Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gentoo vulnerabilities and exploits
(subscribe to this query)
828
VMScore
CVE-2017-16659
The Gentoo mail-filter/assp package 1.9.8.13030 and previous versions allows local users to gain privileges by leveraging access to the assp user account to install a Trojan horse /usr/share/assp/assp.pl script.
Anti-spam Smtp Proxy Project Anti-spam Smtp Proxy
890
VMScore
CVE-2017-16638
The Gentoo net-misc/vde package before version 2.3.2-r4 may allow members of the "qemu" group to gain root privileges by creating a hard link in a directory on which "chown" is called recursively by the OpenRC service script.
Vde Project Vde
642
VMScore
CVE-2017-15945
The installation scripts in the Gentoo dev-db/mysql, dev-db/mariadb, dev-db/percona-server, dev-db/mysql-cluster, and dev-db/mariadb-galera packages prior to 2017-09-29 have chown calls for user-writable directory trees, which allows local users to gain privileges by leveraging a...
Mysql Mysql
Mariadb Mariadb
641
VMScore
CVE-2017-14730
The init script in the Gentoo app-admin/logstash-bin package prior to 5.5.3 and 5.6.x prior to 5.6.1 has "chown -R" calls for user-writable directory trees, which allows local users to gain privileges by leveraging access to a $LS_USER account for creation of a hard lin...
Elasticsearch Logstash 5.0.2
Elasticsearch Logstash 5.1.2
Elasticsearch Logstash 5.4.2
Elasticsearch Logstash 5.5.0
Elasticsearch Logstash 5.2.1
Elasticsearch Logstash 5.3.0
Elasticsearch Logstash 5.3.1
Elasticsearch Logstash 5.3.2
Elasticsearch Logstash 5.5.1
Elasticsearch Logstash 5.5.2
Elasticsearch Logstash 5.6.0
Elasticsearch Logstash 5.0.0
Elasticsearch Logstash 5.0.1
Elasticsearch Logstash 5.1.1
Elasticsearch Logstash 5.2.0
Elasticsearch Logstash 5.4.1
Elasticsearch Logstash 5.4.3
436
VMScore
CVE-2017-14483
flower.initd in the Gentoo dev-python/flower package prior to 0.9.1-r1 for Celery Flower sets PID file ownership to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root ...
Gentoo Dev-python-flower
614
VMScore
CVE-2017-14484
The Gentoo sci-mathematics/gimps package prior to 28.10-r1 for Great Internet Mersenne Prime Search (GIMPS) allows local users to gain privileges by creating a hard link under /var/lib/gimps, because an unsafe "chown -R" command is executed.
Gentoo Sci-mathematics-gimps 28.10
320
VMScore
CVE-2004-2778
Ebuild in Gentoo may change directory and file permissions depending on the order of installed packages, which allows local users to read or write to restricted directories or execute restricted commands via navigating to the affected directories, or executing the affected comman...
Gentoo Portage
1000
VMScore
CVE-2015-8556
Local privilege escalation vulnerability in the Gentoo QEMU package prior to 2.5.0-r1.
Qemu Qemu
1 EDB exploit
605
VMScore
CVE-2014-9622
Eval injection vulnerability in xdg-utils 1.1.0 RC1, when no supported desktop environment is identified, allows context-dependent malicious users to execute arbitrary code via the URL argument to xdg-open.
Gentoo Xdg-utils 1.1.0
641
VMScore
CVE-2013-0347
The Gentoo init script for webfs uses world-readable permissions for /var/log/webfsd.log, which allows local users to have unspecified impact by reading the file.
Webfs Webfs -
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
CVE-2024-20360
CVE-2021-47559
XXE
CVE-2024-5229
CVE-2021-47543
CVE-2021-47571
SSTI
CVE-2024-4978
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »