CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2020-36770 – Gentoo Linux Security Advisory 202409-16
https://notcve.org/view.php?id=CVE-2020-36770
15 Jan 2024 — pkg_postinst in the Gentoo ebuild for Slurm through 22.05.3 unnecessarily calls chown to assign root's ownership on files in the live root filesystem. This could be exploited by the slurm user to become the owner of root-owned files. pkg_postinst en Gentoo ebuild para Slurm hasta 22.05.3 llama innecesariamente a chown para asignar la propiedad de root a los archivos en el sistema de archivos root activo. Esto podría ser aprovechado por el usuario de slurm para convertirse en propietario de los archivos de p... • https://bugs.gentoo.org/631552 •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2016-20021 – Gentoo Linux Security Advisory 202409-01
https://notcve.org/view.php?id=CVE-2016-20021
12 Jan 2024 — In Gentoo Portage before 3.0.47, there is missing PGP validation of executed code: the standalone emerge-webrsync downloads a .gpgsig file but does not perform signature verification. Unless emerge-webrsync is used, Portage is not vulnerable. En Gentoo Portage anterior a 3.0.47, falta la validación PGP del código ejecutado: el emerge-webrsync independiente descarga un archivo .gpgsig pero no realiza la verificación de firma. A vulnerability has been discovered in Portage, where PGP signatures would not be v... • https://bugs.gentoo.org/597800 • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 5.9EPSS: 78%CPEs: 79EXPL: 3CVE-2023-48795 – ssh: Prefix truncation attack on Binary Packet Protocol (BPP)
https://notcve.org/view.php?id=CVE-2023-48795
18 Dec 2023 — The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phas... • https://packetstorm.news/files/id/176280 • CWE-222: Truncation of Security-relevant Information CWE-354: Improper Validation of Integrity Check Value •
CVSS: 10.0EPSS: 4%CPEs: 1EXPL: 0CVE-2023-28424 – Soko SQL Injection vulnerability
https://notcve.org/view.php?id=CVE-2023-28424
20 Mar 2023 — Soko if the code that powers packages.gentoo.org. Prior to version 1.0.2, the two package search handlers, `Search` and `SearchFeed`, implemented in `pkg/app/handler/packages/search.go`, are affected by a SQL injection via the `q` parameter. As a result, unauthenticated attackers can execute arbitrary SQL queries on `https://packages.gentoo.org/`. It was also demonstrated that primitive was enough to gain code execution in the context of the PostgreSQL container. The issue was addressed in commit `4fa6e4b61... • https://github.com/gentoo/soko/security/advisories/GHSA-gc2x-86p3-mxg2 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-26033 – Gentoo soko contains DoS attack based on SQL Injection
https://notcve.org/view.php?id=CVE-2023-26033
24 Feb 2023 — Gentoo soko is the code that powers packages.gentoo.org. Versions prior to 1.0.1 are vulnerable to SQL Injection, leading to a Denial of Service. If the user selects (in user preferences) the "Recently Visited Packages" view for the index page, the value of the `search_history` cookie is used as a base64 encoded comma separated list of atoms. These are string loaded directly into the SQL query with `atom = '%s'` format string. As a result, any user can modify the browser's cookie value and inject most SQL q... • https://github.com/gentoo/soko/security/advisories/GHSA-gp8g-jfq9-5q2g • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2022-23220 – Gentoo Linux Security Advisory 202310-15
https://notcve.org/view.php?id=CVE-2022-23220
21 Jan 2022 — USBView 2.1 before 2.2 allows some local users (e.g., ones logged in via SSH) to execute arbitrary code as root because certain Polkit settings (e.g., allow_any=yes) for pkexec disable the authentication requirement. Code execution can, for example, use the --gtk-module option. This affects Ubuntu, Debian, and Gentoo. USBView versiones 2.1 anteriores a 2.2, permite a algunos usuarios locales (por ejemplo, los que son conectados por SSH) ejecutar código arbitrario como root porque determinadas configuracione... • http://www.openwall.com/lists/oss-security/2022/01/22/1 • CWE-306: Missing Authentication for Critical Function •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 2CVE-2019-20384
https://notcve.org/view.php?id=CVE-2019-20384
20 Jan 2020 — Gentoo Portage through 2.3.84 allows local users to place a Trojan horse plugin in the /usr/lib64/nagios/plugins directory by leveraging access to the nagios user account, because this directory is writable in between a call to emake and a call to fowners. Gentoo Portage versiones hasta 2.3.84, permite a usuarios locales colocar un complemento de tipo caballo de Troya en el directorio /usr/lib64/nagios/plugins al aprovechar el acceso a la cuenta de usuario nagios, porque este directorio es escribible entre ... • http://www.openwall.com/lists/oss-security/2020/01/21/1 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2017-18284 – Gentoo Linux Security Advisory 201806-03
https://notcve.org/view.php?id=CVE-2017-18284
04 Jun 2018 — The Gentoo app-backup/burp package before 2.1.32 sets the ownership of the PID file directory to the burp account, which might allow local users to kill arbitrary processes by leveraging access to this account for PID file modification before a root script sends a SIGKILL. El paquete app-backup/burp de Gentoo, en versiones anteriores a la 2.1.32, establece la propiedad del directorio de archivos PID en la cuenta burp, lo que podría permitir que usuarios locales finalicen procesos arbitrarios aprovechando el... • https://bugs.gentoo.org/628770 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2017-18285 – Gentoo Linux Security Advisory 201904-05
https://notcve.org/view.php?id=CVE-2017-18285
04 Jun 2018 — The Gentoo app-backup/burp package before 2.1.32 has incorrect group ownership of the /etc/burp directory, which might allow local users to obtain read and write access to arbitrary files by leveraging access to a certain account for a burp-server.conf change. El paquete app-backup/burp de Gentoo, en versiones anteriores a la 2.1.32, tiene la propiedad incorrecta del directorio /etc/burp, que podría permitir que usuarios locales obtengan acceso de lectura y escritura a archivos arbitrarios aprovechando el a... • https://bugs.gentoo.org/641842 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-18225 – Gentoo Linux Security Advisory 201803-07
https://notcve.org/view.php?id=CVE-2017-18225
12 Mar 2018 — The Gentoo net-im/jabberd2 package through 2.6.1 installs jabberd, jabberd2-c2s, jabberd2-router, jabberd2-s2s, and jabberd2-sm in /usr/bin owned by the jabber account, which might allow local users to gain privileges by leveraging access to this account and then waiting for root to execute one of these programs. El paquete net-im/jabberd2 de Gentoo, hasta la versión 2.6.1, instala jabberd, jabberd2-c2s, jabberd2-router, jabberd2-s2s y jabberd2-sm en /usr/bin, propiedad de la cuenta jabber. Esto podría perm... • https://bugs.gentoo.org/629412 • CWE-732: Incorrect Permission Assignment for Critical Resource •