Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gentoo vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2006-3005
The JPEG library in media-libs/jpeg prior to 6b-r7 on Gentoo Linux is built without the -maxmem feature, which could allow context-dependent malicious users to cause a denial of service (memory exhaustion) via a crafted JPEG file that exceeds the intended memory limits.
Gentoo Media-libs Jpeg 6b
Gentoo Linux
6.6
CVSSv2
CVE-2006-0071
The ebuild for pinentry prior to 0.7.2-r2 on Gentoo Linux sets setgid bits for pinentry programs, which allows local users to read or overwrite arbitrary files as gid 0.
Gentoo App-crypt Pinentry 0.7.2
Gentoo Linux
7.6
CVSSv2
CVE-2004-0456
Stack-based buffer overflow in pavuk 0.9pl28, 0.9pl27, and possibly other versions allows remote web sites to execute arbitrary code via a long HTTP Location header.
Pavuk Pavuk 0.9pl28i
Pavuk Pavuk 0.928r1
Debian Debian Linux 3.0
Gentoo Linux 1.4
Gentoo Linux 1.1a
Gentoo Linux 1.2
10
CVSSv2
CVE-2004-0386
Buffer overflow in the HTTP parser for MPlayer 1.0pre3 and previous versions, 0.90, and 0.91 allows remote malicious users to execute arbitrary code via a long Location header.
Mplayer Mplayer 0.90 Pre
Mplayer Mplayer 0.90 Rc
Mplayer Mplayer 0.90
Mplayer Mplayer 0.91
Mplayer Mplayer 1.0 Pre1
Mplayer Mplayer 1.0 Pre2
Mplayer Mplayer 1.0 Pre3
Gentoo Linux 0.7
Gentoo Linux 1.1a
Gentoo Linux 0.5
Gentoo Linux 1.4
Mandrakesoft Mandrake Linux 10.0
Mandrakesoft Mandrake Linux 9.2
Gentoo Linux 1.2
1 EDB exploit
5
CVSSv2
CVE-2004-0749
The mod_authz_svn module in Subversion 1.0.7 and previous versions does not properly restrict access to all metadata on unreadable paths, which could allow remote malicious users to gain sensitive information via (1) svn log -v, (2) svn propget, or (3) svn blame, and other comman...
Subversion Subversion 1.0.1
Subversion Subversion 1.0.2
Subversion Subversion 1.1.0 Rc3
Subversion Subversion 1.0.3
Subversion Subversion 1.0.4
Subversion Subversion 1.0.5
Subversion Subversion 1.0.6
Subversion Subversion 1.0.7
Subversion Subversion 1.0
Subversion Subversion 1.1.0 Rc1
Subversion Subversion 1.1.0 Rc2
Gentoo Linux 1.4
Gentoo Linux 0.5
Gentoo Linux 0.7
Gentoo Linux 1.1a
Gentoo Linux 1.2
NA
CVE-2016-20021
In Gentoo Portage prior to 3.0.47, there is missing PGP validation of executed code: the standalone emerge-webrsync downloads a .gpgsig file but does not perform signature verification. Unless emerge-webrsync is used, Portage is not vulnerable.
Gentoo Portage
NA
CVE-2023-26033
Gentoo soko is the code that powers packages.gentoo.org. Versions before 1.0.1 are vulnerable to SQL Injection, leading to a Denial of Service. If the user selects (in user preferences) the "Recently Visited Packages" view for the index page, the value of the `search_hi...
Gentoo Soko
2.1
CVSSv2
CVE-2004-1107
dispatch-conf in Portage 2.0.51-r2 and previous versions allows local users to overwrite arbitrary files via a symlink attack on temporary files.
Gentoo Linux
2.1
CVSSv2
CVE-2004-1108
qpkg in Gentoolkit 0.2.0_pre10 and previous versions allows local users to overwrite arbitrary files via a symlink attack on a temporary directory.
Gentoo Linux
7.2
CVSSv2
CVE-2004-1115
The init scripts in Search for Extraterrestrial Intelligence (SETI) project 3.08-r3 and previous versions execute user-owned programs with root privileges, which allows local users to gain privileges by modifying the programs.
Gentoo Linux
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »