Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cron project cron vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2020-26238
Cron-utils is a Java library to parse, validate, migrate crons as well as get human readable descriptions for them. In cron-utils before version 9.1.3, a template Injection vulnerability is present. This enables malicious users to inject arbitrary Java EL expressions, leading to ...
Cron-utils Project Cron-utils
9.8
CVSSv3
CVE-2021-41269
cron-utils is a Java library to define, parse, validate, migrate crons as well as get human readable descriptions for them. In affected versions A template Injection was identified in cron-utils enabling malicious users to inject arbitrary Java EL expressions, leading to unauthen...
Cron-utils Project Cron-utils
1 Github repository
5.5
CVSSv3
CVE-2019-9705
Vixie Cron before the 3.0pl1-133 Debian package allows local users to cause a denial of service (memory consumption) via a large crontab file because an unlimited number of lines is accepted.
Cron Project Cron
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Fedoraproject Fedora 29
1 Github repository
5.5
CVSSv3
CVE-2019-9704
Vixie Cron before the 3.0pl1-133 Debian package allows local users to cause a denial of service (daemon crash) via a large crontab file because the calloc return value is not checked.
Cron Project Cron
Fedoraproject Fedora 29
Debian Debian Linux 8.0
Debian Debian Linux 9.0
2 Github repositories
7.5
CVSSv3
CVE-2023-43984
Insecure permissions in Smart Soft advancedexport before v4.4.7 allow unauthenticated malicious users to arbitrarily download user information from the ps_customer table.
Advanced Export Products Orders Cron Csv Excel Project Advanced Export Products Orders Cron Csv Excel
NA
CVE-2012-6110
bcron-exec in bcron prior to 0.10 does not close file descriptors associated with temporary files when running a cron job, which allows local users to modify job files and send spam messages by accessing an open file descriptor.
Bcron Project Bcron Exec 0.07
Bcron Project Bcron Exec 0.06
Bcron Project Bcron Exec 0.05
Bcron Project Bcron Exec 0.04
Bcron Project Bcron Exec
Bcron Project Bcron Exec 0.08
NA
CVE-2007-1474
Argument injection vulnerability in the cleanup cron script in Horde Project Horde and IMP before Horde Application Framework 3.1.4 allows local users to delete arbitrary files and possibly gain privileges via multiple space-delimited pathnames.
Horde Horde Application Framework 3.0.4
Horde Horde Application Framework 3.1.3
Horde Imp 2.2.5
Horde Imp 2.2.6
Horde Imp 3.2.1
Horde Imp 3.2.2
Horde Imp 2.0
Horde Imp 2.2
Horde Imp 2.2.7
Horde Imp 2.2.8
Horde Imp 3.2.3
Horde Imp 3.2.4
Horde Horde Application Framework 3.0.0
Horde Imp 2.2.3
Horde Imp 2.2.4
Horde Imp 3.1.2
Horde Imp 3.2
Horde Imp 2.2.1
Horde Imp 2.2.2
Horde Imp 2.3
Horde Imp 3.0
Horde Imp 3.1
1 EDB exploit
4.7
CVSSv3
CVE-2020-8833
Time-of-check Time-of-use Race Condition vulnerability on crash report ownership change in Apport allows for a possible privilege escalation opportunity. If fs.protected_symlinks is disabled, this can be exploited between the os.open and os.chown calls when the Apport cron script...
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 16.04
Apport Project Apport -
5.5
CVSSv3
CVE-2020-5202
apt-cacher-ng up to and including 3.3 allows local users to obtain sensitive information by hijacking the hardcoded TCP port. The /usr/lib/apt-cacher-ng/acngtool program attempts to connect to apt-cacher-ng via TCP on localhost port 3142, even if the explicit SocketPath=/var/run/...
Apt-cacher-ng Project Apt-cacher-ng
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Backports Sle-15
Opensuse Leap 15.1
NA
CVE-2006-1753
A cron job in fcheck prior to 2.7.59 allows local users to overwrite arbitrary files via a symlink attack on a temporary file.
Debian Debian Linux 3.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »