Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
alpine vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2017-9671
A heap overflow in apk (Alpine Linux's package manager) allows a remote malicious user to cause a denial of service, or achieve code execution, by crafting a malicious APKINDEX.tar.gz file with a bad pax header block.
Alpinelinux Alpine Linux -
1 Article
7.5
CVSSv3
CVE-2022-23553
Alpine is a scaffolding library in Java. Alpine prior to version 1.10.4 allows URL access filter bypass. This issue has been fixed in version 1.10.4. There are no known workarounds.
Alpine Project Alpine
7.5
CVSSv3
CVE-2021-30139
In Alpine Linux apk-tools prior to 2.12.5, the tarball parser allows a buffer overflow and crash.
2 Github repositories
7.5
CVSSv3
CVE-2020-14929
Alpine prior to 2.23 silently proceeds to use an insecure connection after a /tls is sent in certain circumstances involving PREAUTH, which is a less secure behavior than the alternative of closing the connection and letting the user decide what they would like to do.
Alpine Project Alpine
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Debian Debian Linux 8.0
6.7
CVSSv3
CVE-2020-15596
The ALPS ALPINE touchpad driver prior to 8.2206.1717.634, as used on various Dell, HP, and Lenovo laptops, allows malicious users to conduct Path Disclosure attacks via a "fake" DLL file.
Hp Elite X2 1012 G1 Firmware
Hp Elite X2 1012 G2 Firmware
Hp Elitebook 1030 G1 Firmware
Hp Elitebook 1040 G4 Firmware
Hp Elitebook Folio 1040 G3 Firmware
Hp Elitebook Folio G1 Firmware
Hp Elitebook Revolve 810 G2 Firmware
Hp Elitebook Revolve 810 G3 Firmware
Hp Elitebook X360 1020 G2 Firmware
Hp Elitebook X360 1030 G2 Firmware
Hp Pro X2 612 G2 Firmware
Hp Zbook Studio G3 Firmware
Hp Zbook Studio G4 Firmware
Hp Zbook X2 G4 Firmware
6.5
CVSSv3
CVE-2015-9432
The alpine-photo-tile-for-instagram plugin prior to 1.2.7.6 for WordPress has CSRF with resultant XSS via the wp-admin/options-general.php?page=alpine-photo-tile-for-instagram-settings tab parameter.
Thealpinepress Alpine-photo-tile-for-instagram
6.5
CVSSv3
CVE-2019-12875
Alpine Linux abuild up to and including 3.4.0 allows an unprivileged member of the abuild group to add an untrusted package via a --keys-dir option that causes acceptance of an untrusted signing key.
Alpinelinux Abuild
6.1
CVSSv3
CVE-2017-20087
A vulnerability, which was classified as problematic, has been found in Alpine PhotoTile for Instagram Plugin 1.2.7.7. Affected by this issue is some unknown functionality. The manipulation leads to basic cross site scripting. The attack may be launched remotely.
Thealpinepress Alpine-photo-tile-for-instagram 1.2.7.7
5.9
CVSSv3
CVE-2021-46853
Alpine prior to 2.25 allows remote malicious users to cause a denial of service (application crash) when LIST or LSUB is sent before STARTTLS.
Alpine Project Alpine
5.9
CVSSv3
CVE-2021-38370
In Alpine prior to 2.25, untagged responses from an IMAP server are accepted before STARTTLS.
Alpine Project Alpine
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »