Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gentoo portage vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2013-2100
The urlopen function in pym/portage/util/_urlopen.py in Gentoo Portage 2.1.12, when using HTTPS, does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and modify binary package lists via a crafted certificate.
Gentoo Portage 2.1.12
7.2
CVSSv2
CVE-2005-4442
Untrusted search path vulnerability in OpenLDAP prior to 2.2.28-r3 on Gentoo Linux allows local users in the portage group to gain privileges via a malicious shared object in the Portage temporary build directory, which is part of the RUNPATH.
Openldap Openldap 2.0.13
Openldap Openldap 2.0.15
Openldap Openldap 2.0.21
Openldap Openldap 2.0.23
Openldap Openldap 2.0.3
Openldap Openldap 2.0.5
Openldap Openldap 2.1.12
Openldap Openldap 2.1.14
Openldap Openldap 2.1.20
Openldap Openldap 2.1.22
Openldap Openldap 2.1.27
Openldap Openldap 2.1.29
Openldap Openldap 2.1.8
Openldap Openldap 2.2.10
Openldap Openldap 2.2.17
Openldap Openldap 2.2.19
Openldap Openldap 2.2.24
Openldap Openldap 2.2.26
Openldap Openldap 2.2.9
Openldap Openldap 2.0.12
Openldap Openldap 2.0.14
Openldap Openldap 2.0.16
7.2
CVSSv2
CVE-2005-4443
Untrusted search path vulnerability in Gauche prior to 0.8.6-r1 on Gentoo Linux allows local users in the portage group to gain privileges via a malicious shared object in the Portage temporary build directory, which is part of the RUNPATH.
Gauche Gauche 0.8
Gauche Gauche 0.8.5
Gauche Gauche 0.8.1
Gauche Gauche 0.8.2
Gauche Gauche 0.8.3
Gauche Gauche 0.8.4
7.2
CVSSv2
CVE-2005-4279
Untrusted search path vulnerability in Qt-UnixODBC prior to 3.3.4-r1 on Gentoo Linux allows local users in the portage group to gain privileges via a malicious shared object in the Portage temporary build directory, which is part of the RUNPATH.
Gentoo Qt-unixodbc
7.2
CVSSv2
CVE-2005-4280
Untrusted search path vulnerability in CMake prior to 2.2.0-r1 on Gentoo Linux allows local users in the portage group to gain privileges via a malicious shared object in the Portage temporary build directory, which is part of the RUNPATH.
7.2
CVSSv2
CVE-2005-4278
Untrusted search path vulnerability in Perl prior to 5.8.7-r1 on Gentoo Linux allows local users in the portage group to gain privileges via a malicious shared object in the Portage temporary build directory, which is part of the RUNPATH.
Larry Wall Perl 5.4
Larry Wall Perl 5.4.5
Larry Wall Perl 5.8.4.1
Larry Wall Perl 5.8.4.2
Larry Wall Perl 5.3
Larry Wall Perl 5.8.3
Larry Wall Perl 5.8.4
Larry Wall Perl
Larry Wall Perl 5.5
Larry Wall Perl 5.5.3
Larry Wall Perl 5.6.1
Larry Wall Perl 5.8.4.2.3
Larry Wall Perl 5.8.4.3
Larry Wall Perl 5.8.0
Larry Wall Perl 5.8.1
Larry Wall Perl 5.8.4.4
Larry Wall Perl 5.8.4.5
7.2
CVSSv2
CVE-2005-0457
Opera 7.54 and previous versions on Gentoo Linux uses an insecure path for plugins, which could allow local users to gain privileges by inserting malicious libraries into the PORTAGE_TMPDIR (portage) temporary directory.
Opera Opera Browser
6.9
CVSSv2
CVE-2008-4394
Multiple untrusted search path vulnerabilities in Portage prior to 2.1.4.5 include the current working directory in the Python search path, which allows local users to execute arbitrary code via a modified Python module that is loaded by the (1) ys-apps/portage, (2) net-mail/fetc...
Gentoo Portage 2.1.3.11
Gentoo Portage 2.1.3.10
Gentoo Portage
Gentoo Portage 2.1.1
Gentoo Portage 2.0.51.22
4.6
CVSSv2
CVE-2004-1901
Portage prior to 2.0.50-r3 allows local users to overwrite arbitrary files via a hard link attack on the lockfiles.
Gentoo Linux 1.4
Gentoo Portage
Gentoo Portage 2.0.50
3.6
CVSSv2
CVE-2004-2778
Ebuild in Gentoo may change directory and file permissions depending on the order of installed packages, which allows local users to read or write to restricted directories or execute restricted commands via navigating to the affected directories, or executing the affected comman...
Gentoo Portage
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »