Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
debian shadow vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2019-19583
An issue exists in Xen up to and including 4.12.x allowing x86 HVM/PVH guest OS users to cause a denial of service (guest OS crash) because VMX VMEntry checks mishandle a certain case. Please see XSA-260 for background on the MovSS shadow. Please see XSA-156 for background on the...
Xen Xen
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Opensuse Leap 15.1
Debian Debian Linux 9.0
Debian Debian Linux 10.0
7.5
CVSSv3
CVE-2019-18421
An issue exists in Xen up to and including 4.12.x allowing x86 PV guest OS users to gain host OS privileges by leveraging race conditions in pagetable promotion and demotion operations. There are issues with restartable PV type change operations. To avoid using shadow pagetables ...
Xen Xen
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Opensuse Leap 15.0
7
CVSSv3
CVE-2021-40490
A race condition exists in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel up to and including 5.13.13.
Linux Linux Kernel
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Debian Debian Linux 9.0
Debian Debian Linux 11.0
Netapp Aff A250 Firmware -
Netapp Fas 500f Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
Netapp H610c Firmware -
Netapp H610s Firmware -
Netapp H615c Firmware -
6.8
CVSSv3
CVE-2022-1789
With shadow paging enabled, the INVPCID instruction results in a call to kvm_mmu_invpcid_gva. If INVPCID is executed with CR0.PG=0, the invlpg callback is not set and the result is a NULL pointer dereference.
Linux Linux Kernel
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Redhat Enterprise Linux 9.0
Debian Debian Linux 11.0
6.8
CVSSv3
CVE-2021-38204
drivers/usb/host/max3421-hcd.c in the Linux kernel prior to 5.13.6 allows physically proximate malicious users to cause a denial of service (use-after-free and panic) by removing a MAX-3421 USB device in certain situations.
Linux Linux Kernel
Debian Debian Linux 9.0
6.5
CVSSv3
CVE-2021-38199
fs/nfs/nfs4client.c in the Linux kernel prior to 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection.
Linux Linux Kernel
Netapp Hci Bootstrap Os -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Element Software -
Debian Debian Linux 9.0
Debian Debian Linux 11.0
6.5
CVSSv3
CVE-2020-3702
u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic' in Snapdragon Auto, Snapdragon Comp...
Qualcomm Apq8053 Firmware -
Qualcomm Ipq4019 Firmware -
Qualcomm Ipq8064 Firmware -
Qualcomm Msm8909w Firmware -
Qualcomm Msm8996au Firmware -
Qualcomm Qca9531 Firmware -
Qualcomm Qcn5502 Firmware -
Qualcomm Qcs405 Firmware -
Qualcomm Sdx20 Firmware -
Qualcomm Sm6150 Firmware -
Qualcomm Sm7150 Firmware -
Debian Debian Linux 10.0
Arista Access Point
Debian Debian Linux 9.0
6.5
CVSSv3
CVE-2020-15563
An issue exists in Xen up to and including 4.13.x, allowing x86 HVM guest OS users to cause a hypervisor crash. An inverted conditional in x86 HVM guests' dirty video RAM tracking code allows such guests to make Xen de-reference a pointer guaranteed to point at unmapped spac...
Xen Xen
Debian Debian Linux 10.0
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Opensuse Leap 15.2
6.5
CVSSv3
CVE-2019-13750
Insufficient data validation in SQLite in Google Chrome before 79.0.3945.79 allowed a remote malicious user to bypass defense-in-depth measures via a crafted HTML page.
Google Chrome
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux For Scientific Computing 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Desktop 6.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 16.04
6.5
CVSSv3
CVE-2019-13751
Uninitialized data in SQLite in Google Chrome before 79.0.3945.79 allowed a remote malicious user to obtain potentially sensitive information from process memory via a crafted HTML page.
Google Chrome
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux For Scientific Computing 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Desktop 6.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 16.04
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »