Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apport vulnerabilities and exploits
(subscribe to this query)
935
VMScore
CVE-2016-9949
An issue exists in Apport prior to 2.20.4. In apport/ui.py, Apport reads the CrashDB field and it then evaluates the field as Python code if it begins with a "{". This allows remote malicious users to execute arbitrary Python code.
Apport Project Apport
Canonical Ubuntu Linux
1 EDB exploit
1 Github repository
1 Article
169
VMScore
CVE-2009-1295
Apport prior to 0.108.4 on Ubuntu 8.04 LTS, prior to 0.119.2 on Ubuntu 8.10, and prior to 1.0-0ubuntu5.2 on Ubuntu 9.04 does not properly remove files from the application's crash-report directory, which allows local users to delete arbitrary files via unspecified vectors.
Ubuntu Ubuntu 9.0.4
Ubuntu Ubuntu 8.1.0
Ubuntu Ubuntu 8.0.4 Lts
Apport Apport
641
VMScore
CVE-2021-25682
It exists that the get_pid_info() function in data/apport did not properly parse the /proc/pid/status file from the kernel.
Canonical Apport
409
VMScore
CVE-2021-25684
It exists that apport in data/apport did not properly open a report file to prevent hanging reads on a FIFO.
Canonical Apport
641
VMScore
CVE-2021-25683
It exists that the get_starttime() function in data/apport did not properly parse the /proc/pid/stat file from the kernel.
Canonical Apport
187
VMScore
CVE-2021-32556
It exists that the get_modified_conffiles() function in backends/packaging-apt-dpkg.py allowed injecting modified package names in a manner that would confuse the dpkg(1) call.
Canonical Apport
320
VMScore
CVE-2021-32557
It exists that the process_report() function in data/whoopsie-upload-all allowed arbitrary file writes via symlinks.
Canonical Apport
725
VMScore
CVE-2015-1338
kernel_crashdump in Apport prior to 2.19 allows local users to cause a denial of service (disk consumption) or possibly gain privileges via a (1) symlink or (2) hard link attack on /var/crash/vmcore.log.
Apport Project Apport
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
1 EDB exploit
NA
CVE-2022-28652
~/.config/apport/settings parsing is vulnerable to "billion laughs" attack
Apport Project Apport
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 21.10
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 22.04
NA
CVE-2022-28654
is_closing_session() allows users to fill up apport.log
Apport Project Apport
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 22.04
Canonical Ubuntu Linux 21.10
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30065
CVE-2024-5843
CVE-2024-30080
code execution
CVE-2024-4577
CVE-2024-26169
wireless
remote code execution
CVE-2024-36103
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »