Vulnerabilities (CVE)

Filtered by vendor Gentoo Subscribe
Total 193 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2004-0418 5 Cvs, Gentoo, Openbsd and 2 more 5 Cvs, Linux, Openbsd and 2 more 2025-04-03 10.0 HIGH N/A
serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow remote attackers to perform an "out-of-bounds" write for a single byte to execute arbitrary code or modify critical program data.
CVE-2004-0649 2 Gentoo, L2tpd 2 Linux, L2tpd 2025-04-03 10.0 HIGH N/A
Buffer overflow in write_packet in control.c for l2tpd may allow remote attackers to execute arbitrary code.
CVE-2004-0933 11 Archive Zip, Broadcom, Ca and 8 more 23 Archive Zip, Brightstor Arcserve Backup, Etrust Antivirus and 20 more 2025-04-03 7.5 HIGH N/A
Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus r6.0 through r7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, EZ-Armor 2.0 through 2.4, and EZ-Antivirus 6.1 through 6.3 allow remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
CVE-2004-1161 2 Gentoo, Rssh 2 Linux, Rssh 2025-04-03 7.5 HIGH N/A
rssh 2.2.2 and earlier does not properly restrict programs that can be run, which could allow remote authenticated users to bypass intended access restrictions and execute arbitrary programs via (1) rdist -P, (2) rsync, or (3) scp -S.
CVE-2005-0206 15 Ascii, Cstex, Debian and 12 more 22 Ptex, Cstetex, Debian Linux and 19 more 2025-04-03 7.5 HIGH N/A
The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.
CVE-2004-0809 8 Apache, Debian, Gentoo and 5 more 12 Http Server, Debian Linux, Linux and 9 more 2025-04-03 5.0 MEDIUM N/A
The mod_dav module in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (child process crash) via a certain sequence of LOCK requests for a location that allows WebDAV authoring access.
CVE-2004-0749 2 Gentoo, Subversion 2 Linux, Subversion 2025-04-03 5.0 MEDIUM N/A
The mod_authz_svn module in Subversion 1.0.7 and earlier does not properly restrict access to all metadata on unreadable paths, which could allow remote attackers to gain sensitive information via (1) svn log -v, (2) svn propget, or (3) svn blame, and other commands that follow renames.
CVE-2004-0889 11 Debian, Easy Software Products, Gentoo and 8 more 16 Debian Linux, Cups, Linux and 13 more 2025-04-03 10.0 HIGH N/A
Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888.
CVE-2004-1092 6 Debian, Gentoo, Midnight Commander and 3 more 8 Debian Linux, Linux, Midnight Commander and 5 more 2025-04-03 5.0 MEDIUM N/A
Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by causing mc to free unallocated memory.
CVE-2004-1030 2 Gentoo, Thibault Godouet 2 Linux, Fcron 2025-04-03 2.1 LOW N/A
fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to gain sensitive information by calling fcronsighup with an arbitrary file, which reveals the contents of the file that can not be parsed in an error message.
CVE-2004-1025 3 Enlightenment, Gentoo, Redhat 3 Imlib, Linux, Linux 2025-04-03 10.0 HIGH N/A
Multiple heap-based buffer overflows in imlib 1.9.14 and earlier, which is used by gkrellm and several window managers, allow remote attackers to cause a denial of service (application crash) and execute arbitrary code via certain image files.
CVE-2004-1901 1 Gentoo 2 Linux, Portage 2025-04-03 4.6 MEDIUM 5.5 MEDIUM
Portage before 2.0.50-r3 allows local users to overwrite arbitrary files via a hard link attack on the lockfiles.
CVE-2004-1304 3 File, Gentoo, Trustix 3 File, Linux, Secure Linux 2025-04-03 10.0 HIGH N/A
Stack-based buffer overflow in the ELF header parsing code in file before 4.12 allows attackers to execute arbitrary code via a crafted ELF file.
CVE-2002-1337 7 Gentoo, Hp, Netbsd and 4 more 9 Linux, Alphaserver Sc, Hp-ux and 6 more 2025-04-03 10.0 HIGH N/A
Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c.
CVE-2004-1491 4 Gentoo, Kde, Opera and 1 more 4 Linux, Kde, Opera Browser and 1 more 2025-04-03 5.0 MEDIUM N/A
Opera 7.54 and earlier uses kfmclient exec to handle unknown MIME types, which allows remote attackers to execute arbitrary code via a shortcut or launcher that contains an Exec entry.
CVE-2004-0996 4 Cscope, Debian, Gentoo and 1 more 4 Cscope, Debian Linux, Linux and 1 more 2025-04-03 2.1 LOW N/A
main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack.
CVE-2004-1176 6 Debian, Gentoo, Midnight Commander and 3 more 8 Debian Linux, Linux, Midnight Commander and 5 more 2025-04-03 7.5 HIGH N/A
Buffer underflow in extfs.c in Midnight Commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code.
CVE-2006-0071 1 Gentoo 2 App-crypt Pinentry, Linux 2025-04-03 6.6 MEDIUM N/A
The ebuild for pinentry before 0.7.2-r2 on Gentoo Linux sets setgid bits for pinentry programs, which allows local users to read or overwrite arbitrary files as gid 0.
CVE-2005-1121 2 Gentoo, Igor Khasilev 2 Linux, Oops Proxy Server 2025-04-03 5.0 MEDIUM N/A
Format string vulnerability in the my_xlog function in lib.c for Oops! Proxy Server 1.5.23 and earlier, as called by the auth functions in the passwd_mysql and passwd_pgsql modules, may allow attackers to execute arbitrary code via a URL.
CVE-2004-0936 11 Archive Zip, Broadcom, Ca and 8 more 23 Archive Zip, Brightstor Arcserve Backup, Etrust Antivirus and 20 more 2025-04-03 7.5 HIGH N/A
RAV antivirus allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.