Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gentoo linux vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2020-5208
It's been found that multiple functions in ipmitool prior to 1.8.19 neglect proper checking of the data received from a remote LAN party, which may lead to buffer overflows and potentially to remote code execution on the ipmitool side. This is especially dangerous if ipmitoo...
Ipmitool Project Ipmitool 1.8.18
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Opensuse Leap 15.1
7.8
CVSSv3
CVE-2019-19882
shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing -...
Shadow Project Shadow 4.8
5.9
CVSSv3
CVE-2023-48795
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH prior to 9.6 and other products, allows remote malicious users to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may conseque...
Openbsd Openssh
Putty Putty
Filezilla-project Filezilla Client
Microsoft Powershell
Panic Transmit 5
Panic Nova
Roumenpetrov Pkixssh
Winscp Winscp
Bitvise Ssh Client
Bitvise Ssh Server
Lancom-systems Lcos
Lancom-systems Lcos Fx -
Lancom-systems Lcos Lx -
Lancom-systems Lcos Sx 5.20
Lancom-systems Lcos Sx 4.20
Lancom-systems Lanconfig -
Vandyke Securecrt
Libssh Libssh
Net-ssh Net-ssh 7.2.0
Ssh2 Project Ssh2
Proftpd Proftpd
Freebsd Freebsd
8 Github repositories
1 Article
5.5
CVSSv3
CVE-2004-1901
Portage prior to 2.0.50-r3 allows local users to overwrite arbitrary files via a hard link attack on the lockfiles.
Gentoo Linux 1.4
Gentoo Portage
Gentoo Portage 2.0.50
NA
CVE-2014-4909
Integer overflow in the tr_bitfieldEnsureNthBitAlloced function in bitfield.c in Transmission prior to 2.84 allows remote malicious users to cause a denial of service and possibly execute arbitrary code via a crafted peer message, which triggers an out-of-bounds write.
Canonical Ubuntu Linux 13.10
Canonical Ubuntu Linux 14.04
Gentoo Linux
Fedoraproject Fedora 20
Canonical Ubuntu Linux 12.04
Transmissionbt Transmission 2.75
Transmissionbt Transmission 2.74
Transmissionbt Transmission 2.52
Transmissionbt Transmission 2.51
Transmissionbt Transmission 2.31
Transmissionbt Transmission 2.30
Transmissionbt Transmission 2.04
Transmissionbt Transmission 2.03
Transmissionbt Transmission 1.90
Transmissionbt Transmission 1.83
Transmissionbt Transmission 1.74
Transmissionbt Transmission 1.73
Transmissionbt Transmission 1.52
Transmissionbt Transmission 1.51
Transmissionbt Transmission 1.32
Transmissionbt Transmission 1.31
Transmissionbt Transmission 1.10
NA
CVE-2013-0348
thttpd.c in sthttpd prior to 2.26.4-r2 and thttpd 2.25b use world-readable permissions for /var/log/thttpd.log, which allows local users to obtain sensitive information by reading the file.
Open Source Development Team Sthttpd 2.26.3
Open Source Development Team Sthttpd 2.26
Open Source Development Team Sthttpd 2.26.1
Open Source Development Team Sthttpd 2.26.2
Open Source Development Team Sthttpd
Fedoraproject Fedora 17
Fedoraproject Fedora 18
Opensuse Opensuse 12.3
Opensuse Opensuse 12.2
Gentoo Linux
Opensuse Opensuse 13.1
Acme Thttpd 2.25
NA
CVE-2013-2032
MediaWiki prior to 1.19.6 and 1.20.x prior to 1.20.5 does not allow extensions to prevent password changes without using both Special:PasswordReset and Special:ChangePassword, which allows remote malicious users to bypass the intended restrictions of an extension that only implem...
Mediawiki Mediawiki 1.19.3
Mediawiki Mediawiki 1.19.1
Mediawiki Mediawiki 1.18.3
Mediawiki Mediawiki 1.18.1
Mediawiki Mediawiki 1.18.0
Mediawiki Mediawiki 1.17.2
Mediawiki Mediawiki 1.17.0
Mediawiki Mediawiki 1.16.0
Mediawiki Mediawiki 1.15.1
Mediawiki Mediawiki 1.15.0
Mediawiki Mediawiki 1.14.0
Mediawiki Mediawiki 1.13.1
Mediawiki Mediawiki 1.13.0
Mediawiki Mediawiki 1.12.0
Mediawiki Mediawiki 1.11.1
Mediawiki Mediawiki 1.10.3
Mediawiki Mediawiki 1.10.1
Mediawiki Mediawiki 1.10.0
Mediawiki Mediawiki 1.19.0
Mediawiki Mediawiki 1.19
Mediawiki Mediawiki 1.17
Mediawiki Mediawiki 1.16.2
NA
CVE-2013-2031
MediaWiki prior to 1.19.6 and 1.20.x prior to 1.20.5 allows remote malicious users to conduct cross-site scripting (XSS) attacks, as demonstrated by a CDATA section containing valid UTF-7 encoded sequences in a SVG file, which is then incorrectly interpreted as UTF-8 by Chrome an...
Gentoo Linux
Mediawiki Mediawiki
Mediawiki Mediawiki 1.19.4
Mediawiki Mediawiki 1.19
Mediawiki Mediawiki 1.18.3
Mediawiki Mediawiki 1.17.3
Mediawiki Mediawiki 1.17.2
Mediawiki Mediawiki 1.16.1
Mediawiki Mediawiki 1.16.0
Mediawiki Mediawiki 1.15.2
Mediawiki Mediawiki 1.15.1
Mediawiki Mediawiki 1.15.0
Mediawiki Mediawiki 1.13.2
Mediawiki Mediawiki 1.13.1
Mediawiki Mediawiki 1.12.1
Mediawiki Mediawiki 1.12.0
Mediawiki Mediawiki 1.20.4
Mediawiki Mediawiki 1.20.3
Mediawiki Mediawiki 1.19.1
Mediawiki Mediawiki 1.19.0
Mediawiki Mediawiki 1.18.0
Mediawiki Mediawiki 1.18
NA
CVE-2010-1159
Multiple heap-based buffer overflows in Aircrack-ng prior to 1.1 allow remote malicious users to cause a denial of service (crash) and execute arbitrary code via a (1) large length value in an EAPOL packet or (2) long EAPOL packet.
Aircrack-ng Aircrack-ng
Aircrack-ng Aircrack-ng 1.0
Aircrack-ng Aircrack-ng 0.5
Aircrack-ng Aircrack-ng 0.4.4
Aircrack-ng Aircrack-ng 0.4.3
Aircrack-ng Aircrack-ng 0.4.2
Aircrack-ng Aircrack-ng 0.9.2
Aircrack-ng Aircrack-ng 0.9.1
Aircrack-ng Aircrack-ng 0.9
Aircrack-ng Aircrack-ng 0.8
Aircrack-ng Aircrack-ng 0.2
Aircrack-ng Aircrack-ng 0.1
Gentoo Linux
Aircrack-ng Aircrack-ng 0.6.2
Aircrack-ng Aircrack-ng 0.6
Aircrack-ng Aircrack-ng 0.4.1
Aircrack-ng Aircrack-ng 0.3
Aircrack-ng Aircrack-ng 0.9.3
Aircrack-ng Aircrack-ng 0.7
Aircrack-ng Aircrack-ng 0.6.1
Aircrack-ng Aircrack-ng 0.4
Aircrack-ng Aircrack-ng 0.2.1
1 EDB exploit
NA
CVE-2012-0056
The mem_write function in the Linux kernel prior to 3.2.2, when ASLR is disabled, does not properly check permissions when writing to /proc/<pid>/mem, which allows local users to gain privileges by modifying process memory, as demonstrated by Mempodipper.
Linux Linux Kernel
2 EDB exploits
25 Github repositories
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »