Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gentoo linux vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2007-4074
The default configuration of Centre for Speech Technology Research (CSTR) Festival 1.95 beta (aka 2.0 beta) on Gentoo Linux, SUSE Linux, and possibly other distributions, is run locally with elevated privileges without requiring authentication, which allows local and remote malic...
Centre For Speech Technology Research Gentoo Linux Festival 1.95 Beta
Suse Suse Linux
7.2
CVSSv2
CVE-2007-3532
NVIDIA drivers (nvidia-drivers) prior to 1.0.7185, 1.0.9639, and 100.14.11, as used in Gentoo Linux and possibly other distributions, creates /dev/nvidia* device files with insecure permissions, which allows local users to modify video card settings, cause a denial of service (cr...
Nvidia Video Driver
10
CVSSv2
CVE-2007-2173
Eval injection vulnerability in (1) courier-imapd.indirect and (2) courier-pop3d.indirect in Courier-IMAP prior to 4.0.6-r2, and 4.1.x prior to 4.1.2-r1, on Gentoo Linux allows remote malicious users to execute arbitrary commands via the XMAILDIR variable, related to the LOGINRUN...
Double Precision Incorporated Courier-imap 4.0.0
Double Precision Incorporated Courier-imap 4.0.1
Double Precision Incorporated Courier-imap 4.1.0
Double Precision Incorporated Courier-imap 4.1.1
Double Precision Incorporated Courier-imap 4.0.2
Double Precision Incorporated Courier-imap 4.0.3
Double Precision Incorporated Courier-imap 4.0.4
Double Precision Incorporated Courier-imap 4.0.5
2.1
CVSSv2
CVE-2007-1856
Vixie Cron prior to 4.1-r10 on Gentoo Linux is installed with insecure permissions, which allows local users to cause a denial of service (cron failure) by creating hard links, which results in a failed st_nlink check in database.c.
Paul Vixie Vixie Cron
4.3
CVSSv2
CVE-2007-1500
The Linux Security Auditing Tool (LSAT) allows local users to overwrite arbitrary files via a symlink attack on temporary files, as demonstrated using /tmp/lsat1.lsat.
Gentoo Linux
8.5
CVSSv2
CVE-2006-7094
ftpd, as used by Gentoo and Debian Linux, sets the gid to the effective uid instead of the effective group id before executing /bin/ls, which allows remote authenticated users to list arbitrary directories with the privileges of gid 0 and possibly enable additional attack vectors...
Ftpd Ftpd
5
CVSSv2
CVE-2007-0664
thttpd prior to 2.25b-r6 in Gentoo Linux is started from the system root directory (/) by the Gentoo baselayout 1.12.6 package, which allows remote malicious users to read arbitrary files.
Acme Labs Thttpd
4.6
CVSSv2
CVE-2007-0476
The gencert.sh script, when installing OpenLDAP prior to 2.1.30-r10, 2.2.x prior to 2.2.28-r7, and 2.3.x prior to 2.3.30-r2 as an ebuild in Gentoo Linux, does not create temporary directories in /tmp securely during emerge, which allows local users to overwrite arbitrary files vi...
Gentoo Linux 2.2.28
Gentoo Linux 2.3.30
Gentoo Linux 2.1.30
5
CVSSv2
CVE-2006-3005
The JPEG library in media-libs/jpeg prior to 6b-r7 on Gentoo Linux is built without the -maxmem feature, which could allow context-dependent malicious users to cause a denial of service (memory exhaustion) via a crafted JPEG file that exceeds the intended memory limits.
Gentoo Media-libs Jpeg 6b
Gentoo Linux
7.5
CVSSv2
CVE-2006-1539
Multiple buffer overflows in the checkscores function in scores.c in tetris-bsd in bsd-games prior to 2.17-r1 in Gentoo Linux might allow local users with games group membership to gain privileges by modifying tetris-bsd.scores to contain crafted executable content, which is exec...
Bsd-games Tetris-bsd Gold
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »