Filtered by vendor Gentoo
Subscribe
Total
198 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-1117 | 1 Gentoo | 1 Linux | 2025-04-03 | 7.2 HIGH | N/A |
| The init scripts in ChessBrain 20407 and earlier execute user-owned programs with root privileges, which allows local users to gain privileges by modifying the programs. | |||||
| CVE-2004-1009 | 6 Debian, Gentoo, Midnight Commander and 3 more | 8 Debian Linux, Linux, Midnight Commander and 5 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors. | |||||
| CVE-2004-0224 | 3 Double Precision Incorporated, Gentoo, Inter7 | 4 Courier Mta, Sqwebmail, Linux and 1 more | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple buffer overflows in (1) iso2022jp.c or (2) shiftjis.c for Courier-IMAP before 3.0.0, Courier before 0.45, and SqWebMail before 4.0.0 may allow remote attackers to execute arbitrary code "when Unicode character is out of BMP range." | |||||
| CVE-2006-3005 | 1 Gentoo | 2 Linux, Media-libs Jpeg | 2025-04-03 | 5.0 MEDIUM | N/A |
| The JPEG library in media-libs/jpeg before 6b-r7 on Gentoo Linux is built without the -maxmem feature, which could allow context-dependent attackers to cause a denial of service (memory exhaustion) via a crafted JPEG file that exceeds the intended memory limits. | |||||
| CVE-2004-1025 | 3 Enlightenment, Gentoo, Redhat | 3 Imlib, Linux, Linux | 2025-04-03 | 10.0 HIGH | N/A |
| Multiple heap-based buffer overflows in imlib 1.9.14 and earlier, which is used by gkrellm and several window managers, allow remote attackers to cause a denial of service (application crash) and execute arbitrary code via certain image files. | |||||
| CVE-2004-0557 | 4 Conectiva, Gentoo, Redhat and 1 more | 6 Linux, Linux, Enterprise Linux and 3 more | 2025-04-03 | 10.0 HIGH | N/A |
| Multiple buffer overflows in the st_wavstartread function in wav.c for Sound eXchange (SoX) 12.17.2 through 12.17.4 allow remote attackers to execute arbitrary code via certain WAV file header fields. | |||||
| CVE-2004-1901 | 1 Gentoo | 2 Linux, Portage | 2025-04-03 | 4.6 MEDIUM | 5.5 MEDIUM |
| Portage before 2.0.50-r3 allows local users to overwrite arbitrary files via a hard link attack on the lockfiles. | |||||
| CVE-2004-0969 | 3 Gentoo, Gnu, Ubuntu | 3 Linux, Groff, Ubuntu Linux | 2025-04-03 | 2.1 LOW | N/A |
| The groffer script in the Groff package 1.18 and later versions, as used in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files. | |||||
| CVE-2004-1304 | 3 File, Gentoo, Trustix | 3 File, Linux, Secure Linux | 2025-04-03 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the ELF header parsing code in file before 4.12 allows attackers to execute arbitrary code via a crafted ELF file. | |||||
| CVE-2003-0694 | 11 Apple, Compaq, Freebsd and 8 more | 18 Mac Os X, Mac Os X Server, Tru64 and 15 more | 2025-04-03 | 10.0 HIGH | N/A |
| The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c. | |||||
| CVE-2004-0667 | 2 Gentoo, Rsbac | 2 Linux, Rule Set Based Access Control | 2025-04-03 | 7.2 HIGH | N/A |
| Rule Set Based Access Control (RSBAC) 1.2.2 through 1.2.3 allows access to sys_creat, sys_open, and sys_mknod inside jails, which could allow local users to gain elevated privileges. | |||||
| CVE-2002-1337 | 7 Gentoo, Hp, Netbsd and 4 more | 9 Linux, Alphaserver Sc, Hp-ux and 6 more | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c. | |||||
| CVE-2004-1031 | 2 Gentoo, Thibault Godouet | 2 Linux, Fcron | 2025-04-03 | 7.2 HIGH | N/A |
| fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to bypass access restrictions and load an arbitrary configuration file by starting an suid process and pointing the fcronsighup configuration file to a /proc entry that is owned by root but modifiable by the user, such as /proc/self/cmdline or /proc/self/environ. | |||||
| CVE-2005-4279 | 1 Gentoo | 1 Qt-unixodbc | 2025-04-03 | 7.2 HIGH | N/A |
| Untrusted search path vulnerability in Qt-UnixODBC before 3.3.4-r1 on Gentoo Linux allows local users in the portage group to gain privileges via a malicious shared object in the Portage temporary build directory, which is part of the RUNPATH. | |||||
| CVE-2006-1390 | 1 Gentoo | 1 Linux | 2025-04-03 | 4.6 MEDIUM | N/A |
| The configuration of NetHack 3.4.3-r1 and earlier, Falcon's Eye 1.9.4a and earlier, and Slash'EM 0.0.760 and earlier on Gentoo Linux allows local users in the games group to modify saved games files to execute arbitrary code via buffer overflows and overwrite arbitrary files via symlink attacks. | |||||
| CVE-2004-1737 | 2 Gentoo, The Cacti Group | 2 Linux, Cacti | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in auth_login.php in Cacti 0.8.5a allows remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username or (2) password parameters. | |||||
| CVE-2004-0981 | 4 Debian, Gentoo, Imagemagick and 1 more | 4 Debian Linux, Linux, Imagemagick and 1 more | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in the EXIF parsing routine in ImageMagick before 6.1.0 allows remote attackers to execute arbitrary code via a certain image file. | |||||
| CVE-2004-0495 | 6 Avaya, Conectiva, Gentoo and 3 more | 18 Converged Communications Server, Intuity Audix, Modular Messaging Message Storage Server and 15 more | 2025-04-03 | 7.2 HIGH | N/A |
| Multiple unknown vulnerabilities in Linux kernel 2.4 and 2.6 allow local users to gain privileges or access kernel memory, as found by the Sparse source code checking tool. | |||||
| CVE-2004-0980 | 3 Angus Mackay, Debian, Gentoo | 3 Ez-ipupdate, Debian Linux, Linux | 2025-04-03 | 10.0 HIGH | N/A |
| Format string vulnerability in ez-ipupdate.c for ez-ipupdate 3.0.10 through 3.0.11b8, when running in daemon mode with certain service types in use, allows remote servers to execute arbitrary code. | |||||
| CVE-2005-3625 | 18 Conectiva, Debian, Easy Software Products and 15 more | 33 Linux, Debian Linux, Cups and 30 more | 2025-04-03 | 10.0 HIGH | N/A |
| Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins." | |||||