Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apparmor vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2016-1585
In all versions of AppArmor mount rules are accidentally widened when compiled.
Canonical Apparmor
1 Github repository
4.7
CVSSv2
CVE-2019-11190
The Linux kernel prior to 4.8 allows local users to bypass ASLR on setuid programs (such as /bin/su) because install_exec_creds() is called too late in load_elf_binary() in fs/binfmt_elf.c, and thus the ptrace_may_access() check has a race condition when reading /proc/pid/stat.
Linux Linux Kernel
1.9
CVSSv2
CVE-2019-11191
The Linux kernel up to and including 5.0.7, when CONFIG_IA32_AOUT is enabled and ia32_aout is loaded, allows local users to bypass ASLR on setuid a.out programs (if any exist) because install_exec_creds() is called too late in load_aout_binary() in fs/binfmt_aout.c, and thus the ...
Linux Linux Kernel
4.6
CVSSv2
CVE-2018-4180
In macOS High Sierra prior to 10.13.5, an issue existed in CUPS. This issue was addressed with improved access restrictions.
Apple Mac Os X
Debian Debian Linux 9.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 14.04
4.9
CVSSv2
CVE-2018-4181
In macOS High Sierra prior to 10.13.5, an issue existed in CUPS. This issue was addressed with improved access restrictions.
Apple Mac Os X
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 18.04
Debian Debian Linux 8.0
Debian Debian Linux 9.0
4.6
CVSSv2
CVE-2018-6553
The CUPS AppArmor profile incorrectly confined the dnssd backend due to use of hard links. A local attacker could possibly use this issue to escape confinement. This flaw affects versions before 2.2.7-1ubuntu2.1 in Ubuntu 18.04 LTS, before 2.2.4-7ubuntu3.1 in Ubuntu 17.10, before...
Cups Cups -
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Debian Debian Linux 9.0
Canonical Ubuntu Linux 18.04
Debian Debian Linux 8.0
5
CVSSv2
CVE-2017-5381
The "export" function in the Certificate Viewer can force local filesystem navigation when the "common name" in a certificate contains slashes, allowing certificate content to be saved in unsafe locations with an arbitrary filename. This vulnerability affects ...
Mozilla Firefox
4.3
CVSSv2
CVE-2017-5384
Proxy Auto-Config (PAC) files can specify a JavaScript function called for all URL requests with the full URL path which exposes more information than would be sent to the proxy itself in the case of HTTPS. Normally the Proxy Auto-Config file is specified by the user or machine o...
Mozilla Firefox
5
CVSSv2
CVE-2017-5388
A STUN server in conjunction with a large number of "webkitRTCPeerConnection" objects can be used to send large STUN packets in a short period of time due to a lack of rate limiting being applied on e10s systems, allowing for a denial of service attack. This vulnerabili...
Mozilla Firefox
7.5
CVSSv2
CVE-2017-5374
Memory safety bugs were reported in Firefox 50.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 51.
Mozilla Firefox
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »