Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
andrey konovalov vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2017-17450
net/netfilter/xt_osf.c in the Linux kernel up to and including 4.14.4 does not require the CAP_NET_ADMIN capability for add_callback and remove_callback operations, which allows local users to bypass intended access restrictions because the xt_osf_fingers data structure is shared...
Linux Linux Kernel
7.8
CVSSv3
CVE-2016-4805
Use-after-free vulnerability in drivers/net/ppp/ppp_generic.c in the Linux kernel prior to 4.5.2 allows local users to cause a denial of service (memory corruption and system crash, or spinlock) or possibly have unspecified other impact by removing a network namespace, related to...
Novell Suse Linux Enterprise Desktop 12.0
Novell Suse Linux Enterprise Workstation Extension 12.0
Novell Suse Linux Enterprise Module For Public Cloud 12.0
Novell Suse Linux Enterprise Server 11.0
Novell Opensuse Leap 42.1
Novell Suse Linux Enterprise Software Development Kit 11.0
Redhat Enterprise Linux 6.0
Canonical Ubuntu Linux 12.04
Linux Linux Kernel
Novell Suse Linux Enterprise Software Development Kit 12.0
Novell Suse Linux Enterprise Server 12.0
Redhat Enterprise Linux 7.0
Oracle Linux 6
Novell Suse Linux Enterprise Real Time Extension 11.0
Novell Suse Linux Enterprise Real Time Extension 12.0
Novell Suse Linux Enterprise Live Patching 12.0
7.8
CVSSv3
CVE-2017-6345
The LLC subsystem in the Linux kernel prior to 4.9.13 does not ensure that a certain destructor exists in required circumstances, which allows local users to cause a denial of service (BUG_ON) or possibly have unspecified other impact via crafted system calls.
Linux Linux Kernel
1 Github repository
5.5
CVSSv3
CVE-2017-6348
The hashbin_delete function in net/irda/irqueue.c in the Linux kernel prior to 4.9.13 improperly manages lock dropping, which allows local users to cause a denial of service (deadlock) via crafted operations on IrDA devices.
Linux Linux Kernel
4.6
CVSSv3
CVE-2016-3951
Double free vulnerability in drivers/net/usb/cdc_ncm.c in the Linux kernel prior to 4.5 allows physically proximate malicious users to cause a denial of service (system crash) or possibly have unspecified other impact by inserting a USB device with an invalid USB descriptor.
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Novell Suse Linux Enterprise Desktop 12
Novell Suse Linux Enterprise Module For Public Cloud 12
Novell Suse Linux Enterprise Real Time Extension 12
Novell Suse Linux Enterprise Software Development Kit 12.0
Novell Suse Linux Enterprise Workstation Extension 12.0
Novell Suse Linux Enterprise Server 12.0
Novell Suse Linux Enterprise Live Patching 12.0
Suse Suse Linux Enterprise Software Development Kit 12.0
Linux Linux Kernel 4.5.0
7
CVSSv3
CVE-2017-6346
Race condition in net/packet/af_packet.c in the Linux kernel prior to 4.9.13 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a multithreaded application that makes PACKET_FANOUT setsockopt system calls.
Linux Linux Kernel
5.5
CVSSv3
CVE-2017-6353
net/sctp/socket.c in the Linux kernel up to and including 4.10.1 does not properly restrict association peel-off operations during certain wait states, which allows local users to cause a denial of service (invalid unlock and double free) via a multithreaded application. NOTE: th...
Linux Linux Kernel
1 Github repository
5.5
CVSSv3
CVE-2016-4569
The snd_timer_user_params function in sound/core/timer.c in the Linux kernel up to and including 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface.
Linux Linux Kernel
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Novell Suse Linux Enterprise Module For Public Cloud 12.0
Novell Suse Linux Enterprise Server 11.0
Novell Suse Linux Enterprise Server 12.0
Novell Suse Linux Enterprise Live Patching 12.0
Novell Suse Linux Enterprise Desktop 12.0
Novell Suse Linux Enterprise Real Time Extension 12.0
Novell Suse Linux Enterprise Workstation Extension 12.0
Novell Suse Linux Enterprise Debuginfo 11.0
Novell Suse Linux Enterprise Software Development Kit 11.0
Novell Suse Linux Enterprise Software Development Kit 12.0
7.5
CVSSv3
CVE-2016-4580
The x25_negotiate_facilities function in net/x25/x25_facilities.c in the Linux kernel prior to 4.5.5 does not properly initialize a certain data structure, which allows malicious users to obtain sensitive information from kernel stack memory via an X.25 Call Request.
Linux Linux Kernel
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
7
CVSSv3
CVE-2017-2636
Race condition in drivers/tty/n_hdlc.c in the Linux kernel up to and including 4.10.1 allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline.
Linux Linux Kernel
Debian Debian Linux 8.0
3 Github repositories
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »