Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gentoo vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-4279
Untrusted search path vulnerability in Qt-UnixODBC prior to 3.3.4-r1 on Gentoo Linux allows local users in the portage group to gain privileges via a malicious shared object in the Portage temporary build directory, which is part of the RUNPATH.
Gentoo Qt-unixodbc
NA
CVE-2013-4223
The Gentoo Nullmailer package prior to 1.11-r2 uses world-readable permissions for /etc/nullmailer/remotes, which allows local users to obtain SMTP authentication credentials by reading the file.
Gentoo Nullmailer 1.11
9.8
CVSSv3
CVE-2020-36770
pkg_postinst in the Gentoo ebuild for Slurm up to and including 22.05.3 unnecessarily calls chown to assign root's ownership on files in the live root filesystem. This could be exploited by the slurm user to become the owner of root-owned files.
Gentoo Ebuild For Slurm
5.5
CVSSv3
CVE-2017-14483
flower.initd in the Gentoo dev-python/flower package prior to 0.9.1-r1 for Celery Flower sets PID file ownership to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root ...
Gentoo Dev-python-flower
NA
CVE-2014-9622
Eval injection vulnerability in xdg-utils 1.1.0 RC1, when no supported desktop environment is identified, allows context-dependent malicious users to execute arbitrary code via the URL argument to xdg-open.
Gentoo Xdg-utils 1.1.0
NA
CVE-2005-1707
The fn_show_postinst function in Gentoo webapp-config prior to 1.10-r14 allows local users to overwrite arbitrary files via a symlink attack on the postinst.txt temporary file.
Gentoo Linux Webapp-config 1.10
1 EDB exploit
7.3
CVSSv3
CVE-2017-14484
The Gentoo sci-mathematics/gimps package prior to 28.10-r1 for Great Internet Mersenne Prime Search (GIMPS) allows local users to gain privileges by creating a hard link under /var/lib/gimps, because an unsafe "chown -R" command is executed.
Gentoo Sci-mathematics-gimps 28.10
NA
CVE-2008-1078
expn in the am-utils and net-fs packages for Gentoo, rPath Linux, and other distributions, allows local users to overwrite arbitrary files via a symlink attack on the expn[PID] temporary file. NOTE: this is the same issue as CVE-2003-0308.1.
Rpath Rpath Linux
Gentoo Linux
NA
CVE-2004-1336
The xdvizilla script in tetex-bin 2.0.2 creates temporary files with predictable file names, which allows local users to overwrite arbitrary files via a symlink attack.
Debian Tetex-bin 2.0.2
Gentoo Linux
NA
CVE-2007-2026
The gnu regular expression code in file 4.20 allows context-dependent malicious users to cause a denial of service (CPU consumption) via a crafted document with a large number of line feed characters, which is not well handled by OS/2 REXX regular expressions that use wildcards, ...
Amavis Virus Scanner
Gentoo File 4.20
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »