Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
unprivileged vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2001-0351
Microsoft Windows 2000 telnet service allows a local user to make a certain system call that allows the user to terminate a Telnet session and cause a denial of service.
Microsoft Windows 2000
3.3
CVSSv3
CVE-2018-6556
lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path. This code path may be used by an unprivileged user to check for the existence of a path which they wouldn't otherwise be able to reach. It may also be used to trigger side e...
Canonical Ubuntu Linux 18.04
Linuxcontainers Lxc
Suse Suse Linux Enterprise Server 11
Suse Openstack Cloud 6
Suse Caas Platform 1.0
Suse Caas Platform 2.0
Opensuse Leap 15.0
1 Github repository
5.3
CVSSv3
CVE-2018-7169
An issue exists in shadow 4.5. newgidmap (in shadow-utils) is setuid and allows an unprivileged user to be placed in a user namespace where setgroups(2) is permitted. This allows an malicious user to remove themselves from a supplementary group, which may allow access to certain ...
Shadow Project Shadow 4.5
5.5
CVSSv3
CVE-2020-5202
apt-cacher-ng up to and including 3.3 allows local users to obtain sensitive information by hijacking the hardcoded TCP port. The /usr/lib/apt-cacher-ng/acngtool program attempts to connect to apt-cacher-ng via TCP on localhost port 3142, even if the explicit SocketPath=/var/run/...
Apt-cacher-ng Project Apt-cacher-ng
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.1
Opensuse Backports Sle-15
9.1
CVSSv3
CVE-2021-29943
When using ConfigurableInternodeAuthHadoopPlugin for authentication, Apache Solr versions before 8.8.2 would forward/proxy distributed requests using server credentials instead of original client credentials. This would result in incorrect authorization resolution on the receivin...
Apache Solr
5.5
CVSSv3
CVE-2019-18899
The apt-cacher-ng package of openSUSE Leap 15.1 runs operations in user owned directory /run/apt-cacher-ng with root privileges. This can allow local malicious users to influence the outcome of these operations. This issue affects: openSUSE Leap 15.1 apt-cacher-ng versions before...
Apt-cacher-ng Project Apt-cacher-ng
Opensuse Backports Sle-15
5.5
CVSSv3
CVE-2021-4115
There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit process outage duration is tied to the failing process being reaped and ...
Polkit Project Polkit 0.117
Redhat Enterprise Linux 8.0
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 21.10
Debian Debian Linux 11.0
Oracle Zfs Storage Appliance Kit 8.8
8.8
CVSSv3
CVE-2017-3576
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are before 5.0.38 and before 5.1.20. Easily "exploitable" vulnerability allows low privileged attacker with logon to the infrastructur...
Oracle Vm Virtualbox
1 EDB exploit
6
CVSSv3
CVE-2020-29486
An issue exists in Xen up to and including 4.14.x. Nodes in xenstore have an ownership. In oxenstored, a owner could give a node away. However, node ownership has quota implications. Any guest can run another guest out of quota, or create an unbounded number of nodes owned by dom...
Xen Xen
Debian Debian Linux 10.0
Fedoraproject Fedora 32
Fedoraproject Fedora 33
NA
CVE-2015-0802
Mozilla Firefox prior to 37.0 relies on docshell type information instead of page principal information for Window.webidl access control, which might allow remote malicious users to execute arbitrary JavaScript code with chrome privileges via certain content navigation that lever...
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Mozilla Firefox
1 EDB exploit
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
CVE-2012-1823
memory leak
CVE-2024-0627
CVE-2024-31402
privilege escalation
CVE-2024-36418
remote code execution
CVE-2024-27844
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »