Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
networkmanager vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2018-1000135
GNOME NetworkManager version 1.10.2 and previous versions contains a Information Exposure (CWE-200) vulnerability in DNS resolver that can result in Private DNS queries leaked to local network's DNS servers, while on VPN. This vulnerability appears to have been fixed in Some...
Gnome Networkmanager
Canonical Ubuntu Linux 16.04
8.1
CVSSv3
CVE-2016-3698
libndp prior to 1.6, as used in NetworkManager, does not properly validate the origin of Neighbor Discovery Protocol (NDP) messages, which allows remote malicious users to conduct man-in-the-middle attacks or cause a denial of service (network connectivity disruption) by advertis...
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Server Aus 7.2
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Hpc Node 7.0
Redhat Enterprise Linux Server Eus 7.2
Redhat Enterprise Linux Hpc Node Eus 7.2
Libndp Libndp
Debian Debian Linux 8.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 15.10
NA
CVE-2015-0272
GNOME NetworkManager allows remote malicious users to cause a denial of service (IPv6 traffic disruption) via a crafted MTU value in an IPv6 Router Advertisement (RA) message, a different vulnerability than CVE-2015-8215.
Gnome Networkmanager
Suse Linux Enterprise Server 11
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Debuginfo 11
Suse Linux Enterprise Real Time Extension 11
Suse Linux Enterprise Software Development Kit 12
Suse Linux Enterprise Server 12
Suse Linux Enterprise Software Development Kit 11
Suse Linux Enterprise Workstation Extension 12
Suse Linux Enterprise Desktop 12
Canonical Ubuntu Linux 12.04
Oracle Linux 7
NA
CVE-2015-8215
net/ipv6/addrconf.c in the IPv6 stack in the Linux kernel prior to 4.0 does not validate attempted changes to the MTU value, which allows context-dependent malicious users to cause a denial of service (packet loss) via a value that is (1) smaller than the minimum compliant value ...
Linux Linux Kernel
NA
CVE-2015-2925
The prepend_path function in fs/dcache.c in the Linux kernel prior to 4.2.4 does not properly handle rename actions inside a bind mount, which allows local users to bypass an intended container protection mechanism by renaming a directory, related to a "double-chroot attack....
Linux Linux Kernel
1 Github repository
NA
CVE-2015-5257
drivers/usb/serial/whiteheat.c in the Linux kernel prior to 4.2.4 allows physically proximate malicious users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via a crafted USB device. NOTE: this ID was incorrectly used fo...
Linux Linux Kernel
NA
CVE-2015-7312
Multiple race conditions in the Advanced Union Filesystem (aufs) aufs3-mmap.patch and aufs4-mmap.patch patches for the Linux kernel 3.x and 4.x allow local users to cause a denial of service (use-after-free and BUG) or possibly gain privileges via a (1) madvise or (2) msync syste...
Linux Linux Kernel
Canonical Ubuntu Linux 14.04
Debian Debian Linux 8.0
NA
CVE-2015-6937
The __rds_conn_create function in net/rds/connection.c in the Linux kernel up to and including 4.2.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound...
Linux Linux Kernel
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Debian Debian Linux 8.0
Debian Debian Linux 7.0
NA
CVE-2015-1322
Directory traversal vulnerability in the Ubuntu network-manager package for Ubuntu (vivid) prior to 0.9.10.0-4ubuntu15.1, Ubuntu 14.10 prior to 0.9.8.8-0ubuntu28.1, and Ubuntu 14.04 LTS prior to 0.9.8.8-0ubuntu7.1 allows local users to change the modem device configuration or rea...
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.1
Ubuntu Network-manager
NA
CVE-2012-3520
The Netlink implementation in the Linux kernel prior to 3.2.30 does not properly handle messages that lack SCM_CREDENTIALS data, which might allow local users to spoof Netlink communication via a crafted message, as demonstrated by a message to (1) Avahi or (2) NetworkManager.
Linux Linux Kernel 3.2.21
Linux Linux Kernel 2.3.21
Linux Linux Kernel 3.2.19
Linux Linux Kernel 3.2.23
Linux Linux Kernel 3.2.18
Linux Linux Kernel 3.2.5
Linux Linux Kernel 3.2.26
Linux Linux Kernel 2.3.28
Linux Linux Kernel
Linux Linux Kernel 2.3.26
Linux Linux Kernel 3.2
Linux Linux Kernel 3.2.16
Linux Linux Kernel 3.3.2
Linux Linux Kernel 3.2.27
Linux Linux Kernel 2.4.33.2
Linux Linux Kernel 2.3.27
Linux Linux Kernel 2.6.13.2
Linux Linux Kernel 3.2.11
Linux Linux Kernel 2.3.24
Linux Linux Kernel 2.6.33.2
Linux Linux Kernel 3.2.10
Linux Linux Kernel 3.2.14
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »