Gentoo
gentoo
178 CVEs • 30 products
Products (30)
Click to collapseToggle
Products (30)
Click to collapse
CVEs (178)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
The mtink status monitor before 1.0.5 for Epson printers allows local users to overwrite arbitrary files via a symlink attack on the epson temporary file. |
qpkg in Gentoolkit 0.2.0_pre10 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary directory. |
dispatch-conf in Portage 2.0.51-r2 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files. |
2Gallery Project Gentoo2Gallery LinuxApr 16, 2026 Jan 10, 2005 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in Gallery 1.4.4-pl3 and earlier allows remote attackers to execute arbitrary web script or HTML via "specially formed URLs," possibly via the include parameter in index.php. |
10Broadcom CaEset Software+7 more22Antivirus Engine Brightstor Arcserve BackupEtrust Antivirus+19 moreApr 16, 2026 Jan 10, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 Archive::Zip Perl module before 1.14, when used by antivirus programs such as amavisd-new, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, whic...Show more |
3Enlightenment GentooRedhat3Imlib LinuxLinuxApr 16, 2026 Jan 10, 2005 N/A· v4 N/A· v3 10.0 HIGH· v2 Multiple integer overflows in the image handler for imlib 1.9.14 and earlier, which is used by gkrellm and several window managers, allow remote attackers to cause a denial of service (application crash) and execute arbi...Show more |
3Enlightenment GentooRedhat3Imlib LinuxLinuxApr 16, 2026 Jan 10, 2005 N/A· v4 N/A· v3 10.0 HIGH· v2 Multiple heap-based buffer overflows in imlib 1.9.14 and earlier, which is used by gkrellm and several window managers, allow remote attackers to cause a denial of service (application crash) and execute arbitrary code v...Show more |
4Cscope DebianGentoo+1 more4Cscope Debian LinuxLinux+1 moreApr 16, 2026 Jan 10, 2005 N/A· v4 N/A· v3 2.1 LOW· v2 main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack. |
6Gentoo LesstifRedhat+3 more6Fedora Core LesstifLinux+3 moreApr 16, 2026 Jan 10, 2005 N/A· v4 N/A· v3 10.0 HIGH· v2 Multiple vulnerabilities in libXpm for 6.8.1 and earlier, as used in XFree86 and other packages, include (1) multiple integer overflows, (2) out-of-bounds memory accesses, (3) directory traversal, (4) shell metacharacter...Show more |
Portage before 2.0.50-r3 allows local users to overwrite arbitrary files via a hard link attack on the lockfiles. |
4Gentoo KdeOpera+1 more4Kde LinuxOpera Browser+1 moreApr 16, 2026 Dec 31, 2004 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Opera 7.54 and earlier uses kfmclient exec to handle unknown MIME types, which allows remote attackers to execute arbitrary code via a shortcut or launcher that contains an Exec entry. |
6Cvs FreebsdGentoo+3 more6Cvs FreebsdLinux+3 moreApr 16, 2026 Dec 31, 2004 N/A· v4 N/A· v3 7.1 HIGH· v2 Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16 allows remote attackers with CVSROOT commit access to cause a denial of service (application crash) and possibly execute a...Show more |
Tomcat before 5.0.27-r3 in Gentoo Linux sets the default permissions on the init scripts as tomcat:tomcat, but executes the scripts with root privileges, which could allow local users in the tomcat group to execute arbit...Show more |
The xdvizilla script in tetex-bin 2.0.2 creates temporary files with predictable file names, which allows local users to overwrite arbitrary files via a symlink attack. |
3Gentoo MandrakesoftSpeedtouch5Linux Mandrake LinuxMandrake Linux Corporate Server+2 moreApr 16, 2026 Dec 23, 2004 N/A· v4 N/A· v3 7.2 HIGH· v2 Format string vulnerability in Speedtouch USB driver before 1.3.1 allows local users to execute arbitrary code via (1) modem_run, (2) pppoa2, or (3) pppoa3. |
The mod_authz_svn module in Subversion 1.0.7 and earlier does not properly restrict access to all metadata on unreadable paths, which could allow remote attackers to gain sensitive information via (1) svn log -v, (2) svn...Show more |
10Apple AvayaConectiva+7 more19Call Management System Server CvlanIcontrol Service Manager+16 moreApr 16, 2026 Dec 21, 2004 N/A· v4 N/A· v3 7.5 HIGH· v2 Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which cau...Show more |
4Ethereal Group GentooMandrakesoft+1 more5Enterprise Linux EtherealLinux+2 moreApr 16, 2026 Dec 6, 2004 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The SNMP dissector in Ethereal 0.8.15 through 0.10.4 allows remote attackers to cause a denial of service (process crash) via a (1) malformed or (2) missing community string, which causes an out-of-bounds read. |
4Ethereal Group GentooMandrakesoft+1 more5Enterprise Linux EtherealLinux+2 moreApr 16, 2026 Dec 6, 2004 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The SMB SID snooping capability in Ethereal 0.9.15 to 0.10.4 allows remote attackers to cause a denial of service (process crash) via a handle without a policy name, which causes a null dereference. |
4Ethereal Group GentooMandrakesoft+1 more5Enterprise Linux EtherealLinux+2 moreApr 16, 2026 Dec 6, 2004 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The iSNS dissector for Ethereal 0.10.3 through 0.10.4 allows remote attackers to cause a denial of service (process abort) via an integer overflow. |