Filtered by vendor Gentoo
Subscriptions
Total
199 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-3531 | 1 Gentoo | 2 Linux, Nvclock | 2025-04-09 | N/A |
| The set_default_speeds function in backend/backend.c in NVidia NVClock before 0.8b2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/nvclock temporary file. | ||||
| CVE-2004-1107 | 1 Gentoo | 1 Linux | 2025-04-03 | N/A |
| dispatch-conf in Portage 2.0.51-r2 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files. | ||||
| CVE-2004-1106 | 2 Gallery Project, Gentoo | 2 Gallery, Linux | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in Gallery 1.4.4-pl3 and earlier allows remote attackers to execute arbitrary web script or HTML via "specially formed URLs," possibly via the include parameter in index.php. | ||||
| CVE-2004-0889 | 11 Debian, Easy Software Products, Gentoo and 8 more | 16 Debian Linux, Cups, Linux and 13 more | 2025-04-03 | N/A |
| Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888. | ||||
| CVE-2004-1096 | 10 Broadcom, Ca, Eset Software and 7 more | 22 Brightstor Arcserve Backup, Etrust Antivirus, Etrust Antivirus Gateway and 19 more | 2025-04-03 | N/A |
| Archive::Zip Perl module before 1.14, when used by antivirus programs such as amavisd-new, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. | ||||
| CVE-2004-1052 | 3 Bnc, Debian, Gentoo | 3 Bnc, Debian Linux, Linux | 2025-04-03 | N/A |
| Buffer overflow in the getnickuserhost function in BNC 2.8.9, and possibly other versions, allows remote IRC servers to execute arbitrary code via an IRC server response that contains many (1) ! (exclamation) or (2) @ (at sign) characters. | ||||
| CVE-2004-0834 | 3 Gentoo, Mandrakesoft, Speedtouch | 5 Linux, Mandrake Linux, Mandrake Linux Corporate Server and 2 more | 2025-04-03 | N/A |
| Format string vulnerability in Speedtouch USB driver before 1.3.1 allows local users to execute arbitrary code via (1) modem_run, (2) pppoa2, or (3) pppoa3. | ||||
| CVE-2004-0419 | 4 Gentoo, Redhat, X.org and 1 more | 4 Linux, Enterprise Linux, X11r6 and 1 more | 2025-04-03 | N/A |
| XDM in XFree86 opens a chooserFd TCP socket even when DisplayManager.requestPort is 0, which could allow remote attackers to connect to the port, in violation of the intended restrictions. | ||||
| CVE-2004-1034 | 3 Gentoo, Kaffeine, Xine | 3 Linux, Kaffeine Player, Gxine | 2025-04-03 | N/A |
| Buffer overflow in the http_open function in Kaffeine before 0.5, whose code is also used in gxine before 0.3.3, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long Content-Type header for a Real Audio Media (.ram) playlist file. | ||||
| CVE-2006-3005 | 1 Gentoo | 2 Linux, Media-libs Jpeg | 2025-04-03 | N/A |
| The JPEG library in media-libs/jpeg before 6b-r7 on Gentoo Linux is built without the -maxmem feature, which could allow context-dependent attackers to cause a denial of service (memory exhaustion) via a crafted JPEG file that exceeds the intended memory limits. | ||||
| CVE-2006-1390 | 1 Gentoo | 1 Linux | 2025-04-03 | N/A |
| The configuration of NetHack 3.4.3-r1 and earlier, Falcon's Eye 1.9.4a and earlier, and Slash'EM 0.0.760 and earlier on Gentoo Linux allows local users in the games group to modify saved games files to execute arbitrary code via buffer overflows and overwrite arbitrary files via symlink attacks. | ||||
| CVE-2004-1033 | 2 Gentoo, Thibault Godouet | 2 Linux, Fcron | 2025-04-03 | N/A |
| Fcron 2.0.1, 2.9.4, and possibly earlier versions leak file descriptors of open files, which allows local users to bypass access restrictions and read fcron.allow and fcron.deny via the EDITOR environment variable. | ||||
| CVE-2004-0700 | 3 Gentoo, Mod Ssl, Redhat | 5 Linux, Mod Ssl, Enterprise Linux and 2 more | 2025-04-03 | N/A |
| Format string vulnerability in the mod_proxy hook functions function in ssl_engine_log.c in mod_ssl before 2.8.19 for Apache before 1.3.31 may allow remote attackers to execute arbitrary messages via format string specifiers in certain log messages for HTTPS that are handled by the ssl_log function. | ||||
| CVE-2006-0071 | 1 Gentoo | 2 App-crypt Pinentry, Linux | 2025-04-03 | N/A |
| The ebuild for pinentry before 0.7.2-r2 on Gentoo Linux sets setgid bits for pinentry programs, which allows local users to read or overwrite arbitrary files as gid 0. | ||||
| CVE-2005-4595 | 1 Gentoo | 2 Nview, Xnview | 2025-04-03 | N/A |
| Untrusted search path vulnerability (RPATH) in XnView 1.70 and NView 4.51 on Gentoo Linux allows local users to execute arbitrary code via a malicious library in the current working directory. | ||||
| CVE-2004-1032 | 2 Gentoo, Thibault Godouet | 2 Linux, Fcron | 2025-04-03 | N/A |
| fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to delete arbitrary files or create arbitrary empty files via a target filename with a large number of leading slash (/) characters such that fcronsighup does not properly append the intended fcrontab.sig to the resulting string. | ||||
| CVE-2005-4279 | 1 Gentoo | 1 Qt-unixodbc | 2025-04-03 | N/A |
| Untrusted search path vulnerability in Qt-UnixODBC before 3.3.4-r1 on Gentoo Linux allows local users in the portage group to gain privileges via a malicious shared object in the Portage temporary build directory, which is part of the RUNPATH. | ||||
| CVE-2005-3785 | 1 Gentoo | 1 Linux Eix | 2025-04-03 | N/A |
| Second-order symlink vulnerability in eix-sync.in in Ebuild IndeX (eix) before 0.5.0_pre2 allows local users to overwrite arbitrary files via a symlink attack on the exi.X.sync temporary file, which is processed by the diff-eix program. | ||||
| CVE-2004-1027 | 4 Arjsoftware, Debian, Gentoo and 1 more | 4 Unarj, Debian Linux, Linux and 1 more | 2025-04-03 | N/A |
| Directory traversal vulnerability in the -x (extract) command line option in unarj allows remote attackers to overwrite arbitrary files via an arj archive with filenames that contain .. (dot dot) sequences. | ||||
| CVE-2004-0649 | 2 Gentoo, L2tpd | 2 Linux, L2tpd | 2025-04-03 | N/A |
| Buffer overflow in write_packet in control.c for l2tpd may allow remote attackers to execute arbitrary code. | ||||