Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gentoo vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2015-8556
Local privilege escalation vulnerability in the Gentoo QEMU package prior to 2.5.0-r1.
Qemu Qemu
1 EDB exploit
605
VMScore
CVE-2014-9622
Eval injection vulnerability in xdg-utils 1.1.0 RC1, when no supported desktop environment is identified, allows context-dependent malicious users to execute arbitrary code via the URL argument to xdg-open.
Gentoo Xdg-utils 1.1.0
641
VMScore
CVE-2013-0347
The Gentoo init script for webfs uses world-readable permissions for /var/log/webfsd.log, which allows local users to have unspecified impact by reading the file.
Webfs Webfs -
828
VMScore
CVE-2013-2100
The urlopen function in pym/portage/util/_urlopen.py in Gentoo Portage 2.1.12, when using HTTPS, does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and modify binary package lists via a crafted certificate.
Gentoo Portage 2.1.12
605
VMScore
CVE-2014-4909
Integer overflow in the tr_bitfieldEnsureNthBitAlloced function in bitfield.c in Transmission prior to 2.84 allows remote malicious users to cause a denial of service and possibly execute arbitrary code via a crafted peer message, which triggers an out-of-bounds write.
Canonical Ubuntu Linux 13.10
Canonical Ubuntu Linux 14.04
Gentoo Linux
Fedoraproject Fedora 20
Canonical Ubuntu Linux 12.04
Transmissionbt Transmission 2.75
Transmissionbt Transmission 2.74
Transmissionbt Transmission 2.52
Transmissionbt Transmission 2.51
Transmissionbt Transmission 2.31
Transmissionbt Transmission 2.30
Transmissionbt Transmission 2.04
Transmissionbt Transmission 2.03
Transmissionbt Transmission 1.90
Transmissionbt Transmission 1.83
Transmissionbt Transmission 1.74
Transmissionbt Transmission 1.73
Transmissionbt Transmission 1.52
Transmissionbt Transmission 1.51
Transmissionbt Transmission 1.32
Transmissionbt Transmission 1.31
Transmissionbt Transmission 1.10
445
VMScore
CVE-2013-4223
The Gentoo Nullmailer package prior to 1.11-r2 uses world-readable permissions for /etc/nullmailer/remotes, which allows local users to obtain SMTP authentication credentials by reading the file.
Gentoo Nullmailer 1.11
187
VMScore
CVE-2013-4285
A certain Gentoo patch for the PAM S/Key module does not properly clear credentials from memory, which allows local users to obtain sensitive information by reading system memory.
Dkorunic Pam S\\/key -
187
VMScore
CVE-2013-0348
thttpd.c in sthttpd prior to 2.26.4-r2 and thttpd 2.25b use world-readable permissions for /var/log/thttpd.log, which allows local users to obtain sensitive information by reading the file.
Open Source Development Team Sthttpd 2.26.3
Open Source Development Team Sthttpd 2.26
Open Source Development Team Sthttpd 2.26.1
Open Source Development Team Sthttpd 2.26.2
Open Source Development Team Sthttpd
Fedoraproject Fedora 17
Fedoraproject Fedora 18
Opensuse Opensuse 12.3
Opensuse Opensuse 12.2
Gentoo Linux
Opensuse Opensuse 13.1
Acme Thttpd 2.25
383
VMScore
CVE-2013-2031
MediaWiki prior to 1.19.6 and 1.20.x prior to 1.20.5 allows remote malicious users to conduct cross-site scripting (XSS) attacks, as demonstrated by a CDATA section containing valid UTF-7 encoded sequences in a SVG file, which is then incorrectly interpreted as UTF-8 by Chrome an...
Gentoo Linux
Mediawiki Mediawiki
Mediawiki Mediawiki 1.19.4
Mediawiki Mediawiki 1.19
Mediawiki Mediawiki 1.18.3
Mediawiki Mediawiki 1.17.3
Mediawiki Mediawiki 1.17.2
Mediawiki Mediawiki 1.16.1
Mediawiki Mediawiki 1.16.0
Mediawiki Mediawiki 1.15.2
Mediawiki Mediawiki 1.15.1
Mediawiki Mediawiki 1.15.0
Mediawiki Mediawiki 1.13.2
Mediawiki Mediawiki 1.13.1
Mediawiki Mediawiki 1.12.1
Mediawiki Mediawiki 1.12.0
Mediawiki Mediawiki 1.20.4
Mediawiki Mediawiki 1.20.3
Mediawiki Mediawiki 1.19.1
Mediawiki Mediawiki 1.19.0
Mediawiki Mediawiki 1.18.0
Mediawiki Mediawiki 1.18
445
VMScore
CVE-2013-2032
MediaWiki prior to 1.19.6 and 1.20.x prior to 1.20.5 does not allow extensions to prevent password changes without using both Special:PasswordReset and Special:ChangePassword, which allows remote malicious users to bypass the intended restrictions of an extension that only implem...
Mediawiki Mediawiki 1.19.3
Mediawiki Mediawiki 1.19.1
Mediawiki Mediawiki 1.18.3
Mediawiki Mediawiki 1.18.1
Mediawiki Mediawiki 1.18.0
Mediawiki Mediawiki 1.17.2
Mediawiki Mediawiki 1.17.0
Mediawiki Mediawiki 1.16.0
Mediawiki Mediawiki 1.15.1
Mediawiki Mediawiki 1.15.0
Mediawiki Mediawiki 1.14.0
Mediawiki Mediawiki 1.13.1
Mediawiki Mediawiki 1.13.0
Mediawiki Mediawiki 1.12.0
Mediawiki Mediawiki 1.11.1
Mediawiki Mediawiki 1.10.3
Mediawiki Mediawiki 1.10.1
Mediawiki Mediawiki 1.10.0
Mediawiki Mediawiki 1.19.0
Mediawiki Mediawiki 1.19
Mediawiki Mediawiki 1.17
Mediawiki Mediawiki 1.16.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »