Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
secure linux vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2019-3463
Insufficient sanitization of arguments passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should restrict users to perform only rsync operations, resulting in the execution of arbitrary shell commands.
Pizzashack Rssh 2.3.4
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
7.5
CVSSv2
CVE-2017-12865
Stack-based buffer overflow in "dnsproxy.c" in connman 1.34 and previous versions allows remote malicious users to cause a denial of service (crash) or execute arbitrary code via a crafted response query string passed to the "name" variable.
Intel Connman
Debian Debian Linux 8.0
7.5
CVSSv2
CVE-2015-7871
Crypto-NAK packets in ntpd in NTP 4.2.x prior to 4.2.8p4, and 4.3.x prior to 4.3.77 allows remote malicious users to bypass authentication.
Ntp Ntp 4.2.5
Ntp Ntp
Ntp Ntp 4.2.8
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Netapp Oncommand Balance -
Netapp Oncommand Performance Manager -
Netapp Oncommand Unified Manager -
Netapp Clustered Data Ontap -
Netapp Data Ontap -
7.5
CVSSv2
CVE-2015-6420
Serialized-object interfaces in certain Cisco Collaboration and Social Media; Endpoint Clients and Client Software; Network Application, Service, and Acceleration; Network and Content Security Devices; Network Management and Provisioning; Routing and Switching - Enterprise and Se...
Apache Commons Collections
Apache Commons Collections 4.0
5 Github repositories
7.5
CVSSv2
CVE-2014-6407
Docker prior to 1.3.2 allows remote malicious users to write to arbitrary files and execute arbitrary code via a (1) symlink or (2) hard link attack in an image archive in a (a) pull or (b) load operation.
Docker Docker
Docker Docker 1.3.0
Docker Docker 1.0.0
1 Article
7.5
CVSSv2
CVE-2014-3512
Multiple buffer overflows in crypto/srp/srp_lib.c in the SRP implementation in OpenSSL 1.0.1 prior to 1.0.1i allow remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impact via an invalid SRP (1) g, (2) A, or (3) B parameter...
Openssl Openssl 1.0.1
Openssl Openssl 1.0.0c
Openssl Openssl 1.0.0i
Openssl Openssl 1.0.0
Openssl Openssl 1.0.1h
Openssl Openssl 1.0.0m
Openssl Openssl 1.0.1c
Openssl Openssl 1.0.1g
Openssl Openssl 1.0.0h
Openssl Openssl 1.0.0e
Openssl Openssl 1.0.0f
Openssl Openssl 1.0.0d
Openssl Openssl 1.0.0j
Openssl Openssl 1.0.1a
Openssl Openssl 1.0.1d
Openssl Openssl 1.0.0k
Openssl Openssl 1.0.1b
Openssl Openssl 1.0.1e
Openssl Openssl 1.0.1f
Openssl Openssl 1.0.0l
Openssl Openssl 1.0.0a
Openssl Openssl 1.0.0b
7.5
CVSSv2
CVE-2014-0107
The TransformerFactory in Apache Xalan-Java prior to 2.7.2 does not properly restrict access to certain properties when FEATURE_SECURE_PROCESSING is enabled, which allows remote malicious users to bypass expected restrictions and load arbitrary classes or access external resource...
Apache Xalan-java 2.6.0
Apache Xalan-java
Apache Xalan-java 2.0.1
Apache Xalan-java 2.0.0
Apache Xalan-java 2.5.1
Apache Xalan-java 2.5.0
Apache Xalan-java 2.4.1
Apache Xalan-java 2.1.0
Apache Xalan-java 2.7.0
Apache Xalan-java 2.5.2
Apache Xalan-java 2.2.0
Apache Xalan-java 2.4.0
Apache Xalan-java 1.0.0
Oracle Webcenter Sites 11.1.1.8.0
Oracle Webcenter Sites 7.6.2
7.5
CVSSv2
CVE-2012-4406
OpenStack Object Storage (swift) prior to 1.7.0 uses the loads function in the pickle Python module unsafely when storing and loading metadata in memcached, which allows remote malicious users to execute arbitrary code via a crafted pickle object.
Openstack Swift
Fedoraproject Fedora 16
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux Server 6.0
Redhat Storage 2.0
Redhat Storage For Public Cloud 2.0
Redhat Gluster Storage Server For On-premise 2.0
Redhat Gluster Storage Management Console 2.0
7.5
CVSSv2
CVE-2012-5068
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and previous versions, and 6 Update 35 and previous versions, allows remote malicious users to affect confidentiality, integrity, and availability via unknown vectors related to...
Oracle Jdk
Oracle Jdk 1.7.0
Oracle Jre 1.7.0
Oracle Jre
Sun Jdk 1.6.0
Sun Jre 1.6.0
Sun Jdk 1.6.0.200
Oracle Jre 1.6.0
Oracle Jdk 1.6.0
Sun Jdk 1.6.0.210
7.5
CVSSv2
CVE-2008-5022
The nsXMLHttpRequest::NotifyEventListeners method in Firefox 3.x prior to 3.0.4, Firefox 2.x prior to 2.0.0.18, Thunderbird 2.x prior to 2.0.0.18, and SeaMonkey 1.x prior to 1.1.13 allows remote malicious users to bypass the same-origin policy and execute arbitrary script via mul...
Mozilla Firefox
Mozilla Thunderbird
Mozilla Seamonkey
Debian Debian Linux 4.0
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 8.04
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
CVE-2024-20360
CVE-2021-47559
XXE
CVE-2024-5229
CVE-2021-47543
CVE-2021-47571
SSTI
CVE-2024-4978
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »