Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

microsoft windows subsystem for linux - vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2024-20681
Windows Subsystem for Linux Elevation of Privilege Vulnerability
Microsoft Windows Server 2022 -Microsoft Windows 11 21h2Microsoft Windows 11 22h2Microsoft Windows 10 21h2Microsoft Windows 10 22h2Microsoft Windows 11 23h2Microsoft Windows Server 2022 23h2 -
NA
CVE-2023-38545
This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that host name can be is 255 byte...
Haxx LibcurlFedoraproject Fedora 37Netapp Oncommand Workflow Automation -Netapp Oncommand Insight -Netapp Active Iq Unified Manager -Microsoft Windows 10 22h2Microsoft Windows 11 21h2Microsoft Windows 11 22h2Microsoft Windows 11 23h2Microsoft Windows 10 1809Microsoft Windows Server 2019Microsoft Windows Server 2022Microsoft Windows 10 21h2
NA
CVE-2023-44487
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Ietf Http 2.0Nghttp2 Nghttp2Netty NettyEnvoyproxy Envoy 1.27.0Envoyproxy Envoy 1.26.4Envoyproxy Envoy 1.25.9Envoyproxy Envoy 1.24.10Eclipse JettyCaddyserver CaddyGolang Http2Golang GoGolang NetworkingF5 Big-ip AnalyticsF5 Big-ip Policy Enforcement ManagerF5 Big-ip Local Traffic ManagerF5 Big-ip Link ControllerF5 Big-ip Global Traffic ManagerF5 Big-ip Fraud Protection ServiceF5 Big-ip Domain Name SystemF5 Big-ip Application Security ManagerF5 Big-ip Application Acceleration ManagerF5 Big-ip Advanced Firewall Manager
NA
CVE-2023-20569
A side channel vulnerability on some of the AMD CPUs may allow an malicious user to influence the return address prediction. This may result in speculative execution at an attacker-controlled?address, potentially leading to information disclosure.
Fedoraproject Fedora 37Fedoraproject Fedora 38Debian Debian Linux 10.0Debian Debian Linux 11.0Debian Debian Linux 12.0Amd Ryzen 9 5950x FirmwareAmd Ryzen 9 5900x FirmwareAmd Ryzen 9 5900 FirmwareAmd Ryzen 9 Pro 5945 FirmwareAmd Ryzen 7 5800x3d FirmwareAmd Ryzen 7 5800x FirmwareAmd Ryzen 7 5800 FirmwareAmd Ryzen 7 5700x FirmwareAmd Ryzen 7 Pro 5845 FirmwareAmd Ryzen 5 5600x3d FirmwareAmd Ryzen 5 5600x FirmwareAmd Ryzen 5 5600 FirmwareAmd Ryzen 5 Pro 5645 FirmwareAmd Ryzen 7 5700 FirmwareAmd Ryzen 5 5500 FirmwareAmd Ryzen 3 5100 FirmwareAmd Ryzen 7 5700g Firmware
NA
CVE-2023-20588
A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality.
Debian Debian Linux 10.0Debian Debian Linux 11.0Debian Debian Linux 12.0Amd Epyc 7351p Firmware -Amd Epyc 7401p Firmware -Amd Epyc 7551p Firmware -Amd Epyc 7251 Firmware -Amd Epyc 7261 Firmware -Amd Epyc 7281 Firmware -Amd Epyc 7301 Firmware -Amd Epyc 7351 Firmware -Amd Epyc 7371 Firmware -Amd Epyc 7401 Firmware -Amd Epyc 7451 Firmware -Amd Epyc 7501 Firmware -Amd Epyc 7551 Firmware -Amd Epyc 7571 Firmware -Amd Epyc 7601 Firmware -Amd Ryzen 5 Pro 3400g Firmware -Amd Ryzen 5 3400g Firmware -Amd Ryzen 5 Pro 3400ge Firmware -Amd Ryzen 5 Pro 3350g Firmware -
NA
CVE-2022-44689
Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability
Microsoft Windows Server 2019 -Microsoft Windows 10 1809Microsoft Windows 10 20h2Microsoft Windows 10 21h1Microsoft Windows Server 2022 -Microsoft Windows 11 -Microsoft Windows 10 21h2Microsoft Windows 11 22h2Microsoft Windows 10 22h2Microsoft Windows Subsystem For Linux -
NA
CVE-2022-38014
Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability
Microsoft Azure Iot Edge For Linux -Microsoft Windows Subsystem For Linux -
NA
CVE-2022-35737
SQLite 1.0.12 up to and including 3.39.x prior to 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API.
Sqlite SqliteNetapp Ontap Select Deploy Administration Utility -Splunk Universal Forwarder 9.1.0Splunk Universal Forwarder
1.9
CVSSv2
CVE-2022-23960
Certain Arm Cortex and Neoverse processors through 2022-03-08 do not properly restrict cache speculation, aka Spectre-BHB. An attacker can leverage the shared branch history in the Branch History Buffer (BHB) to influence mispredicted branches. Then, cache allocation can allow th...
Xen Xen -Arm Cortex-r7 Firmware -Arm Cortex-r8 Firmware -Arm Cortex-a57 Firmware -Arm Cortex-a65 Firmware -Arm Cortex-a65ae Firmware -Arm Cortex-a710 Firmware -Arm Cortex-a72 Firmware -Arm Cortex-a73 Firmware -Arm Cortex-a75 Firmware -Arm Cortex-a76 Firmware -Arm Cortex-a76ae Firmware -Arm Cortex-a77 Firmware -Arm Cortex-a78 Firmware -Arm Cortex-a78ae Firmware -Arm Cortex-x1 Firmware -Arm Cortex-x2 Firmware -Arm Neoverse-e1 Firmware -Arm Neoverse-v1 Firmware -Arm Neoverse N1 Firmware -Arm Neoverse N2 Firmware -Debian Debian Linux 9.0
10
CVSSv2
CVE-2021-43907
Visual Studio Code WSL Extension Remote Code Execution Vulnerability
Microsoft Windows Subsystem For Linux
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710arbitrary CVE-2024-5272CVE-2024-2961brute forceremoteCVE-2024-32944CVE-2024-36241CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook