Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
echo security vulnerabilities and exploits
(subscribe to this query)
7
CVSSv3
CVE-2017-2636
Race condition in drivers/tty/n_hdlc.c in the Linux kernel up to and including 4.10.1 allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline.
Linux Linux Kernel
Debian Debian Linux 8.0
3 Github repositories
1 Article
7.5
CVSSv3
CVE-2023-20049
A vulnerability in the bidirectional forwarding detection (BFD) hardware offload feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers, ASR 9902 Compact High-Performance Routers, and ASR 9903 Compact High-Performance Routers could allow an unauth...
Cisco Ios Xr
Cisco Ios Xr 7.7
5.5
CVSSv3
CVE-2017-6353
net/sctp/socket.c in the Linux kernel up to and including 4.10.1 does not properly restrict association peel-off operations during certain wait states, which allows local users to cause a denial of service (invalid unlock and double free) via a multithreaded application. NOTE: th...
Linux Linux Kernel
1 Github repository
9.8
CVSSv3
CVE-2015-4852
The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote malicious users to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to oracle_common/modules/com.bea.core....
Oracle Virtual Desktop Infrastructure
Oracle Weblogic Server 12.2.1.0.0
Oracle Weblogic Server 12.1.3.0.0
Oracle Weblogic Server 10.3.6.0.0
Oracle Weblogic Server 12.1.2.0.0
Oracle Storagetek Tape Analytics Sw Tool 2.3
2 EDB exploits
12 Github repositories
7.5
CVSSv3
CVE-2019-15890
libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c.
Libslirp Project Libslirp 4.0.0
Qemu Qemu 4.1.0
6.1
CVSSv3
CVE-2022-45411
Cross-Site Tracing occurs when a server will echo a request back via the Trace method, allowing an XSS attack to access to authorization headers and cookies inaccessible to JavaScript (such as cookies protected by HTTPOnly). To mitigate this attack, browsers placed limits on <...
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Thunderbird
3.3
CVSSv3
CVE-2018-11567
before 2018-04-27, the reprompt feature in Amazon Echo devices could be misused by a custom Alexa skill. The reprompt feature is designed so that if Alexa does not receive an input within 8 seconds, the device can speak a reprompt, then wait an additional 8 seconds for input; if ...
Amazon Echo Show Firmware
Amazon Echo Plus Firmware
Amazon Echo Dot Firmware
Amazon Echo Spot Firmware
Amazon Echo Firmware
NA
CVE-2013-2206
The sctp_sf_do_5_2_4_dupcook function in net/sctp/sm_statefuns.c in the SCTP implementation in the Linux kernel prior to 3.8.5 does not properly handle associations during the processing of a duplicate COOKIE ECHO chunk, which allows remote malicious users to cause a denial of se...
Linux Linux Kernel 3.2.21
Linux Linux Kernel 3.4.30
Linux Linux Kernel 3.4.4
Linux Linux Kernel 3.0.25
Linux Linux Kernel 3.1.2
Linux Linux Kernel 3.4.11
Linux Linux Kernel 3.0
Linux Linux Kernel 3.2.19
Linux Linux Kernel 3.0.22
Linux Linux Kernel 3.2.23
Linux Linux Kernel 3.4.26
Linux Linux Kernel 3.4.13
Linux Linux Kernel 3.6.7
Linux Linux Kernel 3.0.5
Linux Linux Kernel 3.5.2
Linux Linux Kernel 3.4.1
Linux Linux Kernel 3.2.18
Linux Linux Kernel 3.0.68
Linux Linux Kernel 3.3
Linux Linux Kernel 3.0.38
Linux Linux Kernel 3.8.2
Linux Linux Kernel 3.1
7.8
CVSSv3
CVE-2017-6345
The LLC subsystem in the Linux kernel prior to 4.9.13 does not ensure that a certain destructor exists in required circumstances, which allows local users to cause a denial of service (BUG_ON) or possibly have unspecified other impact via crafted system calls.
Linux Linux Kernel
1 Github repository
5.5
CVSSv3
CVE-2017-6348
The hashbin_delete function in net/irda/irqueue.c in the Linux kernel prior to 4.9.13 improperly manages lock dropping, which allows local users to cause a denial of service (deadlock) via crafted operations on IrDA devices.
Linux Linux Kernel
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »