Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
network block device project network block device vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-3094
Malicious code exists in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific fun...
Tukaani Xz 5.6.1
Tukaani Xz 5.6.0
80 Github repositories
6 Articles
668
VMScore
CVE-2022-26496
In nbd-server in nbd prior to 3.24, there is a stack-based buffer overflow. An attacker can cause a buffer overflow in the parsing of the name field by sending a crafted NBD_OPT_INFO or NBD_OPT_GO message with an large value as the length of the name.
Network Block Device Project Network Block Device
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
668
VMScore
CVE-2022-26495
In nbd-server in nbd prior to 3.24, there is an integer overflow with a resultant heap-based buffer overflow. A value of 0xffffffff in the name length field will cause a zero-sized buffer to be allocated for the name, resulting in a write to a dangling pointer. This issue exists ...
Network Block Device Project Network Block Device
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
632
VMScore
CVE-2021-40116
Multiple Cisco products are affected by a vulnerability in Snort rules that could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition on an affected device.The vulnerability is due to improper handling of the Block with Reset or Interactiv...
Cisco Firepower Threat Defense
Cisco Firepower Management Center 3.1.0.1
Snort Snort
356
VMScore
CVE-2015-5745
Buffer overflow in the send_control_msg function in hw/char/virtio-serial-bus.c in QEMU prior to 2.4.0 allows guest users to cause a denial of service (QEMU process crash) via a crafted virtio control message.
Qemu Qemu
Fedoraproject Fedora 21
Fedoraproject Fedora 22
Fedoraproject Fedora 23
Arista Eos 4.12
Arista Eos 4.13
Arista Eos 4.14
Arista Eos 4.15
819
VMScore
CVE-2019-14287
In Sudo prior to 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER=...
Sudo Project Sudo
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.0
Opensuse Leap 15.1
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 14.04
Netapp Element Software Management Node -
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux Server Aus 7.2
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server Tus 7.2
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Aus 6.6
60 Github repositories
1 Article
210
VMScore
CVE-2017-5715
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
Intel Atom C C2308
Intel Atom C C2316
Intel Atom C C2338
Intel Atom C C2350
Intel Atom C C2358
Intel Atom C C2508
Intel Atom C C2516
Intel Atom C C2518
Intel Atom C C2530
Intel Atom C C2538
Intel Atom C C2550
Intel Atom C C2558
Intel Atom C C2718
Intel Atom C C2730
Intel Atom C C2738
Intel Atom C C2750
Intel Atom C C2758
Intel Atom C C3308
Intel Atom C C3338
Intel Atom C C3508
Intel Atom C C3538
Intel Atom C C3558
1 EDB exploit
49 Github repositories
9 Articles
488
VMScore
CVE-2017-5753
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
Intel Atom C C2308
Intel Atom C C2316
Intel Atom C C2338
Intel Atom C C2350
Intel Atom C C2358
Intel Atom C C2508
Intel Atom C C2516
Intel Atom C C2518
Intel Atom C C2530
Intel Atom C C2538
Intel Atom C C2550
Intel Atom C C2558
Intel Atom C C2718
Intel Atom C C2730
Intel Atom C C2738
Intel Atom C C2750
Intel Atom C C2758
Intel Atom C C3308
Intel Atom C C3338
Intel Atom C C3508
Intel Atom C C3538
Intel Atom C C3558
1 EDB exploit
42 Github repositories
9 Articles
430
VMScore
CVE-2017-5754
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache.
Intel Pentium N N3700
Intel Pentium N N3710
Intel Celeron N N3000
Intel Celeron N N3010
Intel Celeron N N3050
Intel Celeron N N2930
Intel Celeron N N2920
Intel Celeron N N2808
Intel Celeron N N2807
Intel Celeron J J3060
Intel Celeron J J1900
Intel Atom X3 C3295rk
Intel Atom X3 C3235rk
Intel Atom Z Z3775d
Intel Atom Z Z3775
Intel Atom Z Z3736f
Intel Atom Z Z3735g
Intel Atom Z Z3560
Intel Atom Z Z3530
Intel Atom Z Z2480
Intel Atom Z Z2460
Intel Atom C C3308
41 Github repositories
8 Articles
696
VMScore
CVE-2017-1000367
Todd Miller's sudo version 1.8.20 and previous versions is vulnerable to an input validation (embedded spaces) in the get_process_ttyname() function resulting in information disclosure and command execution.
Sudo Project Sudo
1 EDB exploit
4 Github repositories
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »