Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
debian shadow - vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2001-0195
sash prior to 3.4-4 in Debian GNU/Linux does not properly clone /etc/shadow, which makes it world-readable and could allow local users to gain privileges via password cracking.
Debian Debian Linux 2.2
7.2
CVSSv2
CVE-2018-19966
An issue exists in Xen up to and including 4.11.x allowing x86 PV guest OS users to cause a denial of service (host OS crash) or possibly gain host OS privileges because of an interpretation conflict for a union data structure associated with shadow paging. NOTE: this issue exist...
Xen Xen
Debian Debian Linux 9.0
NA
CVE-2022-42332
x86 shadow plus log-dirty mode use-after-free In environments where host assisted address translation is necessary but Hardware Assisted Paging (HAP) is unavailable, Xen will run guests in so called shadow mode. Shadow mode maintains a pool of memory used for both shadow page tab...
Xen Xen
Debian Debian Linux 11.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
7.5
CVSSv2
CVE-2015-1256
Use-after-free vulnerability in the SVG implementation in Blink, as used in Google Chrome prior to 43.0.2357.65, allows remote malicious users to cause a denial of service or possibly have unspecified other impact via a crafted document that leverages improper handling of a shado...
Debian Debian Linux 8.0
Google Chrome
2.1
CVSSv2
CVE-2017-17087
fileio.c in Vim before 8.0.1263 sets the group ownership of a .swp file to the editor's primary group (which may be different from the group ownership of the original file), which allows local users to obtain sensitive information by leveraging an applicable group membership...
Vim Vim
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
4.9
CVSSv2
CVE-2019-17348
An issue exists in Xen up to and including 4.11.x allowing x86 PV guest OS users to cause a denial of service because of an incompatibility between Process Context Identifiers (PCID) and shadow-pagetable switching.
Xen Xen
Debian Debian Linux 9.0
Debian Debian Linux 10.0
NA
CVE-2022-33745
insufficient TLB flush for x86 PV guests in shadow mode For migration as well as to work around kernels unaware of L1TF (see XSA-273), PV guests may be run in shadow paging mode. To address XSA-401, code was moved inside a function in Xen. This code movement missed a variable cha...
Xen Xen
Debian Debian Linux 11.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
2.1
CVSSv2
CVE-2020-36311
An issue exists in the Linux kernel prior to 5.9. arch/x86/kvm/svm/sev.c allows malicious users to cause a denial of service (soft lockup) by triggering destruction of a large SEV VM (which requires unregistering many encrypted regions), aka CID-7be74942f184.
Linux Linux Kernel
Debian Debian Linux 9.0
Debian Debian Linux 10.0
6.8
CVSSv2
CVE-2018-20346
SQLite prior to 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allowing remote malicious users to execute arbitrary code by leveraging the ability ...
Sqlite Sqlite
Google Chrome
Redhat Linux 6.0
Debian Debian Linux 8.0
Opensuse Leap 42.3
Opensuse Leap 15.0
1 Github repository
5
CVSSv2
CVE-2019-20218
selectExpander in select.c in SQLite 3.30.1 proceeds with WITH stack unwinding even after a parsing error.
Sqlite Sqlite 3.30.1
Debian Debian Linux 9.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 16.04
Oracle Mysql Workbench
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »