Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
centos vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-28085
wall in util-linux up to and including 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are n...
1 Github repository
1 Article
NA
CVE-2022-44877
login/index.php in CWP (aka Control Web Panel or CentOS Web Panel) 7 prior to 0.9.8.1147 allows remote malicious users to execute arbitrary OS commands via shell metacharacters in the login parameter.
Control-webpanel Webpanel
5 Github repositories
NA
CVE-2021-45466
In CWP (aka Control Web Panel or CentOS Web Panel) prior to 0.9.8.1107, attackers can make a crafted request to api/?api=add_server&DHCP= to add an authorized_keys text file in the /resources/ folder.
Control-webpanel Webpanel
NA
CVE-2021-45467
In CWP (aka Control Web Panel or CentOS Web Panel) prior to 0.9.8.1107, an unauthenticated attacker can use %00 bytes to cause /user/loader.php to register an arbitrary API key, as demonstrated by a /user/loader.php?api=1&scripts= .%00./.%00./api/account_new_create&acc=gu...
Control-webpanel Webpanel
NA
CVE-2022-41352
An issue exists in Zimbra Collaboration (ZCS) 8.8.15 and 9.0. An attacker can upload arbitrary files through amavis via a cpio loophole (extraction to /opt/zimbra/jetty/webapps/zimbra/public) that can lead to incorrect access to any other user accounts. Zimbra recommends pax over...
Zimbra Collaboration 9.0.0
Zimbra Collaboration 8.8.15
1 Metasploit module
4 Github repositories
1 Article
NA
CVE-2021-4218
A flaw was found in the Linux kernel’s implementation of reading the SVC RDMA counters. Reading the counter sysctl panics the system. This flaw allows a local attacker with local access to cause a denial of service while the system reboots. The issue is specific to CentOS/R...
Linux Linux Kernel -
3.6
CVSSv2
CVE-2021-20315
A locking protection bypass flaw was found in some versions of gnome-shell as shipped within CentOS Stream 8, when the "Application menu" or "Window list" GNOME extensions are enabled. This flaw allows a physical attacker who has access to a locked system to k...
Gnome Gnome-shell
Centos Stream 8
7.2
CVSSv2
CVE-2021-4034
A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle ...
Polkit Project Polkit
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux For Scientific Computing 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux For Power Little Endian 7.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux For Power Big Endian 7.0
Redhat Enterprise Linux For Ibm Z Systems 7.0
Redhat Enterprise Linux Server Aus 7.3
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Server Aus 7.7
Redhat Enterprise Linux Server Tus 7.7
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux Server Update Services For Sap Solutions 8.2
277 Github repositories
1 Article
6
CVSSv2
CVE-2021-43816
containerd is an open source container runtime. On installations using SELinux, such as EL8 (CentOS, RHEL), Fedora, or SUSE MicroOS, with containerd since v1.5.0-beta.0 as the backing container runtime interface (CRI), an unprivileged pod scheduled to the node may bind mount, via...
Linuxfoundation Containerd 1.5.0
Linuxfoundation Containerd
Fedoraproject Fedora 34
Fedoraproject Fedora 35
7.5
CVSSv2
CVE-2021-34423
A buffer overflow vulnerability exists in Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.8.4, Zoom Client for Meetings for Blackberry (for Android and iOS) before version 5.8.1, Zoom Client for Meetings for intune (for Android and iOS) bef...
Zoom Meetings
Zoom Meetings For Blackberry
Zoom Meetings For Intune
Zoom Meetings For Chrome Os
Zoom Rooms For Conference Rooms
Zoom Controllers For Zoom Rooms
Zoom Virtual Desktop Infrastructure
Zoom Windows Meeting Sdk
Zoom Macos Meeting Sdk
Zoom Iphone Os Meeting Sdk
Zoom Android Meeting Sdk
Zoom Windows Video Sdk
Zoom Iphone Os Video Sdk
Zoom Macos Video Sdk
Zoom Android Video Sdk
Zoom Hybrid Mmr
Zoom Hybrid Zproxy
Zoom Zoom On-premise Meeting Connector Controller
Zoom Zoom On-premise Virtual Room Connector
Zoom Zoom On-premise Recording Connector
Zoom Zoom On-premise Virtual Room Connector Load Balancer
Zoom Zoom On-premise Meeting Connector Mmr
2 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675
CVE-2024-3400
CVE-2024-23557
mass assignment
CVE-2023-1389
local file inclusion
CVE-2024-32596
file upload
CVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »