Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tavis ormandy vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2007-4829
Directory traversal vulnerability in the Archive::Tar Perl module 1.36 and previous versions allows user-assisted remote malicious users to overwrite arbitrary files via a TAR archive that contains a file whose name is an absolute path or has ".." sequences.
Archive\\ \\ Tar Project
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 7.10
409
VMScore
CVE-2015-3255
The polkit_backend_action_pool_init function in polkitbackend/polkitbackendactionpool.c in PolicyKit (aka polkit) prior to 0.113 might allow local users to gain privileges via duplicate action IDs in action descriptions.
Polkit Project Polkit
605
VMScore
CVE-2018-16543
In Artifex Ghostscript prior to 9.24, gssetresolution and gsgetresolution allow malicious users to have an unspecified impact.
Artifex Ghostscript
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Debian Debian Linux 8.0
Debian Debian Linux 9.0
365
VMScore
CVE-2015-3202
fusermount in FUSE prior to 2.9.3-15 does not properly clear the environment before invoking (1) mount or (2) umount as root, which allows local users to write to arbitrary files via a crafted LIBMOUNT_MTAB environment variable that is used by mount's debugging feature.
Debian Debian Linux 8.0
Fuse Project Fuse
1 EDB exploit
409
VMScore
CVE-2005-1704
Integer overflow in the Binary File Descriptor (BFD) library for gdb prior to 6.3, binutils, elfutils, and possibly other packages, allows user-assisted malicious users to execute arbitrary code via a crafted object file that specifies a large number of section headers, leading t...
Gnu Gdb
614
VMScore
CVE-2008-5302
Race condition in the rmtree function in File::Path 1.08 and 2.07 (lib/File/Path.pm) in Perl 5.8.8 and 5.10.0 allows local users to create arbitrary setuid binaries via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is...
Perl File\\ \\
614
VMScore
CVE-2008-5303
Race condition in the rmtree function in File::Path 1.08 (lib/File/Path.pm) in Perl 5.8.8 allows local users to to delete arbitrary files via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error related...
Perl File\\ \\
383
VMScore
CVE-2007-5268
pngrtran.c in libpng prior to 1.0.29 and 1.2.x prior to 1.2.21 use (1) logical instead of bitwise operations and (2) incorrect comparisons, which might allow remote malicious users to cause a denial of service (crash) via a crafted PNG image.
Libpng Libpng
Canonical Ubuntu Linux 6.10
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 7.04
828
VMScore
CVE-2008-0888
The NEEDBITS macro in the inflate_dynamic function in inflate.c for unzip can be invoked using invalid buffers, which allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors that trigger a free of uninitialized or...
Info-zip Unzip
641
VMScore
CVE-2007-2893
Heap-based buffer overflow in the bx_ne2k_c::rx_frame function in iodev/ne2k.cc in the emulated NE2000 device in Bochs 2.3 allows local users of the guest operating system to write to arbitrary memory locations and gain privileges on the host operating system via vectors that cau...
Bochs Project Bochs 2.3
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »