Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnu gnu patch vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2012-3410
Stack-based buffer overflow in lib/sh/eaccess.c in GNU Bash prior to 4.2 patch 33 might allow local users to bypass intended restricted shell access via a long filename in /dev/fd, which is not properly handled when expanding the /dev/fd prefix.
Gnu Bash 4.2
1.9
CVSSv2
CVE-2015-1197
cpio 2.11, when using the --no-absolute-filenames option, allows local users to write to arbitrary files via a symlink attack on a file in an archive.
Gnu Cpio 2.11
1 Metasploit module
1 Article
4
CVSSv2
CVE-2023-0687
A vulnerability was found in GNU C Library 2.38. It has been declared as critical. This vulnerability affects the function __monstartup of the file gmon.c of the component Call Graph Monitor. The manipulation leads to buffer overflow. It is recommended to apply a patch to fix thi...
Gnu Glibc
7.2
CVSSv2
CVE-2019-18276
An issue exists in disable_priv_mode in shell.c in GNU Bash up to and including 5.0 patch 11. By default, if Bash is run with its effective UID not equal to its real UID, it will drop privileges by setting its effective UID to its real UID. However, it does so incorrectly. On Lin...
Gnu Bash
Gnu Bash 5.0
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Oncommand Unified Manager
Oracle Communications Cloud Native Core Policy 1.14.0
3 Github repositories
5
CVSSv2
CVE-2005-0080
The 55_options_traceback.dpatch patch for mailman 2.1.5 in Ubuntu 4.10 displays a different error message depending on whether the e-mail address is subscribed to a private list, which allows remote malicious users to determine the list membership for a given e-mail address.
Gnu Mailman 2.1.5
Ubuntu Ubuntu Linux 4.10
2.1
CVSSv2
CVE-2003-0367
znew in the gzip package allows local users to overwrite arbitrary files via a symlink attack on temporary files.
Gnu Gzip
Debian Debian Linux 2.2
Debian Debian Linux 3.0
NA
CVE-2023-4001
An authentication bypass flaw was found in GRUB due to the way that GRUB uses the UUID of a device to search for the configuration file that contains the password hash for the GRUB password protection feature. An attacker capable of attaching an external drive such as a USB stick...
Gnu Grub2 -
Redhat Enterprise Linux 9.0
Fedoraproject Fedora 38
Fedoraproject Fedora 39
2.6
CVSSv2
CVE-2005-1918
The original patch for a GNU tar directory traversal vulnerability (CVE-2002-0399) in Red Hat Enterprise Linux 3 and 2.1 uses an "incorrect optimization" that allows user-assisted malicious users to overwrite arbitrary files via a crafted tar file, probably involving &q...
Gnu Tar 1.13.25
Redhat Enterprise Linux 2.1
Redhat Enterprise Linux Desktop 3.0
Redhat Linux Advanced Workstation 2.1
Redhat Enterprise Linux 3.0
5
CVSSv2
CVE-2005-4347
The Linux 2.4 kernel patch in kernel-patch-vserver prior to 1.9.5.5 and 2.x prior to 2.3 for Debian GNU/Linux does not correctly set the "chroot barrier" with util-vserver, which allows malicious users to access files on the host system that are outside of the vserver.
Debian Kernel-patch-vserver
Debian Debian Linux 3.0
Debian Debian Linux 3.1
4.3
CVSSv2
CVE-2008-4989
The _gnutls_x509_verify_certificate function in lib/x509/verify.c in libgnutls in GnuTLS prior to 2.6.1 trusts certificate chains in which the last certificate is an arbitrary trusted, self-signed certificate, which allows man-in-the-middle malicious users to insert a spoofed cer...
Gnu Gnutls
Fedoraproject Fedora 9
Fedoraproject Fedora 8
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
Debian Debian Linux 4.0
Suse Linux Enterprise Server 11
Suse Linux Enterprise Server 10
Suse Linux Enterprise 11.0
Suse Linux Enterprise 10.0
Opensuse Opensuse
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »