Vulnerabilities > Gentoo > High

DATE CVE VULNERABILITY TITLE RISK
2017-09-15 CVE-2017-14484 Improper Privilege Management vulnerability in Gentoo Sci-Mathematics-Gimps 28.10
The Gentoo sci-mathematics/gimps package before 28.10-r1 for Great Internet Mersenne Prime Search (GIMPS) allows local users to gain privileges by creating a hard link under /var/lib/gimps, because an unsafe "chown -R" command is executed.
local
low complexity
gentoo CWE-269
7.3
2017-06-27 CVE-2004-2778 Permissions, Privileges, and Access Controls vulnerability in Gentoo Portage
Ebuild in Gentoo may change directory and file permissions depending on the order of installed packages, which allows local users to read or write to restricted directories or execute restricted commands via navigating to the affected directories, or executing the affected commands.
local
low complexity
gentoo CWE-264
7.1