Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gentoo vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-3508
Integer overflow in the process_envvars function in elf/rtld.c in glibc prior to 2.5-rc4 might allow local users to execute arbitrary code via a large LD_HWCAP_MASK environment variable value. NOTE: the glibc maintainers state that they do not believe that this issue is exploitab...
Gentoo Glibc
NA
CVE-2011-1550
The default configuration of logrotate on SUSE openSUSE Factory uses root privileges to process files in directories that permit non-root write access, which allows local users to conduct symlink and hard link attacks by leveraging logrotate's lack of support for untrusted d...
Gentoo Logrotate
5.5
CVSSv3
CVE-2019-20384
Gentoo Portage up to and including 2.3.84 allows local users to place a Trojan horse plugin in the /usr/lib64/nagios/plugins directory by leveraging access to the nagios user account, because this directory is writable in between a call to emake and a call to fowners.
Gentoo Portage
NA
CVE-2011-1548
The default configuration of logrotate on Debian GNU/Linux uses root privileges to process files in directories that permit non-root write access, which allows local users to conduct symlink and hard link attacks by leveraging logrotate's lack of support for untrusted direct...
Gentoo Logrotate
NA
CVE-2011-1549
The default configuration of logrotate on Gentoo Linux uses root privileges to process files in directories that permit non-root write access, which allows local users to conduct symlink and hard link attacks by leveraging logrotate's lack of support for untrusted directorie...
Gentoo Logrotate
9.8
CVSSv3
CVE-2016-20021
In Gentoo Portage prior to 3.0.47, there is missing PGP validation of executed code: the standalone emerge-webrsync downloads a .gpgsig file but does not perform signature verification. Unless emerge-webrsync is used, Portage is not vulnerable.
Gentoo Portage
NA
CVE-2004-1108
qpkg in Gentoolkit 0.2.0_pre10 and previous versions allows local users to overwrite arbitrary files via a symlink attack on a temporary directory.
Gentoo Linux
7.1
CVSSv3
CVE-2004-2778
Ebuild in Gentoo may change directory and file permissions depending on the order of installed packages, which allows local users to read or write to restricted directories or execute restricted commands via navigating to the affected directories, or executing the affected comman...
Gentoo Portage
NA
CVE-2004-1107
dispatch-conf in Portage 2.0.51-r2 and previous versions allows local users to overwrite arbitrary files via a symlink attack on temporary files.
Gentoo Linux
NA
CVE-2004-1115
The init scripts in Search for Extraterrestrial Intelligence (SETI) project 3.08-r3 and previous versions execute user-owned programs with root privileges, which allows local users to gain privileges by modifying the programs.
Gentoo Linux
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »