Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

zx2c4 vulnerabilities and exploits

(subscribe to this query)
7.5
CVSSv3
CVE-2020-28086
pass up to and including 1.7.3 has a possibility of using a password for an unintended resource. For exploitation to occur, the user must do a git pull, decrypt a password, and log into a remote service with the password. If an attacker controls the central Git server or one of t...
Zx2c4 Password-store
NA
CVE-2012-0056
The mem_write function in the Linux kernel prior to 3.2.2, when ASLR is disabled, does not properly check permissions when writing to /proc/<pid>/mem, which allows local users to gain privileges by modifying process memory, as demonstrated by Mempodipper.
Linux Linux Kernel
NA
CVE-2012-3483
Race condition in the runScript function in Tunnelblick 3.3beta20 and previous versions allows local users to gain privileges by replacing a script file.
Google Tunnelblick
NA
CVE-2008-5736
Multiple unspecified vulnerabilities in FreeBSD 6 prior to 6.4-STABLE, 6.3 prior to 6.3-RELEASE-p7, 6.4 prior to 6.4-RELEASE-p1, 7.0 prior to 7.0-RELEASE-p7, 7.1 prior to 7.1-RC2, and 7 prior to 7.1-PRERELEASE allow local users to gain privileges via unknown attack vectors relate...
Freebsd Freebsd 6.0Freebsd Freebsd 6.3Freebsd Freebsd 7.0Freebsd Freebsd 7.1Freebsd Freebsd 6.4
10
CVSSv3
CVE-2015-8556
Local privilege escalation vulnerability in the Gentoo QEMU package prior to 2.5.0-r1.
Qemu Qemu
NA
CVE-2010-4165
The do_tcp_setsockopt function in net/ipv4/tcp.c in the Linux kernel prior to 2.6.37-rc2 does not properly restrict TCP_MAXSEG (aka MSS) values, which allows local users to cause a denial of service (OOPS) via a setsockopt call that specifies a small value, leading to a divide-by...
Linux Linux Kernel 2.6.37Linux Linux KernelSuse Linux Enterprise Desktop 11Suse Linux Enterprise Server 11Opensuse Opensuse 11.2Opensuse Opensuse 11.3Suse Linux Enterprise Real Time Extension 11
NA
CVE-2012-3485
Tunnelblick 3.3beta20 and previous versions relies on argv[0] to determine the name of an appropriate (1) kernel module pathname or (2) executable file pathname, which allows local users to gain privileges via an execl system call.
Google Tunnelblick
9.8
CVSSv3
CVE-2012-4284
A Privilege Escalation vulnerability exists in Viscosity 1.4.1 on Mac OS X due to a path name validation issue in the setuid-set ViscosityHelper binary, which could let a remote malicious user execute arbitrary code
Sparklabs Viscosity 1.4.1
NA
CVE-2011-1485
Race condition in the pkexec utility and polkitd daemon in PolicyKit (aka polkit) 0.96 allows local users to gain privileges by executing a setuid program from pkexec, related to the use of the effective user ID instead of the real user ID.
Redhat Policykit 0.96
NA
CVE-2010-3856
ld.so in the GNU C Library (aka glibc or libc6) prior to 2.11.3, and 2.12.x prior to 2.12.2, does not properly restrict use of the LD_AUDIT environment variable to reference dynamic shared objects (DSOs) as audit objects, which allows local users to gain privileges by leveraging ...
Gnu Glibc 2.2.2Gnu Glibc 2.9Gnu Glibc 2.7Gnu Glibc 2.1.2Gnu Glibc 2.11Gnu Glibc 2.0.5Gnu Glibc 2.2.5Gnu Glibc 2.0.6Gnu Glibc 2.10.1Gnu Glibc 1.00Gnu Glibc 1.06Gnu Glibc 2.1.1Gnu Glibc 1.02Gnu Glibc 2.0.3Gnu Glibc 1.07Gnu Glibc 2.3.1Gnu Glibc 2.3Gnu Glibc 2.12.0Gnu Glibc 2.0Gnu Glibc 2.1.1.6Gnu Glibc 1.04Gnu Glibc 1.01
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversalCVE-2024-26978CVE-2024-26982wirelessCVE-2023-6949CVE-2024-26980CVE-2024-32766CVE-2024-26939cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook