Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
andrey konovalov vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2017-14489
The iscsi_if_rx function in drivers/scsi/scsi_transport_iscsi.c in the Linux kernel up to and including 4.13.2 allows local users to cause a denial of service (panic) by leveraging incorrect length validation.
Linux Linux Kernel
1 EDB exploit
7.8
CVSSv3
CVE-2017-14497
The tpacket_rcv function in net/packet/af_packet.c in the Linux kernel prior to 4.13 mishandles vnet headers, which might allow local users to cause a denial of service (buffer overflow, and disk and memory corruption) or possibly have unspecified other impact via crafted system ...
Linux Linux Kernel
Debian Debian Linux 8.0
Debian Debian Linux 9.0
7.8
CVSSv3
CVE-2017-1000370
The offset2lib patch as used in the Linux Kernel contains a vulnerability that allows a PIE binary to be execve()'ed with 1GB of arguments or environmental strings then the stack occupies the address 0x80000000 and the PIE binary is mapped above 0x40000000 nullifying the pro...
Linux Linux Kernel
2 EDB exploits
8.8
CVSSv3
CVE-2017-12134
The xen_biovec_phys_mergeable function in drivers/xen/biomerge.c in Xen might allow local OS guest users to corrupt block device data streams and consequently obtain sensitive memory information, cause a denial of service, or gain host OS privileges by leveraging incorrect block ...
Xen Xen
Citrix Xenserver 7.0
Citrix Xenserver 6.5
Citrix Xenserver 7.1
Citrix Xenserver 6.2.0
Citrix Xenserver 7.2
Citrix Xenserver 6.0.2
5.5
CVSSv3
CVE-2017-14156
The atyfb_ioctl function in drivers/video/fbdev/aty/atyfb_base.c in the Linux kernel up to and including 4.12.10 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory by reading locations associated with pa...
Linux Linux Kernel
4.4
CVSSv3
CVE-2017-5551
The simple_set_acl function in fs/posix_acl.c in the Linux kernel prior to 4.9.6 preserves the setgid bit during a setxattr call involving a tmpfs filesystem, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on ex...
Linux Linux Kernel
9.8
CVSSv3
CVE-2017-5897
The ip6gre_err function in net/ipv6/ip6_gre.c in the Linux kernel allows remote malicious users to have unspecified impact via vectors involving GRE flags in an IPv6 packet, which trigger an out-of-bounds access.
Linux Linux Kernel
Canonical Ubuntu Linux 14.04
Debian Debian Linux 8.0
3.3
CVSSv3
CVE-2017-17807
The KEYS subsystem in the Linux kernel prior to 4.14.6 omitted an access-control check when adding a key to the current task's "default request-key keyring" via the request_key() system call, allowing a local user to use a sequence of crafted system calls to add ke...
Linux Linux Kernel
7.8
CVSSv3
CVE-2017-1000371
The offset2lib patch as used by the Linux Kernel contains a vulnerability, if RLIMIT_STACK is set to RLIM_INFINITY and 1 Gigabyte of memory is allocated (the maximum under the 1/4 restriction) then the stack will be grown down to 0x80000000, and as the PIE binary is mapped above ...
Linux Linux Kernel
2 EDB exploits
4.4
CVSSv3
CVE-2017-12153
A security flaw exists in the nl80211_set_rekey_data() function in net/wireless/nl80211.c in the Linux kernel up to and including 4.13.3. This function does not check whether the required attributes are present in a Netlink request. This request can be issued by a user with the C...
Linux Linux Kernel
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »