Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
compound vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2021-47450
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix host stage-2 PGD refcount The KVM page-table library refcounts the pages of concatenated stage-2 PGDs individually. However, when running KVM in protected mode, the host's stage-2 PGD is curr...
NA
CVE-2023-52739
In the Linux kernel, the following vulnerability has been resolved: Fix page corruption caused by racy check in __free_pages When we upgraded our kernel, we started seeing some page corruption like the following consistently: BUG: Bad page state in process ganesha.nfsd pfn:1304ca...
NA
CVE-2024-26640
In the Linux kernel, the following vulnerability has been resolved: tcp: add sanity checks to rx zerocopy TCP rx zerocopy intent is to map pages initially allocated from NIC drivers, not pages owned by a fs. This patch adds to can_map_frag() these additional checks: - Page must n...
NA
CVE-2023-52442
In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate session id and tree id in compound request `smb2_get_msg()` in smb2_get_ksmbd_tcon() and smb2_check_user_session() will always return the first request smb2 header in a compound request. if `SMB2_...
NA
CVE-2022-47943
An issue exists in ksmbd in the Linux kernel 5.15 up to and including 5.19 prior to 5.19.2. There is an out-of-bounds read and OOPS for SMB2_WRITE, when there is a large length in the zero DataOffset case.
Linux Linux Kernel
NA
CVE-2022-47939
An issue exists in ksmbd in the Linux kernel 5.15 up to and including 5.19 prior to 5.19.2. fs/ksmbd/smb2pdu.c has a use-after-free and OOPS for SMB2_TREE_DISCONNECT.
Linux Linux Kernel
4
CVSSv2
CVE-2018-20802
A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries with compound indexes affecting QueryPlanner. This issue affects MongoDB Server v3.6 versions before 3.6.9 and MongoDB Server v4.0 versions before 4.0.3.
Mongodb Mongodb
5
CVSSv2
CVE-2019-20809
The price oracle in PriceOracle.sol in Compound Finance Compound Price Oracle 1.0 up to and including 2.0 allows a price poster to set an invalid asset price via the setPrice function, and consequently violate the intended limits on price swings.
Compound Price Oracle
7.5
CVSSv2
CVE-2020-11656
In SQLite up to and including 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a compound SELECT statement.
Sqlite Sqlite
Netapp Ontap Select Deploy Administration Utility -
Oracle Communications Network Charging And Control 6.0.1
Oracle Communications Network Charging And Control
Oracle Communications Network Charging And Control 12.0.2
Oracle Enterprise Manager Ops Center 12.4.0.0
Oracle Hyperion Infrastructure Technology 11.1.2.4
Oracle Mysql
Oracle Mysql Workbench
Oracle Outside In Technology 8.5.4
Oracle Outside In Technology 8.5.5
Oracle Zfs Storage Appliance Kit 8.8
Oracle Communications Messaging Server 8.1
Siemens Sinec Infrastructure Network Services
Tenable Tenable.sc
4.3
CVSSv2
CVE-2018-5201
Hancom Office 2018 10.0.0.8214 and previous versions, Hancom Office NEO 9.6.1.10472 and previous versions, Hancom Office 2014 9.1.1.4540 and previous versions, Hancom Office 2010 8.5.8.1724 and previous versions versions have a heap overflow vulnerability when handling Compound F...
Hancom Hancom Office 2018
Hancom Hancom Office 2014
Hancom Hancom Office 2010
Hancom Hancom Office Neo
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »