Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
man vulnerabilities and exploits
(subscribe to this query)
465
VMScore
CVE-2003-0124
man prior to 1.5l allows malicious users to execute arbitrary code via a malformed man file with improper quotes, which causes the my_xsprintf function to return a string with the value "unsafe," which is then executed as a program via a system call if it is in the sear...
Andries Brouwer Man 1.5h1
Andries Brouwer Man 1.5i
Andries Brouwer Man 1.5i2
Andries Brouwer Man 1.5j
Andries Brouwer Man 1.5k
1 EDB exploit
465
VMScore
CVE-2003-0620
Multiple buffer overflows in man-db 2.4.1 and previous versions, when installed setuid, allow local users to gain privileges via (1) MANDATORY_MANPATH, MANPATH_MAP, and MANDB_MAP arguments to add_to_dirlist in manp.c, (2) a long pathname to ult_src in ult_src.c, (3) a long .so ar...
Andries Brouwer Man 2.4
Andries Brouwer Man 2.4.1
Andries Brouwer Man 2.3.18
Andries Brouwer Man 2.3.19
Andries Brouwer Man 2.3.20
1 EDB exploit
725
VMScore
CVE-2015-1336
The daily mandb cleanup job in Man-db prior to 2.7.6.1-1 as packaged in Ubuntu and Debian allows local users with access to the man account to gain privileges via vectors involving insecure chown use.
Man-db Project Man-db
1 EDB exploit
NA
CVE-2018-25078
man-db prior to 2.8.5 on Gentoo allows local users (with access to the man user account) to gain root privileges because /usr/bin/mandb is executed by root but not owned by root. (Also, the owner can strip the setuid and setgid bits.)
Man-db Project Man-db
445
VMScore
CVE-2018-14429
man-cgi prior to 1.16 allows Local File Inclusion via absolute path traversal, as demonstrated by a cgi-bin/man-cgi?/etc/passwd URI.
Man-cgi Project Man-cgi
383
VMScore
CVE-2018-17046
translate man prior to 2018-08-21 has XSS via containers/outputBox/outputBox.vue and store/index.js.
Translate Man Project Translate Man
NA
CVE-2022-46021
X-Man 1.0 has a SQL injection vulnerability, which can cause data leakage.
X-man Project X-man 1.0
465
VMScore
CVE-2003-0645
man-db 2.3.12 and 2.3.18 to 2.4.1 uses certain user-controlled DEFINE directives from the ~/.manpath file, even when running setuid, which could allow local users to gain privileges.
Andries Brouwer Man 2.3.20
Andries Brouwer Man 2.4.1
1 EDB exploit
NA
CVE-2023-46134
D-Tale is the combination of a Flask back-end and a React front-end to view & analyze Pandas data structures. Prior to version 3.7.0, users hosting D-Tale publicly can be vulnerable to remote code execution, allowing malicious users to run malicious code on the server. This i...
Man D-tale
NA
CVE-2024-21642
D-Tale is a visualizer for Pandas data structures. Users hosting versions D-Tale before 3.9.0 publicly can be vulnerable to server-side request forgery (SSRF), allowing malicious users to access files on the server. Users should upgrade to version 3.9.0, where the `Load From the ...
Man D-tale
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3400
CVE-2023-7252
CVE-2024-21111
denial of service
CVE-2024-29661
CVE-2024-22856
remote attackers
encryption
CVE-2023-38299
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »