Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
secure access control system vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2021-3564
A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. A local user could use this flaw to crash the system. This flaw affects all the Linux kernel versions starting from 3....
Linux Linux Kernel
Fedoraproject Fedora 34
Debian Debian Linux 9.0
5.5
CVSSv3
CVE-2021-29650
An issue exists in the Linux kernel prior to 5.11.11. The netfilter subsystem allows malicious users to cause a denial of service (panic) because net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h lack a full memory barrier upon the assignment of a new table value, a...
Linux Linux Kernel
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Debian Debian Linux 9.0
1 Github repository
5.5
CVSSv3
CVE-2020-8694
Insufficient access control in the Linux kernel driver for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Intel Core I7-8510y Firmware -
Intel Core I7-8500y Firmware -
Intel Core I5-8310y Firmware -
Intel Core I5-8210y Firmware -
Intel Core I5-8200y Firmware -
Intel Core M3-8100y Firmware -
Intel Core I7-7500u Firmware -
Intel Core I7-7510u Firmware -
Intel Core I7-7600u Firmware -
Intel Core I5-7200u Firmware -
Intel Core I5-7210u Firmware -
Intel Core I5-7300u Firmware -
Intel Core I5-7500u Firmware -
Intel Core I3-7007u Firmware -
Intel Core I3-7100u Firmware -
Intel Core I3-7110u Firmware -
Intel Core I3-7130u Firmware -
Intel Pentium 4415u Firmware -
Intel Celeron 3865u Firmware -
Intel Celeron 3965u Firmware -
Intel Core I7-7560u Firmware -
Intel Core I7-7567u Firmware -
1 Github repository
1 Article
5.4
CVSSv3
CVE-2020-26147
An issue exists in the Linux kernel 5.8.9. The WEP, WPA, WPA2, and WPA3 implementations reassemble fragments even though some of them were sent in plaintext. This vulnerability can be abused to inject packets and/or exfiltrate selected fragments when another device sends fragment...
Linux Linux Kernel
Debian Debian Linux 9.0
Arista C-75 Firmware -
Arista O-90 Firmware -
Arista C-65 Firmware -
Arista W-68 Firmware -
Siemens Scalance W700 Ieee 802.11n Firmware
Siemens Scalance W1700 Ieee 802.11ac Firmware
5.4
CVSSv3
CVE-2017-6769
A vulnerability in the web-based management interface of the Cisco Secure Access Control System (ACS) could allow an authenticated, remote malicious user to conduct a stored cross-site scripting (XSS) attack against a user of the web interface of the affected system. More Informa...
Cisco Secure Access Control System 5.8\\(0.8\\)
Cisco Secure Access Control System 5.8\\(1.5\\)
5.3
CVSSv3
CVE-2023-20246
Multiple Cisco products are affected by a vulnerability in Snort access control policies that could allow an unauthenticated, remote malicious user to bypass the configured policies on an affected system. This vulnerability is due to a logic error that occurs when the access cont...
Snort Snort
Cisco Ios Xe
Cisco Firepower Threat Defense
5.3
CVSSv3
CVE-2023-0465
Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. Invalid certificate policies in leaf certificates are silently ignored by OpenSSL and other certificate policy checks are skippe...
Openssl Openssl
5.3
CVSSv3
CVE-2023-0466
The function X509_VERIFY_PARAM_add0_policy() is documented to implicitly enable the certificate policy check when doing certificate verification. However the implementation of the function does not enable the check which allows certificates with invalid or incorrect policies to p...
Openssl Openssl
5.3
CVSSv3
CVE-2022-46392
An issue exists in Mbed TLS prior to 2.28.2 and 3.x prior to 3.3.0. An adversary with access to precise enough information about memory accesses (typically, an untrusted operating system attacking a secure enclave) can recover an RSA private key after observing the victim perform...
Arm Mbed Tls
Fedoraproject Fedora 36
Fedoraproject Fedora 37
5.3
CVSSv3
CVE-2022-2097
AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of...
Openssl Openssl
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Active Iq Unified Manager -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
Siemens Sinec Ins 1.0
Siemens Sinec Ins
Debian Debian Linux 10.0
Debian Debian Linux 11.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »