Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
echo security vulnerabilities and exploits
(subscribe to this query)
7
CVSSv3
CVE-2017-2636
Race condition in drivers/tty/n_hdlc.c in the Linux kernel up to and including 4.10.1 allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline.
Linux Linux Kernel
Debian Debian Linux 8.0
3 Github repositories
1 Article
7.5
CVSSv3
CVE-2023-20049
A vulnerability in the bidirectional forwarding detection (BFD) hardware offload feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers, ASR 9902 Compact High-Performance Routers, and ASR 9903 Compact High-Performance Routers could allow an unauth...
Cisco Ios Xr
Cisco Ios Xr 7.7
5.5
CVSSv3
CVE-2017-6353
net/sctp/socket.c in the Linux kernel up to and including 4.10.1 does not properly restrict association peel-off operations during certain wait states, which allows local users to cause a denial of service (invalid unlock and double free) via a multithreaded application. NOTE: th...
Linux Linux Kernel
1 Github repository
9.8
CVSSv3
CVE-2015-4852
The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote malicious users to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to oracle_common/modules/com.bea.core....
Oracle Virtual Desktop Infrastructure
Oracle Weblogic Server 12.2.1.0.0
Oracle Weblogic Server 12.1.3.0.0
Oracle Weblogic Server 10.3.6.0.0
Oracle Weblogic Server 12.1.2.0.0
Oracle Storagetek Tape Analytics Sw Tool 2.3
2 EDB exploits
13 Github repositories
6.1
CVSSv3
CVE-2022-45411
Cross-Site Tracing occurs when a server will echo a request back via the Trace method, allowing an XSS attack to access to authorization headers and cookies inaccessible to JavaScript (such as cookies protected by HTTPOnly). To mitigate this attack, browsers placed limits on <...
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Thunderbird
NA
CVE-2013-2206
The sctp_sf_do_5_2_4_dupcook function in net/sctp/sm_statefuns.c in the SCTP implementation in the Linux kernel prior to 3.8.5 does not properly handle associations during the processing of a duplicate COOKIE ECHO chunk, which allows remote malicious users to cause a denial of se...
Linux Linux Kernel 3.2.21
Linux Linux Kernel 3.4.30
Linux Linux Kernel 3.4.4
Linux Linux Kernel 3.0.25
Linux Linux Kernel 3.1.2
Linux Linux Kernel 3.4.11
Linux Linux Kernel 3.0
Linux Linux Kernel 3.2.19
Linux Linux Kernel 3.0.22
Linux Linux Kernel 3.2.23
Linux Linux Kernel 3.4.26
Linux Linux Kernel 3.4.13
Linux Linux Kernel 3.6.7
Linux Linux Kernel 3.0.5
Linux Linux Kernel 3.5.2
Linux Linux Kernel 3.4.1
Linux Linux Kernel 3.2.18
Linux Linux Kernel 3.0.68
Linux Linux Kernel 3.3
Linux Linux Kernel 3.0.38
Linux Linux Kernel 3.8.2
Linux Linux Kernel 3.1
7.5
CVSSv3
CVE-2019-15890
libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c.
Libslirp Project Libslirp 4.0.0
Qemu Qemu 4.1.0
7.8
CVSSv3
CVE-2017-6345
The LLC subsystem in the Linux kernel prior to 4.9.13 does not ensure that a certain destructor exists in required circumstances, which allows local users to cause a denial of service (BUG_ON) or possibly have unspecified other impact via crafted system calls.
Linux Linux Kernel
1 Github repository
5.5
CVSSv3
CVE-2017-6348
The hashbin_delete function in net/irda/irqueue.c in the Linux kernel prior to 4.9.13 improperly manages lock dropping, which allows local users to cause a denial of service (deadlock) via crafted operations on IrDA devices.
Linux Linux Kernel
5.5
CVSSv3
CVE-2021-46945
In the Linux kernel, the following vulnerability has been resolved: ext4: always panic when errors=panic is specified Before commit 014c9caa29d3 ("ext4: make ext4_abort() use __ext4_error()"), the following series of commands would trigger a panic: 1. mount /dev/sda -o ...
Linux Linux Kernel
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5834
CVE-2024-30100
CVE-2024-4577
physical
dos
CVE-2024-30099
CVE-2024-27801
CVE-2024-32146
logic flaw
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »