7.6AI score0.0334EPSS
CVE
CVEadded 2014/07/29 2:55 p.m.53 views

CVE-2014-4909

Integer overflow in the tr_bitfieldEnsureNthBitAlloced function in bitfield.c in Transmission before 2.84 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted peer message, which triggers an out-of-bounds write.

6.8CVSS7.7AI score0.09187EPSS
CVE
CVEadded 2004/12/06 5:0 a.m.52 views

CVE-2004-0634

The SMB SID snooping capability in Ethereal 0.9.15 to 0.10.4 allows remote attackers to cause a denial of service (process crash) via a handle without a policy name, which causes a null dereference.

5CVSS6.1AI score0.10554EPSS
CVE
CVEadded 2004/12/06 5:0 a.m.52 views

CVE-2004-0635

The SNMP dissector in Ethereal 0.8.15 through 0.10.4 allows remote attackers to cause a denial of service (process crash) via a (1) malformed or (2) missing community string, which causes an out-of-bounds read.

5CVSS6.2AI score0.08502EPSS
CVE
CVEadded 2005/01/27 5:0 a.m.52 views

CVE-2004-0933

Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus r6.0 through r7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, EZ-Armor 2.0 through 2.4, and EZ-Antivirus 6.1 through 6.3 allow remote attackers to bypass antivirus protection v...

7.5CVSS6.4AI score0.30032EPSS
CVE
CVEadded 2005/01/27 5:0 a.m.52 views

CVE-2004-0936

RAV antivirus allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.

7.5CVSS6.4AI score0.132EPSS
CVE
CVEadded 2005/03/01 5:0 a.m.52 views

CVE-2004-1027

Directory traversal vulnerability in the -x (extract) command line option in unarj allows remote attackers to overwrite arbitrary files via an arj archive with filenames that contain .. (dot dot) sequences.

5CVSS6.5AI score0.06284EPSS
CVE
CVEadded 2005/04/14 4:0 a.m.52 views

CVE-2004-1092

Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by causing mc to free unallocated memory.

5CVSS6.3AI score0.00763EPSS
CVE
CVEadded 2008/02/29 2:44 a.m.52 views

CVE-2008-1078

expn in the am-utils and net-fs packages for Gentoo, rPath Linux, and other distributions, allows local users to overwrite arbitrary files via a symlink attack on the expn[PID] temporary file. NOTE: this is the same issue as CVE-2003-0308.1.

7.2CVSS6AI score0.00061EPSS
CVE
CVEadded 2005/02/09 5:0 a.m.51 views

CVE-2004-0937

Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target syst...

7.5CVSS6.4AI score0.132EPSS
CVE
CVEadded 2005/01/27 5:0 a.m.50 views

CVE-2004-0934

Kaspersky 3.x to 4.x allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.

7.5CVSS6.4AI score0.14187EPSS
CVE
CVEadded 2005/03/01 5:0 a.m.50 views

CVE-2004-1033

Fcron 2.0.1, 2.9.4, and possibly earlier versions leak file descriptors of open files, which allows local users to bypass access restrictions and read fcron.allow and fcron.deny via the EDITOR environment variable.

2.1CVSS6AI score0.00071EPSS
CVE
CVEadded 2005/03/01 5:0 a.m.50 views

CVE-2004-1037

The search function in TWiki 20030201 allows remote attackers to execute arbitrary commands via shell metacharacters in a search string.

10CVSS7.3AI score0.85829EPSS
CVE
CVEadded 2005/01/10 5:0 a.m.50 views

CVE-2004-1116

The init scripts in Great Internet Mersenne Prime Search (GIMPS) 23.9 and earlier execute user-owned programs with root privileges, which allows local users to gain privileges by modifying the programs.

7.2CVSS6.7AI score0.00046EPSS
CVE
CVEadded 2013/10/28 10:55 p.m.50 views

CVE-2010-1159

Multiple heap-based buffer overflows in Aircrack-ng before 1.1 allow remote attackers to cause a denial of service (crash) and execute arbitrary code via a (1) large length value in an EAPOL packet or (2) long EAPOL packet.

6.8CVSS7.8AI score0.26396EPSS
CVE
CVEadded 2013/11/18 2:55 a.m.50 views

CVE-2013-2032

MediaWiki before 1.19.6 and 1.20.x before 1.20.5 does not allow extensions to prevent password changes without using both Special:PasswordReset and Special:ChangePassword, which allows remote attackers to bypass the intended restrictions of an extension that only implements one of these blocks.

5CVSS7.5AI score0.01057EPSS
CVE
CVEadded 2004/12/06 5:0 a.m.49 views

CVE-2004-0633

The iSNS dissector for Ethereal 0.10.3 through 0.10.4 allows remote attackers to cause a denial of service (process abort) via an integer overflow.

5CVSS6.3AI score0.37279EPSS
CVE
CVEadded 2004/12/06 5:0 a.m.48 views

CVE-2004-0626

The tcp_find_option function of the netfilter subsystem in Linux kernel 2.6, when using iptables and TCP options rules, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a large option length that produces a negative integer after a casting operation to the...

5CVSS6.2AI score0.01738EPSS
CVE
CVEadded 2005/02/09 5:0 a.m.48 views

CVE-2004-0969

The groffer script in the Groff package 1.18 and later versions, as used in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.

2.1CVSS8.6AI score0.00122EPSS
CVE
CVEadded 2005/03/01 5:0 a.m.48 views

CVE-2004-1030

fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to gain sensitive information by calling fcronsighup with an arbitrary file, which reveals the contents of the file that can not be parsed in an error message.

2.1CVSS6AI score0.00071EPSS
CVE
CVEadded 2005/01/27 5:0 a.m.47 views

CVE-2004-0932

McAfee Anti-Virus Engine DATS drivers before 4398 released on Oct 13th 2004 and DATS Driver before 4397 October 6th 2004 allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being...

7.5CVSS6.3AI score0.43585EPSS
CVE
CVEadded 2005/03/01 5:0 a.m.47 views

CVE-2004-1034

Buffer overflow in the http_open function in Kaffeine before 0.5, whose code is also used in gxine before 0.3.3, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long Content-Type header for a Real Audio Media (.ram) playlist file.

10CVSS7.9AI score0.0593EPSS
CVE
CVEadded 2005/01/10 5:0 a.m.47 views

CVE-2004-1117

The init scripts in ChessBrain 20407 and earlier execute user-owned programs with root privileges, which allows local users to gain privileges by modifying the programs.

7.2CVSS6.7AI score0.00046EPSS
CVE
CVEadded 2005/05/02 4:0 a.m.47 views

CVE-2005-1121

Format string vulnerability in the my_xlog function in lib.c for Oops! Proxy Server 1.5.23 and earlier, as called by the auth functions in the passwd_mysql and passwd_pgsql modules, may allow attackers to execute arbitrary code via a URL.

5CVSS7.1AI score0.01029EPSS
CVE
CVEadded 2007/03/19 10:19 p.m.46 views

CVE-2007-1500

The Linux Security Auditing Tool (LSAT) allows local users to overwrite arbitrary files via a symlink attack on temporary files, as demonstrated using /tmp/lsat1.lsat.

4.3CVSS6.2AI score0.00063EPSS
CVE
CVEadded 2005/04/14 4:0 a.m.45 views

CVE-2004-1009

Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors.

5CVSS6.2AI score0.01288EPSS
CVE
CVEadded 2005/04/14 4:0 a.m.45 views

CVE-2004-1093

Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "use of already freed memory."

5CVSS6.3AI score0.0106EPSS
CVE
CVEadded 2006/01/04 12:3 a.m.45 views

CVE-2006-0071

The ebuild for pinentry before 0.7.2-r2 on Gentoo Linux sets setgid bits for pinentry programs, which allows local users to read or overwrite arbitrary files as gid 0.

6.6CVSS6.2AI score0.00053EPSS
CVE
CVEadded 2005/01/10 5:0 a.m.44 views

CVE-2004-1162

The unison command in scponly before 4.0 does not properly restrict programs that can be run, which could allow remote authenticated users to bypass intended access restrictions and execute arbitrary programs via the (1) -rshcmd or (2) -sshcmd flags.

7.5CVSS6.9AI score0.00651EPSS
CVE
CVEadded 2005/01/06 5:0 a.m.44 views

CVE-2004-1336

The xdvizilla script in tetex-bin 2.0.2 creates temporary files with predictable file names, which allows local users to overwrite arbitrary files via a symlink attack.

2.1CVSS6.3AI score0.00064EPSS
CVE
CVEadded 2005/03/01 5:0 a.m.43 views

CVE-2004-1032

fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to delete arbitrary files or create arbitrary empty files via a target filename with a large number of leading slash (/) characters such that fcronsighup does not properly append the intended fcrontab.sig to the res...

2.1CVSS6.2AI score0.00059EPSS
CVE
CVEadded 2005/01/10 5:0 a.m.43 views

CVE-2004-1115

The init scripts in Search for Extraterrestrial Intelligence (SETI) project 3.08-r3 and earlier execute user-owned programs with root privileges, which allows local users to gain privileges by modifying the programs.

7.2CVSS6.7AI score0.00046EPSS
CVE
CVEadded 2005/03/14 5:0 a.m.43 views

CVE-2005-0470

Buffer overflow in wpa_supplicant before 0.2.7 allows remote attackers to cause a denial of service (segmentation fault) via invalid EAPOL-Key packet data.

5CVSS6.8AI score0.01207EPSS
CVE
CVEadded 2008/03/18 10:44 p.m.42 views

CVE-2008-1383

The docert function in ssl-cert.eclass, when used by src_compile or src_install on Gentoo Linux, stores the SSL key in a binpkg, which allows local users to extract the key from the binpkg, and causes multiple systems that use this binpkg to have the same SSL key and certificate.

1.9CVSS6AI score0.00032EPSS
CVE
CVEadded 2005/03/01 5:0 a.m.38 views

CVE-2004-1031

fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to bypass access restrictions and load an arbitrary configuration file by starting an suid process and pointing the fcronsighup configuration file to a /proc entry that is owned by root but modifiable by the user, s...

7.2CVSS6.2AI score0.00047EPSS
CVE
CVEadded 2005/02/24 5:0 a.m.38 views

CVE-2005-0535

Cross-site request forgery (CSRF) vulnerability in MediaWiki 1.3.x before 1.3.11 and 1.4 beta before 1.4 rc1 allows remote attackers to perform unauthorized actions as authenticated MediaWiki users.

7.5CVSS6.6AI score0.00874EPSS
CVE
CVEadded 2005/01/10 5:0 a.m.37 views

CVE-2004-1107

dispatch-conf in Portage 2.0.51-r2 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files.

2.1CVSS6.3AI score0.00072EPSS
Total number of security vulnerabilities87