Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gentoo vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2013-2100
The urlopen function in pym/portage/util/_urlopen.py in Gentoo Portage 2.1.12, when using HTTPS, does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and modify binary package lists via a crafted certificate.
Gentoo Portage 2.1.12
6.8
CVSSv2
CVE-2014-4909
Integer overflow in the tr_bitfieldEnsureNthBitAlloced function in bitfield.c in Transmission prior to 2.84 allows remote malicious users to cause a denial of service and possibly execute arbitrary code via a crafted peer message, which triggers an out-of-bounds write.
Canonical Ubuntu Linux 13.10
Canonical Ubuntu Linux 14.04
Gentoo Linux
Fedoraproject Fedora 20
Canonical Ubuntu Linux 12.04
Transmissionbt Transmission 2.75
Transmissionbt Transmission 2.74
Transmissionbt Transmission 2.52
Transmissionbt Transmission 2.51
Transmissionbt Transmission 2.31
Transmissionbt Transmission 2.30
Transmissionbt Transmission 2.04
Transmissionbt Transmission 2.03
Transmissionbt Transmission 1.90
Transmissionbt Transmission 1.83
Transmissionbt Transmission 1.74
Transmissionbt Transmission 1.73
Transmissionbt Transmission 1.52
Transmissionbt Transmission 1.51
Transmissionbt Transmission 1.32
Transmissionbt Transmission 1.31
Transmissionbt Transmission 1.10
5
CVSSv2
CVE-2013-4223
The Gentoo Nullmailer package prior to 1.11-r2 uses world-readable permissions for /etc/nullmailer/remotes, which allows local users to obtain SMTP authentication credentials by reading the file.
Gentoo Nullmailer 1.11
2.1
CVSSv2
CVE-2013-4285
A certain Gentoo patch for the PAM S/Key module does not properly clear credentials from memory, which allows local users to obtain sensitive information by reading system memory.
Dkorunic Pam S\\/key -
2.1
CVSSv2
CVE-2013-0348
thttpd.c in sthttpd prior to 2.26.4-r2 and thttpd 2.25b use world-readable permissions for /var/log/thttpd.log, which allows local users to obtain sensitive information by reading the file.
Open Source Development Team Sthttpd 2.26.3
Open Source Development Team Sthttpd 2.26
Open Source Development Team Sthttpd 2.26.1
Open Source Development Team Sthttpd 2.26.2
Open Source Development Team Sthttpd
Fedoraproject Fedora 17
Fedoraproject Fedora 18
Opensuse Opensuse 12.3
Opensuse Opensuse 12.2
Gentoo Linux
Opensuse Opensuse 13.1
Acme Thttpd 2.25
4.3
CVSSv2
CVE-2013-2031
MediaWiki prior to 1.19.6 and 1.20.x prior to 1.20.5 allows remote malicious users to conduct cross-site scripting (XSS) attacks, as demonstrated by a CDATA section containing valid UTF-7 encoded sequences in a SVG file, which is then incorrectly interpreted as UTF-8 by Chrome an...
Gentoo Linux
Mediawiki Mediawiki
Mediawiki Mediawiki 1.19.4
Mediawiki Mediawiki 1.19
Mediawiki Mediawiki 1.18.3
Mediawiki Mediawiki 1.17.3
Mediawiki Mediawiki 1.17.2
Mediawiki Mediawiki 1.16.1
Mediawiki Mediawiki 1.16.0
Mediawiki Mediawiki 1.15.2
Mediawiki Mediawiki 1.15.1
Mediawiki Mediawiki 1.15.0
Mediawiki Mediawiki 1.13.2
Mediawiki Mediawiki 1.13.1
Mediawiki Mediawiki 1.12.1
Mediawiki Mediawiki 1.12.0
Mediawiki Mediawiki 1.20.4
Mediawiki Mediawiki 1.20.3
Mediawiki Mediawiki 1.19.1
Mediawiki Mediawiki 1.19.0
Mediawiki Mediawiki 1.18.0
Mediawiki Mediawiki 1.18
5
CVSSv2
CVE-2013-2032
MediaWiki prior to 1.19.6 and 1.20.x prior to 1.20.5 does not allow extensions to prevent password changes without using both Special:PasswordReset and Special:ChangePassword, which allows remote malicious users to bypass the intended restrictions of an extension that only implem...
Mediawiki Mediawiki 1.19.3
Mediawiki Mediawiki 1.19.1
Mediawiki Mediawiki 1.18.3
Mediawiki Mediawiki 1.18.1
Mediawiki Mediawiki 1.18.0
Mediawiki Mediawiki 1.17.2
Mediawiki Mediawiki 1.17.0
Mediawiki Mediawiki 1.16.0
Mediawiki Mediawiki 1.15.1
Mediawiki Mediawiki 1.15.0
Mediawiki Mediawiki 1.14.0
Mediawiki Mediawiki 1.13.1
Mediawiki Mediawiki 1.13.0
Mediawiki Mediawiki 1.12.0
Mediawiki Mediawiki 1.11.1
Mediawiki Mediawiki 1.10.3
Mediawiki Mediawiki 1.10.1
Mediawiki Mediawiki 1.10.0
Mediawiki Mediawiki 1.19.0
Mediawiki Mediawiki 1.19
Mediawiki Mediawiki 1.17
Mediawiki Mediawiki 1.16.2
6.8
CVSSv2
CVE-2010-1159
Multiple heap-based buffer overflows in Aircrack-ng prior to 1.1 allow remote malicious users to cause a denial of service (crash) and execute arbitrary code via a (1) large length value in an EAPOL packet or (2) long EAPOL packet.
Aircrack-ng Aircrack-ng
Aircrack-ng Aircrack-ng 1.0
Aircrack-ng Aircrack-ng 0.5
Aircrack-ng Aircrack-ng 0.4.4
Aircrack-ng Aircrack-ng 0.4.3
Aircrack-ng Aircrack-ng 0.4.2
Aircrack-ng Aircrack-ng 0.9.2
Aircrack-ng Aircrack-ng 0.9.1
Aircrack-ng Aircrack-ng 0.9
Aircrack-ng Aircrack-ng 0.8
Aircrack-ng Aircrack-ng 0.2
Aircrack-ng Aircrack-ng 0.1
Gentoo Linux
Aircrack-ng Aircrack-ng 0.6.2
Aircrack-ng Aircrack-ng 0.6
Aircrack-ng Aircrack-ng 0.4.1
Aircrack-ng Aircrack-ng 0.3
Aircrack-ng Aircrack-ng 0.9.3
Aircrack-ng Aircrack-ng 0.7
Aircrack-ng Aircrack-ng 0.6.1
Aircrack-ng Aircrack-ng 0.4
Aircrack-ng Aircrack-ng 0.2.1
1 EDB exploit
6.8
CVSSv2
CVE-2012-4893
Multiple cross-site request forgery (CSRF) vulnerabilities in file/show.cgi in Webmin 1.590 and previous versions allow remote malicious users to hijack the authentication of privileged users for requests that (1) read files or execute (2) tar, (3) zip, or (4) gzip commands, a di...
Gentoo Webmin 1.500
Gentoo Webmin 1.480
Gentoo Webmin 1.470
Gentoo Webmin 1.450
Gentoo Webmin 1.290
Gentoo Webmin 1.280
Gentoo Webmin 1.270
Gentoo Webmin 1.260
Gentoo Webmin 1.560
Gentoo Webmin 1.520
Gentoo Webmin 1.430
Gentoo Webmin 1.410
Gentoo Webmin 1.320
Gentoo Webmin 1.300
Gentoo Webmin 1.240
Gentoo Webmin 1.220
Gentoo Webmin 1.140
Gentoo Webmin
Gentoo Webmin 1.580
Gentoo Webmin 1.570
Gentoo Webmin 1.550
Gentoo Webmin 1.390
6.5
CVSSv2
CVE-2012-2982
file/show.cgi in Webmin 1.590 and previous versions allows remote authenticated users to execute arbitrary commands via an invalid character in a pathname, as demonstrated by a | (pipe) character.
Gentoo Webmin 1.520
Gentoo Webmin 1.510
Gentoo Webmin 1.420
Gentoo Webmin 1.410
Gentoo Webmin 1.400
Gentoo Webmin 1.310
Gentoo Webmin 1.300
Gentoo Webmin 1.220
Gentoo Webmin 1.210
Gentoo Webmin
Gentoo Webmin 1.580
Gentoo Webmin 1.500
Gentoo Webmin 1.480
Gentoo Webmin 1.390
Gentoo Webmin 1.380
Gentoo Webmin 1.290
Gentoo Webmin 1.280
Gentoo Webmin 1.200
Gentoo Webmin 1.180
Gentoo Webmin 1.560
Gentoo Webmin 1.530
Gentoo Webmin 1.440
1 EDB exploit
17 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
CVE-2006-4304
CVE-2023-26603
CVE-2024-28327
CVE-2023-50363
CVE-2024-21905
template injection
CVE-2024-3400
cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »