Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
roman fiedler vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-1331
lxclock.c in LXC 1.1.2 and previous versions allows local users to create arbitrary files via a symlink attack on /run/lock/lxc/*.
Linuxcontainers Lxc
NA
CVE-2015-1334
attach.c in LXC 1.1.2 and previous versions uses the proc filesystem in a container, which allows local container users to escape AppArmor or SELinux confinement by mounting a proc filesystem with a crafted (1) AppArmor profile or (2) SELinux label.
Linuxcontainers Lxc
NA
CVE-2015-1335
lxc-start in lxc prior to 1.0.8 and 1.1.x prior to 1.1.4 allows local container administrators to escape AppArmor confinement via a symlink attack on a (1) mount target or (2) bind mount source.
Linuxcontainers Lxc
Linuxcontainers Lxc 1.1.1
Linuxcontainers Lxc 1.1.3
Linuxcontainers Lxc 1.1.2
Linuxcontainers Lxc 1.1.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
9.1
CVSSv3
CVE-2016-8649
lxc-attach in LXC prior to 1.0.9 and 2.x prior to 2.0.6 allows an attacker inside of an unprivileged container to use an inherited file descriptor, of the host's /proc, to access the rest of the host's filesystem via the openat() family of syscalls.
Linuxcontainers Lxc
7
CVSSv3
CVE-2021-26910
Firejail prior to 0.9.64.4 allows malicious users to bypass intended access restrictions because there is a TOCTOU race condition between a stat operation and an OverlayFS mount operation.
Firejail Project Firejail
Debian Debian Linux 9.0
Debian Debian Linux 10.0
3 Github repositories
9.8
CVSSv3
CVE-2021-31535
LookupCol.c in X.Org X through X11R7.7 and libX11 prior to 1.7.1 might allow remote malicious users to execute arbitrary code. The libX11 XLookupColor request (intended for server-side color lookup) contains a flaw allowing a client to send color-name requests with a name longer ...
X.org X Window System
X.org Libx11
Fedoraproject Fedora 33
6 Github repositories
7.8
CVSSv3
CVE-2022-30788
A crafted NTFS image can cause a heap-based buffer overflow in ntfs_mft_rec_alloc in NTFS-3G up to and including 2021.8.22.
Tuxera Ntfs-3g
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
7.8
CVSSv3
CVE-2022-30789
A crafted NTFS image can cause a heap-based buffer overflow in ntfs_check_log_client_array in NTFS-3G up to and including 2021.8.22.
Tuxera Ntfs-3g
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
6.7
CVSSv3
CVE-2022-30783
An invalid return code in fuse_kern_mount enables intercepting of libfuse-lite protocol traffic between NTFS-3G and the kernel in NTFS-3G up to and including 2021.8.22 when using libfuse-lite.
Tuxera Ntfs-3g
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
7.8
CVSSv3
CVE-2022-30784
A crafted NTFS image can cause heap exhaustion in ntfs_get_attribute_value in NTFS-3G up to and including 2021.8.22.
Tuxera Ntfs-3g
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-0044
client side
CVE-2021-47601
deserialization
CVE-2024-34994
encryption
CVE-2021-47609
CVE-2024-37079
CVE-2024-38608
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »