Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
patch vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2016-10713
An issue exists in GNU patch prior to 2.7.6. Out-of-bounds access within pch_write_line() in pch.c can possibly lead to DoS via a crafted input file.
Gnu Patch
4.3
CVSSv2
CVE-2019-20633
GNU patch up to and including 2.7.6 contains a free(p_line[p_end]) Double Free vulnerability in the function another_hunk in pch.c that can cause a denial of service via a crafted patch file. NOTE: this issue exists because of an incomplete fix for CVE-2018-6952.
Gnu Patch
1 Github repository
4.3
CVSSv2
CVE-2021-45261
An Invalid Pointer vulnerability exists in GNU patch 2.7 via the another_hunk function, which causes a Denial of Service.
Gnu Patch 2.7
6.5
CVSSv2
CVE-2021-35217
Insecure Deseralization of untrusted data remote code execution vulnerability exists in Patch Manager Orion Platform Integration module and reported to us by ZDI. An Authenticated Attacker could exploit it by executing WSAsyncExecuteTasks deserialization of untrusted data.
Solarwinds Patch Manager
9
CVSSv2
CVE-2021-35216
Insecure Deserialization of untrusted data remote code execution vulnerability exists in Patch Manager Orion Platform Integration module. An Authenticated Attacker with network access via HTTP can compromise this vulnerability can result in Remote Code Execution.
Solarwinds Patch Manager
NA
CVE-2021-4279
A vulnerability has been found in Starcounter-Jack JSON-Patch up to 3.1.0 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to improperly controlled modification of object prototype attributes ('prototype pollution'). The att...
Starcounter-jack Json-patch
7.2
CVSSv2
CVE-2021-27240
This vulnerability allows local malicious users to escalate privileges on affected installations of SolarWinds Patch Manager 2020.2.1. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specifi...
Solarwinds Patch Manager 2020.2.1
7.2
CVSSv2
CVE-2007-0253
Unspecified vulnerability in the grsecurity patch has unspecified impact and remote attack vectors, a different vulnerability than the expand_stack vulnerability from the Digital Armaments 20070110 pre-advisory. NOTE: the grsecurity developer has disputed this issue, stating that...
Grsecurity Grsecurity Kernel Patch
NA
CVE-2022-42451
Certain credentials within the BigFix Patch Management Download Plug-ins are stored insecurely and could be exposed to a local privileged user.
Hcltech Bigfix Patch Management
6.9
CVSSv2
CVE-2008-4966
linux-patch-openswan 2.4.12 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/snap##### and (b) /tmp/nightly##### temporary files, related to the (1) maysnap and (2) maytest scripts.
Openswan Linux-patch-openswan 2.4.12
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »