Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
linux vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2024-23653
BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. In addition to running containers as build steps, BuildKit also provides APIs for running interactive containers based on built images. It was possible to use th...
Mobyproject Buildkit
3 Github repositories
9.8
CVSSv3
CVE-2023-6816
A flaw was found in X.Org server. Both DeviceFocusEvent and the XIQueryPointer reply contain a bit for each logical button currently down. Buttons can be arbitrarily mapped to any value up to 255, but the X.Org Server was only allocating space for the device's particular num...
X.org Xwayland
X.org Xorg-server
Fedoraproject Fedora 39
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Debian Debian Linux 10.0
9.8
CVSSv3
CVE-2023-6395
The Mock software contains a vulnerability wherein an attacker could potentially exploit privilege escalation, enabling the execution of arbitrary code with root user privileges. This weakness stems from the absence of proper sandboxing during the expansion and execution of Jinja...
Rpm-software-management Mock -
Fedoraproject Extra Packages For Enterprise Linux 8.0
Fedoraproject Extra Packages For Enterprise Linux 9.0
Fedoraproject Extra Packages For Enterprise Linux 7.0
Fedoraproject Fedora 38
Fedoraproject Fedora 39
9.8
CVSSv3
CVE-2023-49569
A path traversal vulnerability exists in go-git versions prior to v5.11. This vulnerability allows an malicious user to create and amend files across the filesystem. In the worse case scenario, remote code execution could be achieved. Applications are only affected if they are us...
Go-git Project Go-git
1 Github repository
9.8
CVSSv3
CVE-2023-50919
An issue exists on GL.iNet devices before version 4.5.0. There is an NGINX authentication bypass via Lua string pattern matching. This affects A1300 4.4.6, AX1800 4.4.6, AXT1800 4.4.6, MT3000 4.4.6, MT2500 4.4.6, MT6000 4.5.0, MT1300 4.3.7, MT300N-V2 4.3.7, AR750S 4.3.7, AR750 4....
Gl-inet Gl-ax1800 Firmware 4.3.7
Gl-inet Gl-ax1800 Firmware 4.4.6
Gl-inet Gl-axt1800 Firmware 4.3.7
Gl-inet Gl-axt1800 Firmware 4.4.6
Gl-inet Gl-mt3000 Firmware 4.3.7
Gl-inet Gl-mt3000 Firmware 4.4.6
Gl-inet Gl-mt2500 Firmware 4.3.7
Gl-inet Gl-mt2500 Firmware 4.4.6
Gl-inet Gl-mt6000 Firmware 4.3.7
Gl-inet Gl-mt6000 Firmware 4.4.6
Gl-inet Gl-mt1300 Firmware 4.3.7
Gl-inet Gl-mt1300 Firmware 4.4.6
Gl-inet Gl-mt300n-v2 Firmware 4.3.7
Gl-inet Gl-mt300n-v2 Firmware 4.4.6
Gl-inet Gl-ar750s Firmware 4.3.7
Gl-inet Gl-ar750s Firmware 4.4.6
Gl-inet Gl-ar750 Firmware 4.3.7
Gl-inet Gl-ar750 Firmware 4.4.6
Gl-inet Gl-ar300m Firmware 4.3.7
Gl-inet Gl-ar300m Firmware 4.4.6
Gl-inet Gl-b1300 Firmware 4.3.7
Gl-inet Gl-b1300 Firmware 4.4.6
1 Metasploit module
9.8
CVSSv3
CVE-2023-40414
A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 10, iOS 17 and iPadOS 17, tvOS 17, macOS Sonoma 14, Safari 17. Processing web content may lead to arbitrary code execution.
Apple Macos
Apple Watchos
Apple Iphone Os
Apple Ipados
Apple Tvos
Apple Safari
9.8
CVSSv3
CVE-2023-51714
An issue exists in the HTTP2 implementation in Qt prior to 5.15.17, 6.x prior to 6.2.11, 6.3.x up to and including 6.5.x prior to 6.5.4, and 6.6.x prior to 6.6.2. network/access/http2/hpacktable.cpp has an incorrect HPack integer overflow check.
Qt Qt
9.8
CVSSv3
CVE-2023-46850
Use after free in OpenVPN version 2.6.0 to 2.6.6 may lead to undefined behavoir, leaking memory buffers or remote execution when sending network buffers to a remote peer.
Openvpn Openvpn
Openvpn Openvpn Access Server
Debian Debian Linux 12.0
Fedoraproject Fedora 39
9.8
CVSSv3
CVE-2023-5550
In a shared hosting environment that has been misconfigured to allow access to other users' content, a Moodle user who also has direct access to the web server outside of the Moodle webroot could utilise a local file include to achieve remote code execution.
Moodle Moodle
Fedoraproject Extra Packages For Enterprise Linux 7.0
Fedoraproject Fedora 38
9.8
CVSSv3
CVE-2023-3961
A path traversal vulnerability was identified in Samba when processing client pipe names connecting to Unix domain sockets within a private directory. Samba typically uses this mechanism to connect SMB clients to remote procedure call (RPC) services like SAMR LSA or SPOOLSS, whic...
Samba Samba
Redhat Enterprise Linux 8.0
Redhat Storage 3.0
Redhat Enterprise Linux Eus 9.0
Fedoraproject Fedora 39
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
firmware
CVE-2006-4304
CVE-2024-32878
CVE-2024-31502
XSS
CVE-2024-3059
CVE-2024-33692
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »