Gentoo Linux Security Advisories

GLSA 200502-05 (normal) - Newspost: Buffer overflow vulnerability
A buffer overflow can be exploited to crash Newspost remotely and potentially execute arbitrary code.
GLSA 200502-04 (normal) - Squid: Multiple vulnerabilities
Squid contains vulnerabilities in the code handling WCCP, HTTP and LDAP which could lead to Denial of Service, access control bypass, web cache and log poisoning.
GLSA 200502-03 (normal) - enscript: Multiple vulnerabilities
enscript suffers from vulnerabilities and design flaws, potentially resulting in the execution of arbitrary code.
GLSA 200502-02 (normal) - UW IMAP: CRAM-MD5 authentication bypass
UW IMAP contains a vulnerability in the code handling CRAM-MD5 authentication allowing authentication bypass.
GLSA 200502-01 (normal) - FireHOL: Insecure temporary file creation
FireHOL is vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files.
GLSA 200501-46 (normal) - ClamAV: Multiple issues
ClamAV contains two vulnerabilities that could lead to Denial of Service and evasion of virus scanning.
GLSA 200501-45 (low) - Gallery: Cross-site scripting vulnerability
Gallery is vulnerable to cross-site scripting attacks.
GLSA 200501-44 (normal) - ncpfs: Multiple vulnerabilities
The ncpfs utilities contain multiple flaws, potentially resulting in the remote execution of arbitrary code or local file access with elevated privileges.
GLSA 200501-43 (normal) - f2c: Insecure temporary file creation
f2c is vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files.
GLSA 200501-42 (normal) - VDR: Arbitrary file overwriting issue
VDR insecurely accesses files with elevated privileges, which may result in the overwriting of arbitrary files.
GLSA 200501-41 (high) - TikiWiki: Arbitrary command execution
A bug in TikiWiki allows certain users to upload and execute malicious PHP scripts.
GLSA 200501-40 (high) - ngIRCd: Buffer overflow
ngIRCd is vulnerable to a buffer overflow that can be used to crash the daemon and possibly execute arbitrary code.
GLSA 200501-39 (high) - SquirrelMail: Multiple vulnerabilities
SquirrelMail fails to properly sanitize user input, which could lead to arbitrary code execution and compromise webmail accounts.
GLSA 200501-38 (normal) - Perl: rmtree and DBI tmpfile vulnerabilities
The Perl DBI library and File::Path::rmtree function are vulnerable to symlink attacks.
GLSA 200501-37 (normal) - GraphicsMagick: PSD decoding heap overflow
GraphicsMagick is vulnerable to a heap overflow when decoding Photoshop Document (PSD) files, which could lead to arbitrary code execution.
GLSA 200501-36 (high) - AWStats: Remote code execution
AWStats fails to validate certain input, which could lead to the remote execution of arbitrary code or to the leak of information.
GLSA 200501-35 (high) - Evolution: Integer overflow in camel-lock-helper
An overflow in the camel-lock-helper application can be exploited by an attacker to execute arbitrary code with elevated privileges.
GLSA 200501-34 (normal) - Konversation: Various vulnerabilities
Konversation contains multiple vulnerabilities that could lead to remote command execution or information leaks.
GLSA 200501-33 (normal) - MySQL: Insecure temporary file creation
MySQL is vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files.
GLSA 200501-32 (normal) - KPdf, KOffice: Stack overflow in included Xpdf code
KPdf and KOffice both include vulnerable Xpdf code to handle PDF files, making them vulnerable to the execution of arbitrary code.

« Previous 1 ... 136 137 138 139 140 ... 155 Next »

Also available in: Atom

Thank you!