Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
shadow vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-1661
A vulnerability classified as problematic was found in Totolink X6000R 9.4.0cu.852_B20230719. Affected by this vulnerability is an unknown functionality of the file /etc/shadow. The manipulation leads to hard-coded credentials. It is possible to launch the attack on the local hos...
Totolink X6000r Firmware 9.4.0cu.852 B20230719
NA
CVE-2024-24324
TOTOLINK A8000RU v7.1cu.643_B20200521 exists to contain a hardcoded password for root stored in /etc/shadow.
Totolink A8000ru Firmware 7.1cu.643 B20200521
NA
CVE-2024-22894
An issue fixed in AIT-Deutschland Alpha Innotec Heatpumps V2.88.3 or later, V3.89.0 or later, V4.81.3 or later and Novelan Heatpumps V2.88.3 or later, V3.89.0 or later, V4.81.3 or later, allows remote malicious users to execute arbitrary code via the password component in the sha...
Alpha-innotec Heat Pumps Firmware
Novelan Heat Pumps Firmware
2 Github repositories
NA
CVE-2023-34322
For migration as well as to work around kernels unaware of L1TF (see XSA-273), PV guests may be run in shadow paging mode. Since Xen itself needs to be mapped when PV guests run, Xen and shadowed PV guests run directly the respective shadow page tables. For 64-bit PV guests this ...
Xen Xen
NA
CVE-2023-4641
A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails in cleaning the buffer used to store the first entry. This may allow an attacker with enough access to retrieve ...
Shadow-maint Shadow-utils
Redhat Enterprise Linux 8.0
Redhat Codeready Linux Builder 8.0
Redhat Enterprise Linux 9.0
Redhat Enterprise Linux For Arm 64 9.0
Redhat Enterprise Linux For Arm 64 8.0
Redhat Codeready Linux Builder For Ibm Z Systems 9.0 S390x
Redhat Codeready Linux Builder For Arm64 9.0 Aarch64
Redhat Enterprise Linux For Power Little Endian 8.0 Ppc64le
Redhat Enterprise Linux For Ibm Z Systems 8.0 S390x
Redhat Codeready Linux Builder For Power Little Endian 9.0 Ppc64le
Redhat Codeready Linux Builder 9.0
Redhat Enterprise Linux For Power Little Endian 9.0 Ppc64le
Redhat Enterprise Linux For Ibm Z Systems 9.0 S390x
Redhat Codeready Linux Builder For Ibm Z Systems 8.0 S390x
Redhat Codeready Linux Builder For Arm64 8.0 Aarch64
Redhat Codeready Linux Builder For Power Little Endian 8.0 Ppc64le
NA
CVE-2023-5469
The Drop Shadow Boxes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'dropshadowbox' shortcode in versions up to, and including, 1.7.13 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible ...
Stevenhenty Drop Shadow Boxes
NA
CVE-2023-38354
MiniTool Shadow Maker version 4.1 contains an insecure installation process that allows malicious users to achieve remote code execution through a man in the middle attack.
Minitool Shadowmaker 4.1
NA
CVE-2023-23833
Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in Steven Henty Drop Shadow Boxes plugin <= 1.7.10 versions.
Drop Shadow Boxes Project Drop Shadow Boxes
NA
CVE-2023-32054
Volume Shadow Copy Elevation of Privilege Vulnerability
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016 -
Microsoft Windows Server 2012 -
Microsoft Windows Server 2019 -
Microsoft Windows Server 2022 -
Microsoft Windows 10 1809
Microsoft Windows 11 21h2
Microsoft Windows 10 21h2
Microsoft Windows 11 22h2
Microsoft Windows 10 22h2
Microsoft Windows 10 1507
Microsoft Windows 10 1607
NA
CVE-2023-21102
In __efi_rt_asm_wrapper of efi-rt-wrapper.S, there is a possible bypass of shadow stack protection due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Pr...
Google Android -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »