Gentoo Linux vulnerabilities
52 known vulnerabilities affecting gentoo/linux.
Total CVEs
52
CISA KEV
0
Public exploits
21
Exploited in wild
2
Severity breakdown
CRITICAL12HIGH23MEDIUM11LOW6
Vulnerabilities
Page 1 of 3
CVE-2003-0694P2CRITICALCVSS 10.0ExploitedPoCv0.5v0.7+3 more2003-10-06
CVE-2003-0694 [CRITICAL] CVE-2003-0694: The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer
The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.
nvd
CVE-2003-0681P2HIGHCVSS 7.5ExploitedPoCv0.5v0.7+3 more2003-10-06
CVE-2003-0681 [HIGH] CVE-2003-0681: A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rul
A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences.
nvd
CVE-2002-1337P2CRITICALCVSS 10.0PoCv1.42003-03-07
CVE-2002-1337 [CRITICAL] CWE-120 CVE-2002-1337: Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via cer
Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c.
nvd
CVE-2004-0608P3CRITICALCVSS 10.0PoCv1.42004-12-06
CVE-2004-0608 [CRITICAL] CVE-2004-0608: The Unreal Engine, as used in DeusEx 1.112fm and earlier, Devastation 390 and earlier, Mobile Forces
The Unreal Engine, as used in DeusEx 1.112fm and earlier, Devastation 390 and earlier, Mobile Forces 20000 and earlier, Nerf Arena Blast 1.2 and earlier, Postal 2 1337 and earlier, Rune 107 and earlier, Tactical Ops 3.4.0 and earlier, Unreal 1 226f and earlier, Unreal II XMP 7710 and earlier, Unreal Tournament 451b and earlier, Unreal Tournament 2003 2225 a
nvd
CVE-2004-0493P3MEDIUMCVSS 6.4PoCv1.42004-08-06
CVE-2004-0493 [MEDIUM] CVE-2004-0493: The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote attackers to cause a deni
The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service (memory exhaustion), and possibly an integer signedness error leading to a heap-based buffer overflow on 64 bit systems, via long header lines with large numbers of space or tab characters.
nvd
CVE-2004-0557P3CRITICALCVSS 10.0PoCv1.42004-08-06
CVE-2004-0557 [CRITICAL] CVE-2004-0557: Multiple buffer overflows in the st_wavstartread function in wav.c for Sound eXchange (SoX) 12.17.2
Multiple buffer overflows in the st_wavstartread function in wav.c for Sound eXchange (SoX) 12.17.2 through 12.17.4 allow remote attackers to execute arbitrary code via certain WAV file header fields.
nvd
CVE-2004-0932P3HIGHCVSS 7.5PoCv1.42005-01-27
CVE-2004-0932 [HIGH] CVE-2004-0932: McAfee Anti-Virus Engine DATS drivers before 4398 released on Oct 13th 2004 and DATS Driver before 4
McAfee Anti-Virus Engine DATS drivers before 4398 released on Oct 13th 2004 and DATS Driver before 4397 October 6th 2004 allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
nvd
CVE-2004-0386P3CRITICALCVSS 10.0PoCv0.5v0.7+3 more2004-05-04
CVE-2004-0386 [CRITICAL] CVE-2004-0386: Buffer overflow in the HTTP parser for MPlayer 1.0pre3 and earlier, 0.90, and 0.91 allows remote att
Buffer overflow in the HTTP parser for MPlayer 1.0pre3 and earlier, 0.90, and 0.91 allows remote attackers to execute arbitrary code via a long Location header.
nvd
CVE-2004-0333P3CRITICALCVSS 10.0PoCv1.42004-11-23
CVE-2004-0333 [CRITICAL] CVE-2004-0333: Buffer overflow in the UUDeview package, as used in WinZip 6.2 through WinZip 8.1 SR-1, and possibly
Buffer overflow in the UUDeview package, as used in WinZip 6.2 through WinZip 8.1 SR-1, and possibly other packages, allows remote attackers to execute arbitrary code via a MIME archive with certain long MIME parameters.
nvd
CVE-2004-0416P3CRITICALCVSS 10.0PoCv1.42004-08-06
CVE-2004-0416 [CRITICAL] CWE-119 CVE-2004-0416: Double free vulnerability for the error_prog_name string in CVS 1.12.x through 1.12.8, and 1.11.x th
Double free vulnerability for the error_prog_name string in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to execute arbitrary code.
nvd
CVE-2004-1737P3HIGHCVSS 7.5PoCv1.42004-08-16
CVE-2004-1737 [HIGH] CVE-2004-1737: SQL injection vulnerability in auth_login.php in Cacti 0.8.5a allows remote attackers to execute arb
SQL injection vulnerability in auth_login.php in Cacti 0.8.5a allows remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username or (2) password parameters.
nvd
CVE-2004-0933P3HIGHCVSS 7.5PoCv1.42005-01-27
CVE-2004-0933 [HIGH] CVE-2004-0933: Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus r6.0 through r7.1, eTrust Antivirus for t
Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus r6.0 through r7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, EZ-Armor 2.0 through 2.4, and EZ-Antivirus 6.1 through 6.3 allow remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to z
nvd
CVE-2004-1096P3HIGHCVSS 7.5PoCv1.42005-01-10
CVE-2004-1096 [HIGH] CVE-2004-1096: Archive::Zip Perl module before 1.14, when used by antivirus programs such as amavisd-new, allows re
Archive::Zip Perl module before 1.14, when used by antivirus programs such as amavisd-new, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
nvd
CVE-2004-0935P3HIGHCVSS 7.5PoCv1.42005-01-27
CVE-2004-0935 [HIGH] CVE-2004-0935: Eset Anti-Virus before 1.020 (16th September 2004) allows remote attackers to bypass antivirus prote
Eset Anti-Virus before 1.020 (16th September 2004) allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
nvd
CVE-2004-0937P3HIGHCVSS 7.5PoCv1.42005-02-09
CVE-2004-0937 [HIGH] CVE-2004-0937: Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, all
Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
nvd
CVE-2004-0936P3HIGHCVSS 7.5PoCv1.42005-01-27
CVE-2004-0936 [HIGH] CVE-2004-0936: RAV antivirus allows remote attackers to bypass antivirus protection via a compressed file with both
RAV antivirus allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
nvd
CVE-2004-0934P3HIGHCVSS 7.5PoCv1.42005-01-27
CVE-2004-0934 [HIGH] CVE-2004-0934: Kaspersky 3.x to 4.x allows remote attackers to bypass antivirus protection via a compressed file wi
Kaspersky 3.x to 4.x allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
nvd
CVE-2004-1471P4HIGHCVSS 7.1PoCv1.42004-12-31
CVE-2004-1471 [HIGH] CVE-2004-1471: Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16 al
Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16 allows remote attackers with CVSROOT commit access to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a wrapper line.
nvd
CVE-2004-0548P4HIGHCVSS 7.2PoCv1.42004-08-06
CVE-2004-0548 [HIGH] CVE-2004-0548: Multiple stack-based buffer overflows in the word-list-compress functionality in compress.c for Aspe
Multiple stack-based buffer overflows in the word-list-compress functionality in compress.c for Aspell allow local users to execute arbitrary code via a long entry in the wordlist that is not properly handled when using the (1) "c" compress option or (2) "d" decompress option.
nvd
CVE-2004-0418P3CRITICALCVSS 10.0v1.42004-08-06
CVE-2004-0418 [CRITICAL] CVE-2004-0418: serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empt
serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow remote attackers to perform an "out-of-bounds" write for a single byte to execute arbitrary code or modify critical program data.
nvd
1 / 3Next →