Export limit exceeded: 357322 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (199 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-0932 | 11 Archive Zip, Broadcom, Ca and 8 more | 23 Archive Zip, Brightstor Arcserve Backup, Etrust Antivirus and 20 more | 2026-04-16 | N/A |
| McAfee Anti-Virus Engine DATS drivers before 4398 released on Oct 13th 2004 and DATS Driver before 4397 October 6th 2004 allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. | ||||
| CVE-2004-0934 | 11 Archive Zip, Broadcom, Ca and 8 more | 23 Archive Zip, Brightstor Arcserve Backup, Etrust Antivirus and 20 more | 2026-04-16 | N/A |
| Kaspersky 3.x to 4.x allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. | ||||
| CVE-2024-12088 | 8 Almalinux, Archlinux, Gentoo and 5 more | 21 Almalinux, Arch Linux, Linux and 18 more | 2026-04-14 | 6.5 Medium |
| A flaw was found in rsync. When using the `--safe-links` option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary file write outside the desired directory. | ||||
| CVE-2024-12087 | 8 Almalinux, Archlinux, Gentoo and 5 more | 26 Almalinux, Arch Linux, Linux and 23 more | 2026-04-14 | 6.5 Medium |
| A path traversal vulnerability exists in rsync. It stems from behavior enabled by the `--inc-recursive` option, a default-enabled option for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the `--inc-recursive` option, a lack of proper symlink verification coupled with deduplication checks occurring on a per-file-list basis could allow a server to write files outside of the client's intended destination directory. A malicious server could write malicious files to arbitrary locations named after valid directories/paths on the client. | ||||
| CVE-2024-12084 | 8 Almalinux, Archlinux, Gentoo and 5 more | 9 Almalinux, Arch Linux, Linux and 6 more | 2026-02-26 | 9.8 Critical |
| A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths (s2length) in the code. When MAX_DIGEST_LEN exceeds the fixed SUM_LENGTH (16 bytes), an attacker can write out of bounds in the sum2 buffer. | ||||
| CVE-2024-36451 | 2 Gentoo, Webmin | 2 Webmin, Webmin | 2025-10-08 | 8.8 High |
| Improper handling of insufficient permissions or privileges vulnerability exists in ajaxterm module of Webmin prior to 2.003. If this vulnerability is exploited, a console session may be hijacked by an unauthorized user. As a result, data within a system may be referred, a webpage may be altered, or a server may be permanently halted. | ||||
| CVE-2020-36770 | 1 Gentoo | 1 Ebuild For Slurm | 2025-06-20 | 7.8 High |
| pkg_postinst in the Gentoo ebuild for Slurm through 22.05.3 unnecessarily calls chown to assign root's ownership on files in the live root filesystem. This could be exploited by the slurm user to become the owner of root-owned files. | ||||
| CVE-2016-20021 | 1 Gentoo | 1 Portage | 2025-06-03 | 9.8 Critical |
| In Gentoo Portage before 3.0.47, there is missing PGP validation of executed code: the standalone emerge-webrsync downloads a .gpgsig file but does not perform signature verification. Unless emerge-webrsync is used, Portage is not vulnerable. | ||||
| CVE-2017-14730 | 2 Elasticsearch, Gentoo | 2 Logstash, Linux | 2025-04-20 | N/A |
| The init script in the Gentoo app-admin/logstash-bin package before 5.5.3 and 5.6.x before 5.6.1 has "chown -R" calls for user-writable directory trees, which allows local users to gain privileges by leveraging access to a $LS_USER account for creation of a hard link. | ||||
| CVE-2004-2778 | 1 Gentoo | 1 Portage | 2025-04-20 | N/A |
| Ebuild in Gentoo may change directory and file permissions depending on the order of installed packages, which allows local users to read or write to restricted directories or execute restricted commands via navigating to the affected directories, or executing the affected commands. | ||||
| CVE-2017-15945 | 3 Gentoo, Mariadb, Mysql | 3 Linux, Mariadb, Mysql | 2025-04-20 | N/A |
| The installation scripts in the Gentoo dev-db/mysql, dev-db/mariadb, dev-db/percona-server, dev-db/mysql-cluster, and dev-db/mariadb-galera packages before 2017-09-29 have chown calls for user-writable directory trees, which allows local users to gain privileges by leveraging access to the mysql account for creation of a link. | ||||
| CVE-2017-14484 | 1 Gentoo | 1 Sci-mathematics-gimps | 2025-04-20 | N/A |
| The Gentoo sci-mathematics/gimps package before 28.10-r1 for Great Internet Mersenne Prime Search (GIMPS) allows local users to gain privileges by creating a hard link under /var/lib/gimps, because an unsafe "chown -R" command is executed. | ||||
| CVE-2017-14483 | 1 Gentoo | 1 Dev-python-flower | 2025-04-20 | N/A |
| flower.initd in the Gentoo dev-python/flower package before 0.9.1-r1 for Celery Flower sets PID file ownership to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill `cat /pathname`" command. | ||||
| CVE-2013-4223 | 1 Gentoo | 1 Nullmailer | 2025-04-12 | N/A |
| The Gentoo Nullmailer package before 1.11-r2 uses world-readable permissions for /etc/nullmailer/remotes, which allows local users to obtain SMTP authentication credentials by reading the file. | ||||
| CVE-2014-9622 | 1 Gentoo | 1 Xdg-utils | 2025-04-12 | N/A |
| Eval injection vulnerability in xdg-utils 1.1.0 RC1, when no supported desktop environment is identified, allows context-dependent attackers to execute arbitrary code via the URL argument to xdg-open. | ||||
| CVE-2014-4909 | 4 Canonical, Fedoraproject, Gentoo and 1 more | 4 Ubuntu Linux, Fedora, Linux and 1 more | 2025-04-12 | N/A |
| Integer overflow in the tr_bitfieldEnsureNthBitAlloced function in bitfield.c in Transmission before 2.84 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted peer message, which triggers an out-of-bounds write. | ||||
| CVE-2013-2100 | 1 Gentoo | 1 Portage | 2025-04-12 | N/A |
| The urlopen function in pym/portage/util/_urlopen.py in Gentoo Portage 2.1.12, when using HTTPS, does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and modify binary package lists via a crafted certificate. | ||||
| CVE-2023-28424 | 1 Gentoo | 1 Soko | 2025-04-11 | 9.1 Critical |
| Soko if the code that powers packages.gentoo.org. Prior to version 1.0.2, the two package search handlers, `Search` and `SearchFeed`, implemented in `pkg/app/handler/packages/search.go`, are affected by a SQL injection via the `q` parameter. As a result, unauthenticated attackers can execute arbitrary SQL queries on `https://packages.gentoo.org/`. It was also demonstrated that primitive was enough to gain code execution in the context of the PostgreSQL container. The issue was addressed in commit `4fa6e4b619c0362728955b6ec56eab0e0cbf1e23y` of version 1.0.2 using prepared statements to interpolate user-controlled data in SQL queries. | ||||
| CVE-2011-1098 | 2 Gentoo, Redhat | 2 Logrotate, Enterprise Linux | 2025-04-11 | N/A |
| Race condition in the createOutputFile function in logrotate.c in logrotate 3.7.9 and earlier allows local users to read log data by opening a file before the intended permissions are in place. | ||||
| CVE-2010-1159 | 2 Aircrack-ng, Gentoo | 2 Aircrack-ng, Linux | 2025-04-11 | N/A |
| Multiple heap-based buffer overflows in Aircrack-ng before 1.1 allow remote attackers to cause a denial of service (crash) and execute arbitrary code via a (1) large length value in an EAPOL packet or (2) long EAPOL packet. | ||||