Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
shadow vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-5390
The standard universe shadow (condor_shadow.std) component in Condor 7.7.3 up to and including 7.7.6, 7.8.0 prior to 7.8.5, and 7.9.0 does no properly check privileges, which allows remote malicious users to gain privileges via a crafted standard universe job.
Condor Project Condor 7.9.0
Condor Project Condor 7.8.4
Condor Project Condor 7.8.3
Condor Project Condor 7.8.1
Condor Project Condor 7.8.0
Condor Project Condor 7.8.2
Condor Project Condor 7.7.3
Condor Project Condor 7.7.6
Condor Project Condor 7.7.5
Condor Project Condor 7.7.4
7.5
CVSSv3
CVE-2021-46381
Local File Inclusion due to path traversal in D-Link DAP-1620 leads to unauthorized internal files reading [/etc/passwd] and [/etc/shadow].
Dlink Dap-1620 Firmware -
NA
CVE-2014-2534
/sbin/pppoectl in BlackBerry QNX Neutrino RTOS 6.4.x and 6.5.x allows local users to obtain sensitive information by reading "bad parameter" lines in error messages, as demonstrated by reading the root password hash in /etc/shadow.
Blackberry Qnx Neutrino Rtos 6.5.0
Blackberry Qnx Neutrino Rtos 6.4.1
1 EDB exploit
NA
CVE-2006-6683
Pedro Lineu Orso chetcpasswd 2.4.1 and previous versions verifies and updates user accounts via custom code that processes /etc/shadow and does not follow the PAM configuration, which might allow remote malicious users to bypass intended restrictions implemented through PAM.
Pedro Lineu Orso Chetcpasswd 2.2.1
Pedro Lineu Orso Chetcpasswd 2.3.1
Pedro Lineu Orso Chetcpasswd 2.3.3
Pedro Lineu Orso Chetcpasswd
Pedro Lineu Orso Chetcpasswd 2.1
Pedro Lineu Orso Chetcpasswd 1.12
NA
CVE-2014-5457
QNAP TS-469U with firmware 4.0.7 Build 20140410, TS-459U, TS-EC1679U-RP, and SS-839 use world-readable permissions for /etc/config/shadow, which allows local users to obtain usernames and hashed passwords by reading the password.
Qnap Ts-469u Firmware 4.0.7
Qnap Ts-469u -
Qnap Ts-ec1679u-rp Firmware 4.0.7
Qnap Ts-ec1679u-rp -
Qnap Ts-459u Firmware 4.0.7
Qnap Ts-459u -
Qnap Ss-839 Firmware 4.0.7
Qnap Ss-839 -
4.3
CVSSv3
CVE-2019-10319
A missing permission check in Jenkins PAM Authentication Plugin 1.5 and previous versions, except 1.4.1 in PamSecurityRealm.DescriptorImpl#doTest allowed users with Overall/Read permission to obtain limited information about the file /etc/shadow and the user Jenkins is running as...
Jenkins Pluggable Authentication Module 1.2
Jenkins Pluggable Authentication Module 1.1
Jenkins Pluggable Authentication Module 1.0
Jenkins Pluggable Authentication Module 1.4
Jenkins Pluggable Authentication Module 1.5
Jenkins Pluggable Authentication Module 1.3
7.5
CVSSv3
CVE-2020-12447
A Local File Inclusion (LFI) issue on Onkyo TX-NR585 1000-0000-000-0008-0000 devices allows remote unauthenticated users on the network to read sensitive files via %2e%2e%2f directory traversal, as demonstrated by reading /etc/shadow.
Onkyo Tx-nr585 Firmware 1000-0000-000-0008-0000
8.8
CVSSv3
CVE-2018-19966
An issue exists in Xen up to and including 4.11.x allowing x86 PV guest OS users to cause a denial of service (host OS crash) or possibly gain host OS privileges because of an interpretation conflict for a union data structure associated with shadow paging. NOTE: this issue exist...
Xen Xen
Debian Debian Linux 9.0
NA
CVE-2010-4303
Cisco Unified Videoconferencing (UVC) System 5110 and 5115, when the Linux operating system is used, uses world-readable permissions for the /etc/shadow file, which allows local users to discover encrypted passwords by reading this file, aka Bug ID CSCti54043.
Cisco Unified Videoconferencing System 5110 Firmware 7.0.1.13.3
Cisco Unified Videoconferencing System 5115 Firmware 7.0.1.13.3
Cisco Unified Videoconferencing System 5110
Cisco Unified Videoconferencing System 5115
5.5
CVSSv3
CVE-2022-25641
Foxit PDF Reader prior to 11.2.2 and PDF Editor prior to 11.2.2, and PhantomPDF prior to 10.1.8, mishandle cross-reference information during compressed-object parsing within signed documents. This leads to delivery of incorrect signature information via an Incremental Saving Att...
Foxit Pdf Editor
Foxit Pdf Reader
Foxit Phantompdf
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »