Where
-Infinity
0

Trending

Last week
Last month
Last year

Vendor Risk Score

See how gentoo compares to other vendors in security performance

View Risk Score →

xmlrpc-c bundles a (very old and) vulnerable copy of libexpat

First published (updated )
https://seclists.org/oss-sec/2025/q2/33

BleepingComputerOver 660,000 Rsync servers exposed to code execution attacks

Exploited
First published (updated )
News
BleepingComputer

redhat Enterprise LinuxRsync: --safe-links option bypass leads to path traversal

Risk 65
Severity
7.5
Exploited
First published (updated )
CVE-2024-12088

AlmaLinux AlmalinuxRsync: path traversal vulnerability in rsync

Risk 65
Severity
7.5
Exploited
First published (updated )
CVE-2024-12087

redhat Enterprise LinuxRsync: rsync server leaks arbitrary client files

Risk 65
Severity
6.8
Exploited
First published (updated )
CVE-2024-12086
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

redhat Enterprise Linux Server For Power Little Endian Update Services For Sap SolutionsRsync: info leak via uninitialized stack contents

Risk 65
Severity
7.5
Exploited
First published (updated )
CVE-2024-12085

Samba rsyncrsync security updates

Risk 99
Severity
9.8
Exploited
First published (updated )
CVE-2024-12084

Gentoo ebuild for Slurmpkg_postinst in the Gentoo ebuild for Slurm through 22.05.3 unnecessarily calls chown to assign root…

Risk 86
Severity
9.8
First published (updated )
CVE-2020-36770

pip/portageIn Gentoo Portage before 3.0.47, there is missing PGP validation of executed code: the standalone em…

Risk 89
Severity
9.8
First published (updated )
CVE-2016-20021

Fortinet FortiSIEMOpenSSH Terrapin attack (CVE-2023-48795)

Risk 37
Severity
6
First published (updated )
CVE-2023-48795
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Gentoo SokoSoko SQL Injection vulnerability

Risk 86
Severity
9.8
First published (updated )
CVE-2023-28424

Gentoo SokoGentoo soko contains DoS attack based on SQL Injection

Risk 66
Severity
9.1
First published (updated )
CVE-2023-26033

debian/usbviewUSBView 2.1 before 2.2 allows some local users (e.g., ones logged in via SSH) to execute arbitrary c…

Risk 69
Severity
7.8
First published (updated )
CVE-2022-23220

Gentoo portageRace Condition

Risk 32
Severity
5.5
First published (updated )
CVE-2019-20384

Burp Project BurpThe Gentoo app-backup/burp package before 2.1.32 has incorrect group ownership of the /etc/burp dire…

Risk 52
Severity
7.1
First published (updated )
CVE-2017-18285
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Burp Project BurpThe Gentoo app-backup/burp package before 2.1.32 sets the ownership of the PID file directory to the…

Risk 52
Severity
7.1
First published (updated )
CVE-2017-18284

jabberd2 jabberd2The Gentoo net-im/jabberd2 package through 2.6.1 sets the ownership of /var/run/jabber to the jabber…

Risk 32
Severity
5.5
First published (updated )
CVE-2017-18226

jabberd2 jabberd2The Gentoo net-im/jabberd2 package through 2.6.1 installs jabberd, jabberd2-c2s, jabberd2-router, ja…

Risk 69
Severity
7.8
First published (updated )
CVE-2017-18225

MariaDB MariaDBThe installation scripts in the Gentoo dev-db/mysql, dev-db/mariadb, dev-db/percona-server, dev-db/m…

Risk 69
Severity
7.8
First published (updated )
CVE-2017-15945

Elasticsearch LogstashThe init script in the Gentoo app-admin/logstash-bin package before 5.5.3 and 5.6.x before 5.6.1 has…

Risk 69
Severity
7.8
First published (updated )
CVE-2017-14730
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Gentoo Sci-mathematics-gimpsThe Gentoo sci-mathematics/gimps package before 28.10-r1 for Great Internet Mersenne Prime Search (G…

Risk 64
Severity
7.3
First published (updated )
CVE-2017-14484

Gentoo Dev-python-flowerRace Condition

Risk 32
Severity
5.5
First published (updated )
CVE-2017-14483

Gentoo portageEbuild in Gentoo may change directory and file permissions depending on the order of installed packa…

Risk 52
Severity
7.1
First published (updated )
CVE-2004-2778

debian/xdg-utilsCommand Injection

Risk 47
Severity
6.8
First published (updated )
CVE-2014-9622

Gentoo portageThe urlopen function in pym/portage/util/_urlopen.py in Gentoo Portage 2.1.12, when using HTTPS, doe…

Risk 82
Severity
9.3
First published (updated )
CVE-2013-2100
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

transmissionbt TransmissionInteger Overflow

Risk 48
Severity
6.8
First published (updated )
CVE-2014-4909

Gentoo NullmailerThe Gentoo Nullmailer package before 1.11-r2 uses world-readable permissions for /etc/nullmailer/rem…

Risk 26
Severity
5
First published (updated )
CVE-2013-4223

MediaWiki MediaWikiXSS

Risk 22
Severity
4.3
First published (updated )
CVE-2013-2031

MediaWikiMediaWiki before 1.19.6 and 1.20.x before 1.20.5 does not allow extensions to prevent password chang…

Risk 26
Severity
5
First published (updated )
CVE-2013-2032

aircrack-ng Aircrack-ngBuffer Overflow

Risk 47
Severity
6.8
First published (updated )
CVE-2010-1159
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203