Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ubuntu core vulnerabilities and exploits
(subscribe to this query)
409
VMScore
CVE-2020-11933
cloud-init as managed by snapd on Ubuntu Core 16 and Ubuntu Core 18 devices was run without restrictions on every boot, which a physical attacker could exploit by crafting cloud-init user-data/meta-data via external media to perform arbitrary changes on the device to bypass inten...
Canonical Snapd
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
571
VMScore
CVE-2020-8927
A buffer overflow exists in the Brotli library versions before 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended...
Google Brotli
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Opensuse Leap 15.2
Microsoft Visual Studio 2019
Microsoft .net
Microsoft .net Core
Microsoft Powershell
Microsoft Visual Studio 2022 17.1
Microsoft Visual Studio 2022
209
VMScore
CVE-2017-5715
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
Intel Atom C C2308
Intel Atom C C2316
Intel Atom C C2338
Intel Atom C C2350
Intel Atom C C2358
Intel Atom C C2508
Intel Atom C C2516
Intel Atom C C2518
Intel Atom C C2530
Intel Atom C C2538
Intel Atom C C2550
Intel Atom C C2558
Intel Atom C C2718
Intel Atom C C2730
Intel Atom C C2738
Intel Atom C C2750
Intel Atom C C2758
Intel Atom C C3308
Intel Atom C C3338
Intel Atom C C3508
Intel Atom C C3538
Intel Atom C C3558
1 EDB exploit
47 Github repositories
9 Articles
641
VMScore
CVE-2015-1324
Apport prior to 2.17.2-0ubuntu1.1 as packaged in Ubuntu 15.04, prior to 2.14.70ubuntu8.5 as packaged in Ubuntu 14.10, prior to 2.14.1-0ubuntu3.11 as packaged in Ubuntu 14.04 LTS, and prior to 2.0.1-0ubuntu17.9 as packaged in Ubuntu 12.04 LTS allow local users to write to arbitrar...
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 14.10
488
VMScore
CVE-2017-5753
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
Intel Atom C C2308
Intel Atom C C2316
Intel Atom C C2338
Intel Atom C C2350
Intel Atom C C2358
Intel Atom C C2508
Intel Atom C C2516
Intel Atom C C2518
Intel Atom C C2530
Intel Atom C C2538
Intel Atom C C2550
Intel Atom C C2558
Intel Atom C C2718
Intel Atom C C2730
Intel Atom C C2738
Intel Atom C C2750
Intel Atom C C2758
Intel Atom C C3308
Intel Atom C C3338
Intel Atom C C3508
Intel Atom C C3538
Intel Atom C C3558
1 EDB exploit
42 Github repositories
9 Articles
1000
VMScore
CVE-2004-0989
Multiple buffer overflows in libXML 2.6.12 and 2.6.13 (libxml2), and possibly other versions, may allow remote malicious users to execute arbitrary code via (1) a long FTP URL that is not properly handled by the xmlNanoFTPScanURL function, (2) a long proxy URL containing FTP data...
Xmlsoft Libxml 1.8.17
Xmlsoft Libxml2 2.5.11
Xmlsoft Libxml2 2.6.9
Xmlstarlet Command Line Xml Toolkit 0.9.1
Xmlsoft Libxml2 2.6.11
Xmlsoft Libxml2 2.6.12
Xmlsoft Libxml2 2.6.13
Xmlsoft Libxml2 2.6.14
Xmlsoft Libxml2 2.6.6
Xmlsoft Libxml2 2.6.7
Xmlsoft Libxml2 2.6.8
Redhat Fedora Core Core 2.0
Trustix Secure Linux 2.0
Trustix Secure Linux 2.1
Ubuntu Ubuntu Linux 4.1
1 EDB exploit
641
VMScore
CVE-2017-14177
Apport up to and including 2.20.7 does not properly handle core dumps from setuid binaries allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion or possibly gain root privileges. NOTE: this vul...
Apport Project Apport
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 17.04
Canonical Ubuntu Linux 14.04
695
VMScore
CVE-2015-1325
Race condition in Apport prior to 2.17.2-0ubuntu1.1 as packaged in Ubuntu 15.04, prior to 2.14.70ubuntu8.5 as packaged in Ubuntu 14.10, prior to 2.14.1-0ubuntu3.11 as packaged in Ubuntu 14.04 LTS, and prior to 2.0.1-0ubuntu17.9 as packaged in Ubuntu 12.04 LTS allow local users to...
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
1 EDB exploit
169
VMScore
CVE-2020-11934
It exists that snapctl user-open allowed altering the $XDG_DATA_DIRS environment variable when calling the system xdg-open. OpenURL() in usersession/userd/launcher.go would alter $XDG_DATA_DIRS to append a path to a directory controlled by the calling snap. A malicious snap could...
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
449
VMScore
CVE-2018-17199
In Apache HTTP Server 2.4 release 2.4.37 and prior, mod_session checks the session expiry time before decoding the session. This causes session expiry time to be ignored for mod_session_cookie sessions since the expiry time is loaded when the session is decoded.
Apache Http Server
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Netapp Santricity Cloud Connector -
Netapp Storage Automation Store -
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Oracle Enterprise Manager Ops Center 12.3.3
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »