Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bcoles vulnerabilities and exploits
(subscribe to this query)
7
CVSSv3
CVE-2017-5899
Directory traversal vulnerability in the setuid root helper binary in S-nail (later S-mailx) prior to 14.8.16 allows local users to write to arbitrary files and consequently gain root privileges via a .. (dot dot) in the randstr argument.
S-nail Project S-nail
1 EDB exploit
7
CVSSv3
CVE-2018-18955
In the Linux kernel 4.15.x up to and including 4.19.x prior to 4.19.2, map_write() in kernel/user_namespace.c allows privilege escalation because it mishandles nested user namespaces with more than 5 UID or GID ranges. A user who has CAP_SYS_ADMIN in an affected user namespace ca...
Linux Linux Kernel
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 18.04
5 EDB exploits
6 Github repositories
7.8
CVSSv3
CVE-2017-4915
VMware Workstation Pro/Player contains an insecure library loading vulnerability via ALSA sound driver configuration files. Successful exploitation of this issue may allow unprivileged host users to escalate their privileges to root in a Linux host machine.
Vmware Workstation Player 12.0.0
Vmware Workstation Pro 12.0.0
2 EDB exploits
8.8
CVSSv3
CVE-2019-12181
A privilege escalation vulnerability exists in SolarWinds Serv-U prior to 15.1.7 for Linux.
Solarwinds Serv-u Mft Server
Solarwinds Serv-u Ftp Server
3 EDB exploits
2 Github repositories
7.8
CVSSv3
CVE-2019-13272
In the Linux kernel prior to 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process rela...
Linux Linux Kernel
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 29
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 16.04
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux For Real Time 8
Netapp Aff A700s Firmware -
Netapp H410c Firmware -
Netapp H610s Firmware -
Netapp Steelstore Cloud Integrated Storage -
Netapp Service Processor -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp E-series Performance Analyzer -
Netapp Hci Compute Node -
Netapp E-series Santricity Os Controller
3 EDB exploits
17 Github repositories
7.5
CVSSv3
CVE-2016-2055
xymond/xymond.c in xymond in Xymon 4.1.x, 4.2.x, and 4.3.x prior to 4.3.25 allow remote malicious users to read arbitrary files in the configuration directory via a "config" command.
Xymon Xymon 4.3.9
Xymon Xymon 4.3.8
Xymon Xymon 4.3.23
Xymon Xymon 4.3.22
Xymon Xymon 4.3.17
Xymon Xymon 4.3.16
Xymon Xymon 4.3.0
Xymon Xymon 4.2.2
Xymon Xymon 4.2.0
Xymon Xymon 4.1.1
Xymon Xymon 4.1.0
Xymon Xymon 4.3.5
Xymon Xymon 4.3.4
Xymon Xymon 4.3.2
Xymon Xymon 4.3.19
Xymon Xymon 4.3.13
Xymon Xymon 4.3.12
Xymon Xymon 4.2.3
Xymon Xymon 4.2
Xymon Xymon 4.1.2
Xymon Xymon 4.3.3
Xymon Xymon 4.3.24
1 Metasploit module
9.8
CVSSv3
CVE-2018-15708
Snoopy 1.0 in Nagios XI 5.5.6 allows remote unauthenticated malicious users to execute arbitrary commands via a crafted HTTP request.
Nagios Nagios Xi 5.5.6
2 EDB exploits
2 Metasploit modules
1 Github repository
7.8
CVSSv3
CVE-2018-15710
Nagios XI 5.5.6 allows local authenticated malicious users to escalate privileges to root via Autodiscover_new.php.
Nagios Nagios Xi 5.5.6
2 EDB exploits
2 Metasploit modules
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started