Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
debian shadow vulnerabilities and exploits
(subscribe to this query)
187
VMScore
CVE-2001-0195
sash prior to 3.4-4 in Debian GNU/Linux does not properly clone /etc/shadow, which makes it world-readable and could allow local users to gain privileges via password cracking.
Debian Debian Linux 2.2
641
VMScore
CVE-2018-19966
An issue exists in Xen up to and including 4.11.x allowing x86 PV guest OS users to cause a denial of service (host OS crash) or possibly gain host OS privileges because of an interpretation conflict for a union data structure associated with shadow paging. NOTE: this issue exist...
Xen Xen
Debian Debian Linux 9.0
NA
CVE-2022-42332
x86 shadow plus log-dirty mode use-after-free In environments where host assisted address translation is necessary but Hardware Assisted Paging (HAP) is unavailable, Xen will run guests in so called shadow mode. Shadow mode maintains a pool of memory used for both shadow page tab...
Xen Xen
Debian Debian Linux 11.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
668
VMScore
CVE-2015-1256
Use-after-free vulnerability in the SVG implementation in Blink, as used in Google Chrome prior to 43.0.2357.65, allows remote malicious users to cause a denial of service or possibly have unspecified other impact via a crafted document that leverages improper handling of a shado...
Debian Debian Linux 8.0
Google Chrome
187
VMScore
CVE-2017-17087
fileio.c in Vim before 8.0.1263 sets the group ownership of a .swp file to the editor's primary group (which may be different from the group ownership of the original file), which allows local users to obtain sensitive information by leveraging an applicable group membership...
Vim Vim
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
436
VMScore
CVE-2019-17348
An issue exists in Xen up to and including 4.11.x allowing x86 PV guest OS users to cause a denial of service because of an incompatibility between Process Context Identifiers (PCID) and shadow-pagetable switching.
Xen Xen
Debian Debian Linux 9.0
Debian Debian Linux 10.0
NA
CVE-2022-33745
insufficient TLB flush for x86 PV guests in shadow mode For migration as well as to work around kernels unaware of L1TF (see XSA-273), PV guests may be run in shadow paging mode. To address XSA-401, code was moved inside a function in Xen. This code movement missed a variable cha...
Xen Xen
Debian Debian Linux 11.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
NA
CVE-2023-4863
Heap buffer overflow in libwebp in Google Chrome before 116.0.5845.187 and libwebp 1.3.2 allowed a remote malicious user to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)
Google Chrome
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Mozilla Firefox
Mozilla Thunderbird
Mozilla Firefox Esr
Microsoft Edge
Webmproject Libwebp
22 Github repositories
5 Articles
187
VMScore
CVE-2020-36311
An issue exists in the Linux kernel prior to 5.9. arch/x86/kvm/svm/sev.c allows malicious users to cause a denial of service (soft lockup) by triggering destruction of a large SEV VM (which requires unregistering many encrypted regions), aka CID-7be74942f184.
Linux Linux Kernel
Debian Debian Linux 9.0
Debian Debian Linux 10.0
605
VMScore
CVE-2018-20346
SQLite prior to 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allowing remote malicious users to execute arbitrary code by leveraging the ability ...
Sqlite Sqlite
Google Chrome
Redhat Linux 6.0
Debian Debian Linux 8.0
Opensuse Leap 42.3
Opensuse Leap 15.0
1 Github repository
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »