Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apport apport vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2019-7306
Byobu Apport hook may disclose sensitive information since it automatically uploads the local user's .screenrc which may contain private hostnames, usernames and passwords. This issue affects: byobu
Byobu Byobu -
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 19.04
1.9
CVSSv2
CVE-2019-11482
Sander Bos discovered a time of check to time of use (TOCTTOU) vulnerability in apport that allowed a user to cause core files to be written in arbitrary directories.
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
Apport Project Apport -
2.1
CVSSv2
CVE-2019-11485
Sander Bos discovered Apport's lock file was in a world-writable directory which allowed all users to prevent crash handling.
Apport Project Apport -
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
6.1
CVSSv2
CVE-2019-11481
Kevin Backhouse discovered that apport would read a user-supplied configuration file with elevated privileges. By replacing the file with a symbolic link, a user could get apport to read any file on the system as root, with unknown consequences.
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Apport Project Apport -
2.1
CVSSv2
CVE-2019-11483
Sander Bos discovered Apport mishandled crash dumps originating from containers. This could be used by a local malicious user to generate a crash report for a privileged process that is readable by an unprivileged user.
Apport Project Apport -
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
4.4
CVSSv2
CVE-2019-7307
Apport prior to 2.14.1-0ubuntu3.29+esm1, 2.20.1-0ubuntu2.19, 2.20.9-0ubuntu7.7, 2.20.10-0ubuntu27.1, 2.20.11-0ubuntu5 contained a TOCTTOU vulnerability when reading the users ~/.apport-ignore.xml file, which allows a local malicious user to replace this file with a symlink to any...
Apport Project Apport 2.14.1
Apport Project Apport 2.20.1
Apport Project Apport 2.20.9
Apport Project Apport 2.20.10
7.2
CVSSv2
CVE-2015-1341
Any Python module in sys.path can be imported if the command line of the process triggering the coredump is Python and the first argument is -m in Apport prior to 2.19.2 function _python_module_path.
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
Canonical Apport
7.2
CVSSv2
CVE-2018-6552
Apport does not properly handle crashes originating from a PID namespace allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion, possibly gain root privileges, or escape from containers. The is_...
Apport Project Apport 2.14.1
Apport Project Apport 2.20.9
Apport Project Apport 2.20.7
Apport Project Apport 2.20.1
6.9
CVSSv2
CVE-2015-1862
The crash reporting feature in Abrt allows local users to gain privileges by leveraging an execve by root after a chroot into a user-specified directory in a namedspaced environment.
Abrt Project Abrt
2 EDB exploits
7.2
CVSSv2
CVE-2017-14179
Apport prior to 2.13 does not properly handle crashes originating from a PID namespace allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion, possibly gain root privileges, or escape from conta...
Apport Project Apport
Canonical Ubuntu Linux 17.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 17.10
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »