Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
patch vulnerabilities and exploits
(subscribe to this query)
5.8
CVSSv2
CVE-2010-4651
Directory traversal vulnerability in util.c in GNU patch 2.6.1 and previous versions allows user-assisted remote malicious users to create or overwrite arbitrary files via a filename that is specified with a .. (dot dot) or full pathname, a related issue to CVE-2010-1679.
Gnu Gnu Patch
Gnu Gnu Patch 2.6
Gnu Gnu Patch 2.5
Gnu Gnu Patch 2.5.9
Gnu Gnu Patch 2.5.4
7.2
CVSSv2
CVE-2007-0257
Unspecified vulnerability in the expand_stack function in grsecurity PaX allows local users to gain privileges via unspecified vectors. NOTE: the grsecurity developer has disputed this issue, stating that "the function they claim the vulnerability to be in is a trivial funct...
Grsecurity Grsecurity Kernel Patch 2.0.1
Grsecurity Grsecurity Kernel Patch 2.1.5
Grsecurity Grsecurity Kernel Patch 2.1.1
Grsecurity Grsecurity Kernel Patch 2.1.7
Grsecurity Grsecurity Kernel Patch 2.1.8
Grsecurity Grsecurity Kernel Patch 2.1.2
Grsecurity Grsecurity Kernel Patch 1.9.4
Grsecurity Grsecurity Kernel Patch 2.1.4
Grsecurity Grsecurity Kernel Patch 2.1.3
Grsecurity Grsecurity Kernel Patch 2.1.0
Grsecurity Grsecurity Kernel Patch 2.0.2
Grsecurity Grsecurity Kernel Patch 2.1.6
1 EDB exploit
7.2
CVSSv2
CVE-2006-0228
The RBAC functionality in grsecurity prior to 2.1.8 does not properly handle when the admin role creates a service and then exits the shell without unauthenticating, which causes the service to be restarted with the admin role still active.
Grsecurity Grsecurity Kernel Patch 2.1.1
Grsecurity Grsecurity Kernel Patch 2.1.2
Grsecurity Grsecurity Kernel Patch 2.0.1
Grsecurity Grsecurity Kernel Patch 2.0.2
Grsecurity Grsecurity Kernel Patch 2.1.0
Grsecurity Grsecurity Kernel Patch 2.1.7
Grsecurity Grsecurity Kernel Patch 2.1.3
Grsecurity Grsecurity Kernel Patch 2.1.4
Grsecurity Grsecurity Kernel Patch 2.1.5
Grsecurity Grsecurity Kernel Patch 2.1.6
7.5
CVSSv2
CVE-2004-1942
The Solaris 9 patches 113579-02 through 113579-05, and 114342-02 through 114342-05, prevent ypserv and ypxfrd from properly restricting access to secure NIS maps, which allows local users to use ypcat or ypmatch to extract the contents of a secure map such as passwd.adjunct.bynam...
Sun Patch Manager 113579-04
Sun Patch Manager 113579-05
Sun Patch Manager 113579-02
Sun Patch Manager 113579-03
Sun Patch Manager 114342-02
Sun Patch Manager 114342-03
Sun Patch Manager 114342-04
Sun Patch Manager 114342-05
4.6
CVSSv2
CVE-2008-1940
The RBAC functionality in grsecurity prior to 2.1.11-2.6.24.5 and 2.1.11-2.4.36.2 does not enforce user_transition_deny and user_transition_allow rules for the (1) sys_setfsuid and (2) sys_setfsgid calls, which allows local users to bypass restrictions for those calls.
Grsecurity Grsecurity Kernel Patch 2.6.24.4
Grsecurity Grsecurity Kernel Patch 2.4.33
Grsecurity Grsecurity Kernel Patch 2.4.33.2
Grsecurity Grsecurity Kernel Patch 2.4.33.3
Grsecurity Grsecurity Kernel Patch 2.4.33.4
Grsecurity Grsecurity Kernel Patch 2.4.34
Grsecurity Grsecurity Kernel Patch 2.6.18
5
CVSSv2
CVE-2020-8268
Prototype pollution vulnerability in json8-merge-patch npm package < 1.0.3 may allow malicious users to inject or modify methods and properties of the global object constructor.
Json8-merge-patch Project Json8-merge-patch
7.5
CVSSv2
CVE-2021-41833
Zoho ManageEngine Patch Connect Plus prior to 90099 is vulnerable to unauthenticated remote code execution.
Zohocorp Manageengine Patch Connect Plus
Zohocorp Manageengine Patch Connect Plus 9.0.0
4.3
CVSSv2
CVE-2019-20633
GNU patch up to and including 2.7.6 contains a free(p_line[p_end]) Double Free vulnerability in the function another_hunk in pch.c that can cause a denial of service via a crafted patch file. NOTE: this issue exists because of an incomplete fix for CVE-2018-6952.
Gnu Patch
1 Github repository
4.3
CVSSv2
CVE-2016-10713
An issue exists in GNU patch prior to 2.7.6. Out-of-bounds access within pch_write_line() in pch.c can possibly lead to DoS via a crafted input file.
Gnu Patch
5
CVSSv2
CVE-2018-6952
A double free exists in the another_hunk function in pch.c in GNU patch up to and including 2.7.6.
Gnu Patch
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028
CVE-2024-32406
CVE-2024-25624
IMAP
CVE-2024-2310
CVE-2024-0874
CVE-2024-20359
XXE
remote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »