Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gentoo vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-3005
The JPEG library in media-libs/jpeg prior to 6b-r7 on Gentoo Linux is built without the -maxmem feature, which could allow context-dependent malicious users to cause a denial of service (memory exhaustion) via a crafted JPEG file that exceeds the intended memory limits.
Gentoo Media-libs Jpeg 6b
Gentoo Linux
NA
CVE-2006-0071
The ebuild for pinentry prior to 0.7.2-r2 on Gentoo Linux sets setgid bits for pinentry programs, which allows local users to read or overwrite arbitrary files as gid 0.
Gentoo App-crypt Pinentry 0.7.2
Gentoo Linux
NA
CVE-2004-0456
Stack-based buffer overflow in pavuk 0.9pl28, 0.9pl27, and possibly other versions allows remote web sites to execute arbitrary code via a long HTTP Location header.
Pavuk Pavuk 0.9pl28i
Pavuk Pavuk 0.928r1
Debian Debian Linux 3.0
Gentoo Linux 1.4
Gentoo Linux 1.1a
Gentoo Linux 1.2
NA
CVE-2004-0386
Buffer overflow in the HTTP parser for MPlayer 1.0pre3 and previous versions, 0.90, and 0.91 allows remote malicious users to execute arbitrary code via a long Location header.
Mplayer Mplayer 0.90 Pre
Mplayer Mplayer 0.90 Rc
Mplayer Mplayer 0.90
Mplayer Mplayer 0.91
Mplayer Mplayer 1.0 Pre1
Mplayer Mplayer 1.0 Pre2
Mplayer Mplayer 1.0 Pre3
Gentoo Linux 0.7
Gentoo Linux 1.1a
Gentoo Linux 0.5
Gentoo Linux 1.4
Mandrakesoft Mandrake Linux 10.0
Mandrakesoft Mandrake Linux 9.2
Gentoo Linux 1.2
1 EDB exploit
NA
CVE-2004-0749
The mod_authz_svn module in Subversion 1.0.7 and previous versions does not properly restrict access to all metadata on unreadable paths, which could allow remote malicious users to gain sensitive information via (1) svn log -v, (2) svn propget, or (3) svn blame, and other comman...
Subversion Subversion 1.0.1
Subversion Subversion 1.0.2
Subversion Subversion 1.1.0 Rc3
Subversion Subversion 1.0.3
Subversion Subversion 1.0.4
Subversion Subversion 1.0.5
Subversion Subversion 1.0.6
Subversion Subversion 1.0.7
Subversion Subversion 1.0
Subversion Subversion 1.1.0 Rc1
Subversion Subversion 1.1.0 Rc2
Gentoo Linux 1.4
Gentoo Linux 0.5
Gentoo Linux 0.7
Gentoo Linux 1.1a
Gentoo Linux 1.2
9.8
CVSSv3
CVE-2023-28424
Soko if the code that powers packages.gentoo.org. Prior to version 1.0.2, the two package search handlers, `Search` and `SearchFeed`, implemented in `pkg/app/handler/packages/search.go`, are affected by a SQL injection via the `q` parameter. As a result, unauthenticated attackers...
Gentoo Soko
9.1
CVSSv3
CVE-2023-26033
Gentoo soko is the code that powers packages.gentoo.org. Versions before 1.0.1 are vulnerable to SQL Injection, leading to a Denial of Service. If the user selects (in user preferences) the "Recently Visited Packages" view for the index page, the value of the `search_hi...
Gentoo Soko
5.5
CVSSv3
CVE-2019-20384
Gentoo Portage up to and including 2.3.84 allows local users to place a Trojan horse plugin in the /usr/lib64/nagios/plugins directory by leveraging access to the nagios user account, because this directory is writable in between a call to emake and a call to fowners.
Gentoo Portage
NA
CVE-2007-6249
etc-update in Portage prior to 2.1.3.11 on Gentoo Linux relies on the umask to set permissions for the merge file, often resulting in permissions weaker than those of the original files, which might allow local users to obtain sensitive information by reading the merge file.
Gentoo Portage
NA
CVE-2004-1107
dispatch-conf in Portage 2.0.51-r2 and previous versions allows local users to overwrite arbitrary files via a symlink attack on temporary files.
Gentoo Linux
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »