Search Results (199 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-1292 3 Gentoo, Redhat, Viewvc 3 Linux, Fedora, Viewvc 2026-04-23 N/A
ViewVC before 1.0.5 provides revision metadata without properly checking whether access was intended, which allows remote attackers to obtain sensitive information by reading (1) forbidden pathnames in the revision view, (2) log history that can only be reached by traversing a forbidden object, or (3) forbidden diff view path parameters.
CVE-2008-4394 1 Gentoo 1 Portage 2026-04-23 N/A
Multiple untrusted search path vulnerabilities in Portage before 2.1.4.5 include the current working directory in the Python search path, which allows local users to execute arbitrary code via a modified Python module that is loaded by the (1) ys-apps/portage, (2) net-mail/fetchmail, (3) app-editors/leo ebuilds, and other ebuilds.
CVE-2007-4137 6 Conectiva, Gentoo, Mandrakesoft and 3 more 8 Linux, Linux, Mandrake Linux and 5 more 2026-04-23 N/A
Off-by-one error in the QUtf8Decoder::toUnicode function in Trolltech Qt 3 allows context-dependent attackers to cause a denial of service (crash) via a crafted Unicode string that triggers a heap-based buffer overflow. NOTE: Qt 4 has the same error in the QUtf8Codec::convertToUnicode function, but it is not exploitable.
CVE-2007-0476 1 Gentoo 1 Linux 2026-04-23 N/A
The gencert.sh script, when installing OpenLDAP before 2.1.30-r10, 2.2.x before 2.2.28-r7, and 2.3.x before 2.3.30-r2 as an ebuild in Gentoo Linux, does not create temporary directories in /tmp securely during emerge, which allows local users to overwrite arbitrary files via a symlink attack.
CVE-2007-6337 2 Clam Anti-virus, Gentoo 2 Clamav, Linux 2026-04-23 N/A
Unspecified vulnerability in the bzip2 decompression algorithm in nsis/bzlib_private.h in ClamAV before 0.92 has unknown impact and remote attack vectors.
CVE-2008-1291 3 Gentoo, Redhat, Viewvc 3 Linux, Fedora, Viewvc 2026-04-23 N/A
ViewVC before 1.0.5 stores sensitive information under the web root with insufficient access control, which allows remote attackers to read files and list folders under the hidden CVSROOT folder.
CVE-2007-2173 2 Double Precision Incorporated, Gentoo 2 Courier-imap, Linux 2026-04-23 N/A
Eval injection vulnerability in (1) courier-imapd.indirect and (2) courier-pop3d.indirect in Courier-IMAP before 4.0.6-r2, and 4.1.x before 4.1.2-r1, on Gentoo Linux allows remote attackers to execute arbitrary commands via the XMAILDIR variable, related to the LOGINRUN variable.
CVE-2007-3531 1 Gentoo 2 Linux, Nvclock 2026-04-23 N/A
The set_default_speeds function in backend/backend.c in NVidia NVClock before 0.8b2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/nvclock temporary file.
CVE-2008-0386 2 Gentoo, Mandrakesoft 2 Xdg-utils, Mandrake Linux 2026-04-23 N/A
Xdg-utils 1.0.2 and earlier allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a URL argument to (1) xdg-open or (2) xdg-email.
CVE-2008-1383 1 Gentoo 1 Linux 2026-04-23 N/A
The docert function in ssl-cert.eclass, when used by src_compile or src_install on Gentoo Linux, stores the SSL key in a binpkg, which allows local users to extract the key from the binpkg, and causes multiple systems that use this binpkg to have the same SSL key and certificate.
CVE-2007-1500 1 Gentoo 1 Linux 2026-04-23 N/A
The Linux Security Auditing Tool (LSAT) allows local users to overwrite arbitrary files via a symlink attack on temporary files, as demonstrated using /tmp/lsat1.lsat.
CVE-2007-2026 2 Amavis, Gentoo 2 Virus Scanner, File 2026-04-23 N/A
The gnu regular expression code in file 4.20 allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted document with a large number of line feed characters, which is not well handled by OS/2 REXX regular expressions that use wildcards, as originally reported for AMaViS.
CVE-2008-1290 3 Gentoo, Redhat, Viewvc 3 Linux, Fedora, Viewvc 2026-04-23 N/A
ViewVC before 1.0.5 includes "all-forbidden" files within search results that list CVS or Subversion (SVN) commits, which allows remote attackers to obtain sensitive information.
CVE-2008-1880 2 Firebird, Gentoo 2 Firebird, Linux 2026-04-23 N/A
The default configuration of Firebird before 2.0.3.12981.0-r6 on Gentoo Linux sets the ISC_PASSWORD environment variable before starting Firebird, which allows remote attackers to bypass SYSDBA authentication and obtain sensitive database information via an empty password.
CVE-2004-0947 4 Arj Software Inc., Gentoo, Redhat and 1 more 4 Unarj, Linux, Enterprise Linux and 1 more 2026-04-16 N/A
Buffer overflow in unarj before 2.63a-r2 allows remote attackers to execute arbitrary code via an arj archive that contains long filenames.
CVE-2004-0937 11 Archive Zip, Broadcom, Ca and 8 more 23 Archive Zip, Brightstor Arcserve Backup, Etrust Antivirus and 20 more 2026-04-16 N/A
Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
CVE-2004-0414 6 Cvs, Gentoo, Openbsd and 3 more 6 Cvs, Linux, Openbsd and 3 more 2026-04-16 N/A
CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed "Entry" lines, which prevents a NULL terminator from being used and may lead to a denial of service (crash), modification of critical program data, or arbitrary code execution.
CVE-2004-0936 11 Archive Zip, Broadcom, Ca and 8 more 23 Archive Zip, Brightstor Arcserve Backup, Etrust Antivirus and 20 more 2026-04-16 N/A
RAV antivirus allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
CVE-2004-0935 11 Archive Zip, Broadcom, Ca and 8 more 23 Archive Zip, Brightstor Arcserve Backup, Etrust Antivirus and 20 more 2026-04-16 N/A
Eset Anti-Virus before 1.020 (16th September 2004) allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
CVE-2005-4595 1 Gentoo 2 Nview, Xnview 2026-04-16 N/A
Untrusted search path vulnerability (RPATH) in XnView 1.70 and NView 4.51 on Gentoo Linux allows local users to execute arbitrary code via a malicious library in the current working directory.