Total
159 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-12087 | 8 Almalinux, Archlinux, Gentoo and 5 more | 18 Almalinux, Arch Linux, Linux and 15 more | 2025-12-22 | N/A | 6.5 MEDIUM |
|
A path traversal vulnerability exists in rsync. It stems from behavior enabled by the `--inc-recursive` option, a default-enabled option for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the `--inc-recursive` option, a lack of proper symlink verification coupled with deduplication checks occurring on a per-file-list basis could allow a server to write files outside of the client's intended destination directory. A malicious server c ...
Show More |
|||||
| CVE-2024-12085 | 8 Almalinux, Archlinux, Gentoo and 5 more | 22 Almalinux, Arch Linux, Linux and 19 more | 2025-11-20 | N/A | 7.5 HIGH |
|
A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time.
|
|||||
| CVE-2024-12088 | 8 Almalinux, Archlinux, Gentoo and 5 more | 20 Almalinux, Arch Linux, Linux and 17 more | 2025-11-03 | N/A | 6.5 MEDIUM |
|
A flaw was found in rsync. When using the `--safe-links` option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary file write outside the desired directory.
|
|||||
| CVE-2024-12086 | 8 Almalinux, Archlinux, Gentoo and 5 more | 9 Almalinux, Arch Linux, Linux and 6 more | 2025-11-03 | N/A | 6.1 MEDIUM |
|
A flaw was found in rsync. It could allow a server to enumerate the contents of an arbitrary file from the client's machine. This issue occurs when files are being copied from a client to a server. During this process, the rsync server will send checksums of local data to the client to compare with in order to determine what data needs to be sent to the server. By sending specially constructed checksum values for arbitrary files, an attacker may be able to reconstruct the data of those files byt ...
Show More |
|||||
| CVE-2024-12084 | 8 Almalinux, Archlinux, Gentoo and 5 more | 8 Almalinux, Arch Linux, Linux and 5 more | 2025-11-03 | N/A | 9.8 CRITICAL |
|
A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths (s2length) in the code. When MAX_DIGEST_LEN exceeds the fixed SUM_LENGTH (16 bytes), an attacker can write out of bounds in the sum2 buffer.
|
|||||
| CVE-2017-15945 | 3 Gentoo, Mariadb, Mysql | 3 Linux, Mariadb, Mysql | 2025-04-20 | 7.2 HIGH | 7.8 HIGH |
|
The installation scripts in the Gentoo dev-db/mysql, dev-db/mariadb, dev-db/percona-server, dev-db/mysql-cluster, and dev-db/mariadb-galera packages before 2017-09-29 have chown calls for user-writable directory trees, which allows local users to gain privileges by leveraging access to the mysql account for creation of a link.
|
|||||
| CVE-2017-14730 | 2 Elasticsearch, Gentoo | 2 Logstash, Linux | 2025-04-20 | 7.2 HIGH | 7.8 HIGH |
|
The init script in the Gentoo app-admin/logstash-bin package before 5.5.3 and 5.6.x before 5.6.1 has "chown -R" calls for user-writable directory trees, which allows local users to gain privileges by leveraging access to a $LS_USER account for creation of a hard link.
|
|||||
| CVE-2014-4909 | 4 Canonical, Fedoraproject, Gentoo and 1 more | 4 Ubuntu Linux, Fedora, Linux and 1 more | 2025-04-12 | 6.8 MEDIUM | N/A |
|
Integer overflow in the tr_bitfieldEnsureNthBitAlloced function in bitfield.c in Transmission before 2.84 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted peer message, which triggers an out-of-bounds write.
|
|||||
| CVE-2013-2031 | 2 Gentoo, Mediawiki | 2 Linux, Mediawiki | 2025-04-11 | 4.3 MEDIUM | N/A |
|
MediaWiki before 1.19.6 and 1.20.x before 1.20.5 allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated by a CDATA section containing valid UTF-7 encoded sequences in a SVG file, which is then incorrectly interpreted as UTF-8 by Chrome and Firefox.
|
|||||
| CVE-2013-2032 | 3 Fedoraproject, Gentoo, Mediawiki | 3 Fedora, Linux, Mediawiki | 2025-04-11 | 5.0 MEDIUM | N/A |
|
MediaWiki before 1.19.6 and 1.20.x before 1.20.5 does not allow extensions to prevent password changes without using both Special:PasswordReset and Special:ChangePassword, which allows remote attackers to bypass the intended restrictions of an extension that only implements one of these blocks.
|
|||||
| CVE-2013-0348 | 5 Acme, Fedoraproject, Gentoo and 2 more | 5 Thttpd, Fedora, Linux and 2 more | 2025-04-11 | 2.1 LOW | N/A |
|
thttpd.c in sthttpd before 2.26.4-r2 and thttpd 2.25b use world-readable permissions for /var/log/thttpd.log, which allows local users to obtain sensitive information by reading the file.
|
|||||
| CVE-2011-1549 | 1 Gentoo | 2 Linux, Logrotate | 2025-04-11 | 6.3 MEDIUM | N/A |
|
The default configuration of logrotate on Gentoo Linux uses root privileges to process files in directories that permit non-root write access, which allows local users to conduct symlink and hard link attacks by leveraging logrotate's lack of support for untrusted directories, as demonstrated by directories under /var/log/ for packages.
|
|||||
| CVE-2010-1159 | 2 Aircrack-ng, Gentoo | 2 Aircrack-ng, Linux | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Multiple heap-based buffer overflows in Aircrack-ng before 1.1 allow remote attackers to cause a denial of service (crash) and execute arbitrary code via a (1) large length value in an EAPOL packet or (2) long EAPOL packet.
|
|||||
| CVE-2006-7094 | 3 Debian, Ftpd, Gentoo | 3 Debian Linux, Ftpd, Linux | 2025-04-09 | 8.5 HIGH | N/A |
|
ftpd, as used by Gentoo and Debian Linux, sets the gid to the effective uid instead of the effective group id before executing /bin/ls, which allows remote authenticated users to list arbitrary directories with the privileges of gid 0 and possibly enable additional attack vectors.
|
|||||
| CVE-2007-0476 | 1 Gentoo | 1 Linux | 2025-04-09 | 4.6 MEDIUM | N/A |
|
The gencert.sh script, when installing OpenLDAP before 2.1.30-r10, 2.2.x before 2.2.28-r7, and 2.3.x before 2.3.30-r2 as an ebuild in Gentoo Linux, does not create temporary directories in /tmp securely during emerge, which allows local users to overwrite arbitrary files via a symlink attack.
|
|||||
| CVE-2008-1078 | 2 Gentoo, Rpath | 2 Linux, Rpath Linux | 2025-04-09 | 7.2 HIGH | N/A |
|
expn in the am-utils and net-fs packages for Gentoo, rPath Linux, and other distributions, allows local users to overwrite arbitrary files via a symlink attack on the expn[PID] temporary file. NOTE: this is the same issue as CVE-2003-0308.1.
|
|||||
| CVE-2008-1734 | 1 Gentoo | 2 Linux, Php Toolkit | 2025-04-09 | 3.6 LOW | N/A |
|
Interpretation conflict in PHP Toolkit before 1.0.1 on Gentoo Linux might allow local users to cause a denial of service (PHP outage) and read contents of PHP scripts by creating a file with a one-letter lowercase alphabetic name, which triggers interpretation of a certain unquoted [a-z] argument as a matching shell glob for this name, rather than interpretation as the literal [a-z] regular-expression string, and consequently blocks the launch of the PHP interpreter within the Apache HTTP Server ...
Show More |
|||||
| CVE-2007-1856 | 2 Gentoo, Paul Vixie | 2 Linux, Vixie Cron | 2025-04-09 | 2.1 LOW | N/A |
|
Vixie Cron before 4.1-r10 on Gentoo Linux is installed with insecure permissions, which allows local users to cause a denial of service (cron failure) by creating hard links, which results in a failed st_nlink check in database.c.
|
|||||
| CVE-2008-1383 | 1 Gentoo | 1 Linux | 2025-04-09 | 1.9 LOW | N/A |
|
The docert function in ssl-cert.eclass, when used by src_compile or src_install on Gentoo Linux, stores the SSL key in a binpkg, which allows local users to extract the key from the binpkg, and causes multiple systems that use this binpkg to have the same SSL key and certificate.
|
|||||
| CVE-2007-1049 | 2 Gentoo, Wordpress | 2 Linux, Wordpress | 2025-04-09 | 4.3 MEDIUM | N/A |
|
Cross-site scripting (XSS) vulnerability in the wp_explain_nonce function in the nonce AYS functionality (wp-includes/functions.php) for WordPress 2.0 before 2.0.9 and 2.1 before 2.1.1 allows remote attackers to inject arbitrary web script or HTML via the file parameter to wp-admin/templates.php, and possibly other vectors involving the action variable.
|
|||||
| CVE-2008-1292 | 3 Gentoo, Redhat, Viewvc | 3 Linux, Fedora, Viewvc | 2025-04-09 | 4.3 MEDIUM | N/A |
|
ViewVC before 1.0.5 provides revision metadata without properly checking whether access was intended, which allows remote attackers to obtain sensitive information by reading (1) forbidden pathnames in the revision view, (2) log history that can only be reached by traversing a forbidden object, or (3) forbidden diff view path parameters.
|
|||||
| CVE-2008-1290 | 3 Gentoo, Redhat, Viewvc | 3 Linux, Fedora, Viewvc | 2025-04-09 | 4.3 MEDIUM | N/A |
|
ViewVC before 1.0.5 includes "all-forbidden" files within search results that list CVS or Subversion (SVN) commits, which allows remote attackers to obtain sensitive information.
|
|||||
| CVE-2007-3532 | 2 Gentoo, Nvidia | 2 Linux, Video Driver | 2025-04-09 | 7.2 HIGH | N/A |
|
NVIDIA drivers (nvidia-drivers) before 1.0.7185, 1.0.9639, and 100.14.11, as used in Gentoo Linux and possibly other distributions, creates /dev/nvidia* device files with insecure permissions, which allows local users to modify video card settings, cause a denial of service (crash or physical video card damage), and obtain sensitive information.
|
|||||
| CVE-2008-1291 | 3 Gentoo, Redhat, Viewvc | 3 Linux, Fedora, Viewvc | 2025-04-09 | 4.3 MEDIUM | N/A |
|
ViewVC before 1.0.5 stores sensitive information under the web root with insufficient access control, which allows remote attackers to read files and list folders under the hidden CVSROOT folder.
|
|||||
| CVE-2008-1880 | 2 Firebird, Gentoo | 2 Firebird, Linux | 2025-04-09 | 5.0 MEDIUM | N/A |
|
The default configuration of Firebird before 2.0.3.12981.0-r6 on Gentoo Linux sets the ISC_PASSWORD environment variable before starting Firebird, which allows remote attackers to bypass SYSDBA authentication and obtain sensitive database information via an empty password.
|
|||||
| CVE-2007-3531 | 1 Gentoo | 2 Linux, Nvclock | 2025-04-09 | 6.6 MEDIUM | N/A |
|
The set_default_speeds function in backend/backend.c in NVidia NVClock before 0.8b2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/nvclock temporary file.
|
|||||
| CVE-2008-6756 | 2 Gentoo, Zoneminder | 2 Linux, Zoneminder | 2025-04-09 | 2.1 LOW | N/A |
|
ZoneMinder 1.23.3 on Gentoo Linux uses 0644 permissions for /etc/zm.conf, which allows local users to obtain the database username and password by reading this file.
|
|||||
| CVE-2007-6337 | 2 Clam Anti-virus, Gentoo | 2 Clamav, Linux | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in the bzip2 decompression algorithm in nsis/bzlib_private.h in ClamAV before 0.92 has unknown impact and remote attack vectors.
|
|||||
| CVE-2007-6249 | 1 Gentoo | 2 Linux, Portage | 2025-04-09 | 2.1 LOW | N/A |
|
etc-update in Portage before 2.1.3.11 on Gentoo Linux relies on the umask to set permissions for the merge file, often resulting in permissions weaker than those of the original files, which might allow local users to obtain sensitive information by reading the merge file.
|
|||||
| CVE-2007-4137 | 6 Conectiva, Gentoo, Mandrakesoft and 3 more | 8 Linux, Linux, Mandrake Linux and 5 more | 2025-04-09 | 7.5 HIGH | N/A |
|
Off-by-one error in the QUtf8Decoder::toUnicode function in Trolltech Qt 3 allows context-dependent attackers to cause a denial of service (crash) via a crafted Unicode string that triggers a heap-based buffer overflow. NOTE: Qt 4 has the same error in the QUtf8Codec::convertToUnicode function, but it is not exploitable.
|
|||||
| CVE-2007-1500 | 1 Gentoo | 1 Linux | 2025-04-09 | 4.3 MEDIUM | N/A |
|
The Linux Security Auditing Tool (LSAT) allows local users to overwrite arbitrary files via a symlink attack on temporary files, as demonstrated using /tmp/lsat1.lsat.
|
|||||
| CVE-2007-2173 | 2 Double Precision Incorporated, Gentoo | 2 Courier-imap, Linux | 2025-04-09 | 10.0 HIGH | N/A |
|
Eval injection vulnerability in (1) courier-imapd.indirect and (2) courier-pop3d.indirect in Courier-IMAP before 4.0.6-r2, and 4.1.x before 4.1.2-r1, on Gentoo Linux allows remote attackers to execute arbitrary commands via the XMAILDIR variable, related to the LOGINRUN variable.
|
|||||
| CVE-2004-0333 | 4 Gentoo, Openpkg, Uudeview and 1 more | 4 Linux, Openpkg, Uudeview and 1 more | 2025-04-03 | 10.0 HIGH | N/A |
|
Buffer overflow in the UUDeview package, as used in WinZip 6.2 through WinZip 8.1 SR-1, and possibly other packages, allows remote attackers to execute arbitrary code via a MIME archive with certain long MIME parameters.
|
|||||
| CVE-2006-0071 | 1 Gentoo | 2 App-crypt Pinentry, Linux | 2025-04-03 | 6.6 MEDIUM | N/A |
|
The ebuild for pinentry before 0.7.2-r2 on Gentoo Linux sets setgid bits for pinentry programs, which allows local users to read or overwrite arbitrary files as gid 0.
|
|||||
| CVE-2004-0881 | 3 Gentoo, Getmail, Slackware | 3 Linux, Getmail, Slackware Linux | 2025-04-03 | 2.1 LOW | N/A |
|
getmail 4.x before 4.2.0, and other versions before 3.2.5, when run as root, allows local users to write files in arbitrary directories via a symlink attack on subdirectories in the maildir.
|
|||||
| CVE-2004-1176 | 6 Debian, Gentoo, Midnight Commander and 3 more | 8 Debian Linux, Linux, Midnight Commander and 5 more | 2025-04-03 | 7.5 HIGH | N/A |
|
Buffer underflow in extfs.c in Midnight Commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code.
|
|||||
| CVE-2004-1093 | 6 Debian, Gentoo, Midnight Commander and 3 more | 8 Debian Linux, Linux, Midnight Commander and 5 more | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "use of already freed memory."
|
|||||
| CVE-2004-1471 | 6 Cvs, Freebsd, Gentoo and 3 more | 6 Cvs, Freebsd, Linux and 3 more | 2025-04-03 | 7.1 HIGH | N/A |
|
Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16 allows remote attackers with CVSROOT commit access to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a wrapper line.
|
|||||
| CVE-2006-3005 | 1 Gentoo | 2 Linux, Media-libs Jpeg | 2025-04-03 | 5.0 MEDIUM | N/A |
|
The JPEG library in media-libs/jpeg before 6b-r7 on Gentoo Linux is built without the -maxmem feature, which could allow context-dependent attackers to cause a denial of service (memory exhaustion) via a crafted JPEG file that exceeds the intended memory limits.
|
|||||
| CVE-2004-1901 | 1 Gentoo | 2 Linux, Portage | 2025-04-03 | 4.6 MEDIUM | 5.5 MEDIUM |
|
Portage before 2.0.50-r3 allows local users to overwrite arbitrary files via a hard link attack on the lockfiles.
|
|||||