Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
arp protocol vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2020-29130
slirp.c in libslirp up to and including 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packet length.
Libslirp Project Libslirp
Debian Debian Linux 9.0
Fedoraproject Fedora 32
Fedoraproject Fedora 33
3.3
CVSSv2
CVE-2020-29443
ide_atapi_cmd_reply_end in hw/ide/atapi.c in QEMU 5.1.0 allows out-of-bounds read access because a buffer index is not validated.
Qemu Qemu 5.1.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
2.1
CVSSv2
CVE-2020-25723
A reachable assertion issue was found in the USB EHCI emulation code of QEMU. It could occur while processing USB requests due to missing handling of DMA memory map failure. A malicious privileged user within the guest may abuse this flaw to send bogus USB requests and crash the ...
Qemu Qemu
Debian Debian Linux 10.0
2.1
CVSSv2
CVE-2020-27821
A flaw was found in the memory management API of QEMU during the initialization of a memory region cache. This issue could lead to an out-of-bounds write access to the MSI-X table while performing MMIO operations. A guest user may abuse this flaw to crash the QEMU process on the ...
Qemu Qemu
Debian Debian Linux 10.0
3.3
CVSSv2
CVE-2021-0292
An Uncontrolled Resource Consumption vulnerability in the ARP daemon (arpd) and Network Discovery Protocol (ndp) process of Juniper Networks Junos OS Evolved allows a malicious attacker on the local network to consume memory resources, ultimately resulting in a Denial of Service ...
Juniper Junos Os Evolved 19.4
Juniper Junos Os Evolved 20.1
Juniper Junos Os Evolved 20.2
4.6
CVSSv2
CVE-2010-2524
The DNS resolution functionality in the CIFS implementation in the Linux kernel prior to 2.6.35, when CONFIG_CIFS_DFS_UPCALL is enabled, relies on a user's keyring for the dns_resolver upcall in the cifs.upcall userspace helper, which allows local users to spoof the results ...
Linux Linux Kernel
Vmware Esx 4.1
Vmware Esx 4.0
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 9.10
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
Suse Suse Linux Enterprise Server 11
Suse Suse Linux Enterprise Desktop 11
2.1
CVSSv2
CVE-2010-3875
The ax25_getname function in net/ax25/af_ax25.c in the Linux kernel prior to 2.6.37-rc2 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory by reading a copy of this structure.
Linux Linux Kernel 2.6.37
Linux Linux Kernel
Debian Debian Linux 5.0
2.1
CVSSv2
CVE-2010-4655
net/core/ethtool.c in the Linux kernel prior to 2.6.36 does not initialize certain data structures, which allows local users to obtain potentially sensitive information from kernel heap memory by leveraging the CAP_NET_ADMIN capability for an ethtool ioctl call.
Linux Linux Kernel
Vmware Esx 4.1
Vmware Esx 4.0
Canonical Ubuntu Linux 8.04
2.1
CVSSv2
CVE-2011-0710
The task_show_regs function in arch/s390/kernel/traps.c in the Linux kernel prior to 2.6.38-rc4-next-20110216 on the s390 platform allows local users to obtain the values of the registers of an arbitrary process by reading a status file under /proc/.
Linux Linux Kernel 2.6.38
Linux Linux Kernel
5.7
CVSSv2
CVE-2011-0695
Race condition in the cm_work_handler function in the InfiniBand driver (drivers/infiniband/core/cma.c) in Linux kernel 2.6.x allows remote malicious users to cause a denial of service (panic) by sending an InfiniBand request while other request handlers are still running, which ...
Linux Linux Kernel
Redhat Enterprise Linux Desktop 5.0
Redhat Enterprise Linux Eus 5.6
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux Server Aus 5.6
Redhat Enterprise Linux Workstation 5.0
Canonical Ubuntu Linux 8.04
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
CVE-2006-4304
CVE-2023-26603
CVE-2024-28327
CVE-2023-50363
CVE-2024-21905
template injection
CVE-2024-3400
cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »