Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gentoo vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-1880
The default configuration of Firebird prior to 2.0.3.12981.0-r6 on Gentoo Linux sets the ISC_PASSWORD environment variable before starting Firebird, which allows remote malicious users to bypass SYSDBA authentication and obtain sensitive database information via an empty password...
Firebird Firebird 2.0.3.12981.0
Firebird Firebird
NA
CVE-2008-1734
Interpretation conflict in PHP Toolkit prior to 1.0.1 on Gentoo Linux might allow local users to cause a denial of service (PHP outage) and read contents of PHP scripts by creating a file with a one-letter lowercase alphabetic name, which triggers interpretation of a certain unqu...
Gentoo Php Toolkit
Gentoo Php Toolkit 1.0
NA
CVE-2008-1383
The docert function in ssl-cert.eclass, when used by src_compile or src_install on Gentoo Linux, stores the SSL key in a binpkg, which allows local users to extract the key from the binpkg, and causes multiple systems that use this binpkg to have the same SSL key and certificate.
Gentoo Linux
NA
CVE-2008-1078
expn in the am-utils and net-fs packages for Gentoo, rPath Linux, and other distributions, allows local users to overwrite arbitrary files via a symlink attack on the expn[PID] temporary file. NOTE: this is the same issue as CVE-2003-0308.1.
Rpath Rpath Linux
Gentoo Linux
NA
CVE-2008-0386
Xdg-utils 1.0.2 and previous versions allows user-assisted remote malicious users to execute arbitrary commands via shell metacharacters in a URL argument to (1) xdg-open or (2) xdg-email.
Gentoo Xdg-utils
NA
CVE-2007-6249
etc-update in Portage prior to 2.1.3.11 on Gentoo Linux relies on the umask to set permissions for the merge file, often resulting in permissions weaker than those of the original files, which might allow local users to obtain sensitive information by reading the merge file.
Gentoo Portage
NA
CVE-2007-5714
The Gentoo ebuild of MLDonkey prior to 2.9.0-r3 has a p2p user account with an empty default password and valid login shell, which might allow remote malicious users to obtain login access and execute arbitrary code.
Gentoo Mldonkey Ebuild
NA
CVE-2007-4074
The default configuration of Centre for Speech Technology Research (CSTR) Festival 1.95 beta (aka 2.0 beta) on Gentoo Linux, SUSE Linux, and possibly other distributions, is run locally with elevated privileges without requiring authentication, which allows local and remote malic...
Centre For Speech Technology Research Gentoo Linux Festival 1.95 Beta
Suse Suse Linux
NA
CVE-2007-3532
NVIDIA drivers (nvidia-drivers) prior to 1.0.7185, 1.0.9639, and 100.14.11, as used in Gentoo Linux and possibly other distributions, creates /dev/nvidia* device files with insecure permissions, which allows local users to modify video card settings, cause a denial of service (cr...
Nvidia Video Driver
NA
CVE-2007-3531
The set_default_speeds function in backend/backend.c in NVidia NVClock prior to 0.8b2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/nvclock temporary file.
Gentoo Nvclock
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »