Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
debian debian linux 10 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2018-6913
Heap-based buffer overflow in the pack function in Perl prior to 5.26.2 allows context-dependent malicious users to execute arbitrary code via a large item count.
Debian Debian Linux 9.0
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Perl Perl
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 12.04
9.8
CVSSv3
CVE-2018-7600
Drupal prior to 7.58, 8.x prior to 8.3.9, 8.4.x prior to 8.4.6, and 8.5.x prior to 8.5.1 allows remote malicious users to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations.
Drupal Drupal
Debian Debian Linux 9.0
Debian Debian Linux 8.0
Debian Debian Linux 7.0
3 EDB exploits
64 Github repositories
2 Articles
NA
CVE-2010-4078
The sisfb_ioctl function in drivers/video/sis/sis_main.c in the Linux kernel prior to 2.6.36-rc6 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an FBIOGET_VBLANK ioctl call...
Linux Linux Kernel 2.6.36
Linux Linux Kernel
Suse Linux Enterprise Server 10
Opensuse Opensuse 11.2
Opensuse Opensuse 11.3
Suse Linux Enterprise Desktop 10
Suse Linux Enterprise Software Development Kit 10
Suse Linux Enterprise Real Time Extension 11
Debian Debian Linux 5.0
NA
CVE-2010-4080
The snd_hdsp_hwdep_ioctl function in sound/pci/rme9652/hdsp.c in the Linux kernel prior to 2.6.36-rc6 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via an SNDRV_HDSP_IOCTL_GET_CONFIG_INFO ioc...
Linux Linux Kernel 2.6.36
Linux Linux Kernel
Suse Linux Enterprise Server 10
Opensuse Opensuse 11.2
Opensuse Opensuse 11.3
Suse Linux Enterprise Desktop 10
Suse Linux Enterprise Software Development Kit 10
Suse Linux Enterprise Real Time Extension 11
Debian Debian Linux 5.0
5.5
CVSSv3
CVE-2008-3275
The (1) real_lookup and (2) __lookup_hash functions in fs/namei.c in the vfs implementation in the Linux kernel prior to 2.6.25.15 do not prevent creation of a child dentry for a deleted (aka S_DEAD) directory, which allows local users to cause a denial of service ("overflow...
Linux Linux Kernel
Debian Debian Linux 4.0
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 8.04
Suse Suse Linux Enterprise Desktop 10
Suse Suse Linux Enterprise Server 10
NA
CVE-2007-6206
The do_coredump function in fs/exec.c in Linux kernel 2.4.x and 2.6.x up to 2.6.24-rc3, and possibly other versions, does not change the UID of a core dump file if it exists before a root process creates a core dump in the same location, which might allow local users to obtain se...
Linux Linux Kernel 2.6.24
Linux Linux Kernel
Opensuse Opensuse 10.2
Opensuse Opensuse 10.3
Suse Linux Enterprise Software Development Kit 10
Suse Linux Enterprise Server 10
Suse Linux Enterprise Real Time Extension 10
Suse Linux Enterprise Desktop 10
Redhat Enterprise Linux Desktop 4.0
Redhat Enterprise Linux Server 4.0
Redhat Enterprise Linux Workstation 4.0
Redhat Enterprise Linux Eus 4.6
Debian Debian Linux 3.1
Debian Debian Linux 4.0
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 6.10
Canonical Ubuntu Linux 6.06
7.5
CVSSv3
CVE-2018-1308
This vulnerability in Apache Solr 1.2 to 6.6.2 and 7.0.0 to 7.2.1 relates to an XML external entity expansion (XXE) in the `&dataConfig=<inlinexml>` parameter of Solr's DataImportHandler. It can be used as XXE using file/ftp/http protocols in order to read arbitrar...
Apache Solr
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
6.5
CVSSv3
CVE-2019-9735
An issue exists in the iptables firewall module in OpenStack Neutron prior to 10.0.8, 11.x prior to 11.0.7, 12.x prior to 12.0.6, and 13.x prior to 13.0.3. By setting a destination port in a security group rule along with a protocol that doesn't support that option (for exam...
Openstack Neutron
Redhat Openstack 10
Redhat Openstack 14
Redhat Openstack 13
Debian Debian Linux 9.0
7.5
CVSSv3
CVE-2008-0063
The Kerberos 4 support in KDC in MIT Kerberos 5 (krb5kdc) does not properly clear the unused portion of a buffer when generating an error message, which might allow remote malicious users to obtain sensitive information, aka "Uninitialized stack values."
Mit Kerberos 5
Apple Mac Os X
Apple Mac Os X Server
Opensuse Opensuse 10.2
Opensuse Opensuse 10.3
Suse Linux Enterprise Software Development Kit 10
Suse Linux Enterprise Server 10
Suse Linux Enterprise Desktop 10
Suse Linux 10.1
Debian Debian Linux 3.1
Debian Debian Linux 4.0
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 6.10
Canonical Ubuntu Linux 6.06
Fedoraproject Fedora 8
Fedoraproject Fedora 7
NA
CVE-2009-1185
udev prior to 1.4.1 does not verify whether a NETLINK message originates from kernel space, which allows local users to gain privileges by sending a NETLINK message from user space.
Udev Project Udev
Opensuse Opensuse 11.1
Opensuse Opensuse 11.0
Opensuse Opensuse 10.3
Suse Linux Enterprise Server 10
Suse Linux Enterprise Desktop 10
Suse Linux Enterprise Server 11
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Debuginfo 10
Suse Linux Enterprise Debuginfo 11
Debian Debian Linux 5.0
Debian Debian Linux 4.0
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
Fedoraproject Fedora 10
Fedoraproject Fedora 9
Juniper Ctpview
Juniper Ctpview 7.1
Juniper Ctpview 7.2
3 EDB exploits
3 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-36920
buffer overflow
CVE-2024-36913
CVE-2024-5497
CVE-2024-23917
CVE-2024-4956
server-side request forgery
CVE-2024-35468
SSTI
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »