Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
filip palian vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-2495
fs/proc/base.c in the Linux kernel prior to 2.6.39.4 does not properly restrict access to /proc/#####/io files, which allows local users to obtain sensitive I/O statistics by polling a file, as demonstrated by discovering the length of another user's password.
Linux Linux Kernel 2.6.39
Linux Linux Kernel 2.6.39.1
Linux Linux Kernel
Linux Linux Kernel 2.6.39.2
NA
CVE-2011-2497
Integer underflow in the l2cap_config_req function in net/bluetooth/l2cap_core.c in the Linux kernel prior to 3.0 allows remote malicious users to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a small command-size value within th...
Linux Linux Kernel
NA
CVE-2011-2928
The befs_follow_link function in fs/befs/linuxvfs.c in the Linux kernel prior to 3.1-rc3 does not validate the length attribute of long symlinks, which allows local users to cause a denial of service (incorrect pointer dereference and OOPS) by accessing a long symlink on a malfor...
Linux Linux Kernel 3.1
Linux Linux Kernel
NA
CVE-2011-2202
The rfc1867_post_handler function in main/rfc1867.c in PHP prior to 5.3.7 does not properly restrict filenames in multipart/form-data POST requests, which allows remote malicious users to conduct absolute path traversal attacks, and possibly create or overwrite arbitrary files, v...
Php Php 5.3.0
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.0
Php Php 4.1.0
Php Php 4.2.2
Php Php 4.2.3
Php Php 4.3.3
Php Php 4.3.4
Php Php 4.4.1
Php Php 4.4.2
Php Php 3.0.11
Php Php 3.0.10
Php Php 3.0.4
Php Php 3.0.3
Php Php 3.0.8
Php Php 3.0.5
Php Php
Php Php 4.0.0
Php Php 4.0.1
Php Php 4.2.0
Php Php 4.3.1
1 EDB exploit
NA
CVE-2011-1020
The proc filesystem implementation in the Linux kernel 2.6.37 and previous versions does not restrict access to the /proc directory tree of a process after this process performs an exec of a setuid program, which allows local users to obtain sensitive information or cause a denia...
Linux Linux Kernel
1 EDB exploit
NA
CVE-2011-2484
The add_del_listener function in kernel/taskstats.c in the Linux kernel 2.6.39.1 and previous versions does not prevent multiple registrations of exit handlers, which allows local users to cause a denial of service (memory and CPU consumption), and bypass the OOM Killer, via a cr...
Linux Linux Kernel
NA
CVE-2011-2492
The bluetooth subsystem in the Linux kernel prior to 3.0-rc4 does not properly initialize certain data structures, which allows local users to obtain potentially sensitive information from kernel memory via a crafted getsockopt system call, related to (1) the l2cap_sock_getsockop...
Linux Linux Kernel 3.0
Linux Linux Kernel
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux Workstation 5.0
Redhat Enterprise Linux Desktop 5.0
Redhat Enterprise Linux Eus 5.6
Redhat Enterprise Linux Aus 5.6
NA
CVE-2011-1938
Stack-based buffer overflow in the socket_connect function in ext/sockets/sockets.c in PHP 5.3.3 up to and including 5.3.6 might allow context-dependent malicious users to execute arbitrary code via a long pathname for a UNIX socket.
Php Php 5.3.4
Php Php 5.3.5
Php Php 5.3.3
Php Php 5.3.6
2 EDB exploits
NA
CVE-2011-1576
The Generic Receive Offload (GRO) implementation in the Linux kernel 2.6.18 on Red Hat Enterprise Linux 5 and 2.6.32 on Red Hat Enterprise Linux 6, as used in Red Hat Enterprise Virtualization (RHEV) Hypervisor and other products, allows remote malicious users to cause a denial o...
Linux Linux Kernel 2.6.18
Redhat Enterprise Linux 5
Redhat Enterprise Linux 6.0
Redhat Enterprise Virtualization Hypervisor
NA
CVE-2011-2517
Multiple buffer overflows in net/wireless/nl80211.c in the Linux kernel prior to 2.6.39.2 allow local users to gain privileges by leveraging the CAP_NET_ADMIN capability during scan operations with a long SSID value.
Linux Linux Kernel
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux Workstation 5.0
Redhat Enterprise Linux 5.0
Redhat Enterprise Linux Desktop 5.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »