Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
erik vulnerabilities and exploits
(subscribe to this query)
8
CVSSv3
CVE-2023-40315
In OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 and related Meridian versions, any user that has the ROLE_FILESYSTEM_EDITOR can easily escalate their privileges to ROLE_ADMIN or any other role. The solution is to upgrade to Meridian 2023.1.5 or Horizon 32.0.2 or newer....
Opennms Horizon
Opennms Meridian
8
CVSSv3
CVE-2023-0872
The Horizon REST API includes a users endpoint in OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 on multiple platforms is vulnerable to elevation of privilege. The solution is to upgrade to Meridian 2023.1.6, 2022.1.19, 2021.1.30, 2020.1.38 or Horizon 32.0.2 or newer. Me...
Opennms Horizon
Opennms Meridian
NA
CVE-2011-3848
Directory traversal vulnerability in Puppet 2.6.x prior to 2.6.10 and 2.7.x prior to 2.7.4 allows remote malicious users to write X.509 Certificate Signing Request (CSR) to arbitrary locations via (1) a double-encoded key parameter in the URI in 2.7.x, (2) the CN in the Subject o...
Puppet Puppet 2.6.2
Puppet Puppet 2.6.3
Puppetlabs Puppet 2.7.0
Puppetlabs Puppet 2.7.1
Puppet Puppet 2.6.0
Puppet Puppet 2.6.1
Puppet Puppet 2.6.8
Puppet Puppet 2.6.9
Puppet Puppet 2.6.6
Puppet Puppet 2.6.7
Puppet Puppet 2.6.4
Puppet Puppet 2.6.5
Puppet Puppet 2.7.2
Puppet Puppet 2.7.3
NA
CVE-2009-1788
Heap-based buffer overflow in voc_read_header in libsndfile 1.0.15 up to and including 1.0.19, as used in Winamp 5.552 and possibly other media programs, allows remote malicious users to cause a denial of service (application crash) and possibly execute arbitrary code via a VOC f...
Nullsoft Winamp 5.541
Nullsoft Winamp 5.51
Mega-nerd Libsndfile 1.0.17
Mega-nerd Libsndfile 1.0.16
Nullsoft Winamp 5.552
Mega-nerd Libsndfile 1.0.15
Nullsoft Winamp 5.55
Nullsoft Winamp 5.54
Mega-nerd Libsndfile 1.0.19
Mega-nerd Libsndfile 1.0.18
Nullsoft Winamp 5.52
Nullsoft Winamp 5.5
NA
CVE-2009-1791
Heap-based buffer overflow in aiff_read_header in libsndfile 1.0.15 up to and including 1.0.19, as used in Winamp 5.552 and possibly other media programs, allows remote malicious users to cause a denial of service (application crash) and possibly execute arbitrary code via an AIF...
Mega-nerd Libsndfile 1.0.16
Mega-nerd Libsndfile 1.0.15
Nullsoft Winamp 5.552
Mega-nerd Libsndfile 1.0.19
Nullsoft Winamp 5.51
Nullsoft Winamp 5.52
Mega-nerd Libsndfile 1.0.18
Mega-nerd Libsndfile 1.0.17
Nullsoft Winamp 5.5
Nullsoft Winamp 5.55
Nullsoft Winamp 5.54
Nullsoft Winamp 5.541
NA
CVE-2011-3869
Puppet 2.7.x prior to 2.7.5, 2.6.x prior to 2.6.11, and 0.25.x allows local users to overwrite arbitrary files via a symlink attack on the .k5login file.
Puppetlabs Puppet 2.7.0
Puppet Puppet 2.7.3
Puppet Puppet 2.6.1
Puppet Puppet 2.6.8
Puppet Puppet 2.7.2
Puppetlabs Puppet 2.7.1
Puppet Puppet 2.6.3
Puppet Puppet 2.6.2
Puppet Puppet 2.6.9
Puppet Puppet 2.6.4
Puppet Puppet 2.6.5
Puppet Puppet 2.6.10
Puppet Puppet 2.7.4
Puppet Puppet 2.6.0
Puppet Puppet 2.6.7
Puppet Puppet 2.6.6
Puppet Puppet 0.25.1
Puppet Puppet 0.25.2
Puppet Puppet 0.25.3
Puppet Puppet 0.25.0
Puppet Puppet 0.25.6
Puppet Puppet 0.25.4
NA
CVE-2011-3870
Puppet 2.7.x prior to 2.7.5, 2.6.x prior to 2.6.11, and 0.25.x allows local users to modify the permissions of arbitrary files via a symlink attack on the SSH authorized_keys file.
Puppetlabs Puppet 2.7.0
Puppet Puppet 2.7.4
Puppet Puppet 2.6.2
Puppet Puppet 2.6.1
Puppet Puppet 2.7.2
Puppetlabs Puppet 2.7.1
Puppet Puppet 2.6.4
Puppet Puppet 2.6.3
Puppet Puppet 2.6.10
Puppet Puppet 2.6.0
Puppet Puppet 2.6.6
Puppet Puppet 2.6.5
Puppet Puppet 2.7.3
Puppet Puppet 2.6.9
Puppet Puppet 2.6.8
Puppet Puppet 2.6.7
Puppet Puppet 0.25.3
Puppet Puppet 0.25.2
Puppet Puppet 0.25.4
Puppet Puppet 0.25.5
Puppet Puppet 0.25.1
Puppet Puppet 0.25.0
NA
CVE-2011-3871
Puppet 2.7.x prior to 2.7.5, 2.6.x prior to 2.6.11, and 0.25.x, when running in --edit mode, uses a predictable file name, which allows local users to run arbitrary Puppet code or trick a user into editing arbitrary files.
Puppet Puppet 2.7.2
Puppetlabs Puppet 2.7.1
Puppet Puppet 2.6.4
Puppet Puppet 2.6.3
Puppet Puppet 2.6.10
Puppet Puppet 2.6.0
Puppet Puppet 2.6.6
Puppet Puppet 2.6.5
Puppetlabs Puppet 2.7.0
Puppet Puppet 2.7.4
Puppet Puppet 2.6.2
Puppet Puppet 2.6.1
Puppet Puppet 2.7.3
Puppet Puppet 2.6.9
Puppet Puppet 2.6.8
Puppet Puppet 2.6.7
Puppet Puppet 0.25.4
Puppet Puppet 0.25.5
Puppet Puppet 0.25.3
Puppet Puppet 0.25.2
Puppet Puppet 0.25.1
Puppet Puppet 0.25.0
7
CVSSv3
CVE-2019-11486
The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel prior to 5.0.8 has multiple race conditions.
Linux Linux Kernel
Debian Debian Linux 9.0
Opensuse Leap 42.3
Opensuse Leap 15.1
Netapp Active Iq -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Snapprotect -
Netapp Vasa Provider For Clustered Data Ontap 9.7
Netapp Storage Replication Adapter For Clustered Data Ontap 9.7
Netapp Virtual Storage Console 9.7
9.8
CVSSv3
CVE-2019-10126
A flaw was found in the Linux kernel. A heap based buffer overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c might lead to memory corruption and possibly other consequences.
Linux Linux Kernel
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux For Real Time 7
Redhat Enterprise Linux For Real Time For Nfv 7
Redhat Virtualization 4.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Server Aus 7.7
Redhat Enterprise Linux Server Tus 7.7
Redhat Enterprise Linux Eus 7.7
Redhat Enterprise Linux Server 8.0
Redhat Enterprise Linux Eus 8.1
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Aus 8.2
Redhat Enterprise Linux For Real Time 8
Redhat Enterprise Linux Aus 8.4
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux For Real Time For Nfv Tus 8.4
Redhat Enterprise Linux For Real Time For Nfv Tus 8.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »