Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jon oberheide vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-3001
The llc_ui_getname function in net/llc/af_llc.c in the Linux kernel 2.6.31-rc7 and previous versions does not initialize a certain data structure, which allows local users to read the contents of some kernel memory locations by calling getsockname on an AF_LLC socket.
Linux Linux Kernel 2.6.31
Linux Linux Kernel
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 8.10
1 EDB exploit
NA
CVE-2007-2232
The CHECK command in Cosign 2.0.1 and previous versions allows remote malicious users to bypass authentication requirements via CR (\r) sequences in the cosign cookie parameter.
Cosign Cosign 0.7.0
Cosign Cosign 1.7
Cosign Cosign 1.8
Cosign Cosign 1.5
Cosign Cosign 1.6
Cosign Cosign 0.8.0
Cosign Cosign 0.9.0
Cosign Cosign 1.8.5
Cosign Cosign 1.9
Cosign Cosign 1.0
Cosign Cosign 1.1
Cosign Cosign 2.0.1
1 EDB exploit
NA
CVE-2007-2233
cosign-bin/cosign.cgi in Cosign 2.0.2 and previous versions allows remote authenticated users to perform unauthorized actions as an arbitrary user by using CR (\r) sequences in the service parameter to inject LOGIN and REGISTER commands with the desired username.
Cosign Cosign 0.7.0
Cosign Cosign 0.8.0
Cosign Cosign 1.8
Cosign Cosign 1.8.5
Cosign Cosign 1.1
Cosign Cosign 1.5
Cosign Cosign 0.9.0
Cosign Cosign 1.0
Cosign Cosign 1.9
Cosign Cosign 2.0.1
Cosign Cosign 2.0.2
Cosign Cosign 1.6
Cosign Cosign 1.7
1 EDB exploit
NA
CVE-2010-1146
The Linux kernel 2.6.33.2 and previous versions, when a ReiserFS filesystem exists, does not restrict read or write access to the .reiserfs_priv directory, which allows local users to gain privileges by modifying (1) extended attributes or (2) ACLs, as demonstrated by deleting a ...
Linux Linux Kernel
1 EDB exploit
NA
CVE-2009-1185
udev prior to 1.4.1 does not verify whether a NETLINK message originates from kernel space, which allows local users to gain privileges by sending a NETLINK message from user space.
Udev Project Udev
Opensuse Opensuse 11.1
Opensuse Opensuse 11.0
Opensuse Opensuse 10.3
Suse Linux Enterprise Server 10
Suse Linux Enterprise Desktop 10
Suse Linux Enterprise Server 11
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Debuginfo 10
Suse Linux Enterprise Debuginfo 11
Debian Debian Linux 5.0
Debian Debian Linux 4.0
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
Fedoraproject Fedora 10
Fedoraproject Fedora 9
Juniper Ctpview
Juniper Ctpview 7.1
Juniper Ctpview 7.2
3 EDB exploits
3 Github repositories
NA
CVE-2010-4073
The ipc subsystem in the Linux kernel prior to 2.6.37-rc1 does not initialize certain structures, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to the (1) compat_sys_semctl, (2) compat_sys_msgctl, and (3) compat_...
Linux Linux Kernel
Suse Linux Enterprise Server 10
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Server 11
Suse Linux Enterprise Server 9
Opensuse Opensuse 11.3
Suse Linux Enterprise Desktop 10
Suse Linux Enterprise Software Development Kit 10
Suse Linux Enterprise Real Time Extension 11
Debian Debian Linux 5.0
1 EDB exploit
NA
CVE-2009-3002
The Linux kernel prior to 2.6.31-rc7 does not initialize certain data structures within getname functions, which allows local users to read the contents of some kernel memory locations by calling getsockname on (1) an AF_APPLETALK socket, related to the atalk_getname function in ...
Linux Linux Kernel 2.6.31
Linux Linux Kernel
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 8.10
2 EDB exploits
NA
CVE-2010-3850
The ec_dev_ioctl function in net/econet/af_econet.c in the Linux kernel prior to 2.6.36.2 does not require the CAP_NET_ADMIN capability, which allows local users to bypass intended access restrictions and configure econet addresses via an SIOCSIFADDR ioctl call.
Linux Linux Kernel
Suse Linux Enterprise Server 10
Suse Linux Enterprise Server 9
Suse Linux Enterprise Desktop 10
Suse Linux Enterprise Software Development Kit 10
Suse Linux Enterprise Real Time Extension 11
Debian Debian Linux 5.0
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 9.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 6.06
2 EDB exploits
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
CVE-2024-34558
CVE-2024-32674
CVE-2024-34351
XPath injection
CVE-2023-45866
CVE-2024-25528
CVE-2024-25517
path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3