Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
login security project login security vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2006-5051
Signal handler race condition in OpenSSH prior to 4.4 allows remote malicious users to cause a denial of service (crash), and possibly execute arbitrary code if GSSAPI authentication is enabled, via unspecified vectors that lead to a double-free.
Openbsd Openssh
Debian Debian Linux 3.1
Apple Mac Os X
Apple Mac Os X Server
7.8
CVSSv3
CVE-2022-2735
A vulnerability was found in the PCS project. This issue occurs due to incorrect permissions on a Unix socket used for internal communication between PCS daemons. A privilege escalation could happen by obtaining an authentication token for a hacluster user. With the "haclust...
Clusterlabs Pcs
Debian Debian Linux 11.0
7.8
CVSSv3
CVE-2017-5332
The extract_group_icon_cursor_resource in wrestool/extract.c in icoutils prior to 0.31.1 can access unallocated memory, which allows local users to cause a denial of service (process crash) and execute arbitrary code via a crafted executable.
Icoutils Project Icoutils
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Aus 7.7
Redhat Enterprise Linux Server Eus 7.7
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server Eus 7.3
Redhat Enterprise Linux Server Eus 7.4
Redhat Enterprise Linux Server Eus 7.5
Redhat Enterprise Linux Server Eus 7.6
Redhat Enterprise Linux Server Aus 7.3
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux Server Tus 7.3
Redhat Enterprise Linux Server Tus 7.7
Canonical Ubuntu Linux 12.04
Debian Debian Linux 9.0
Debian Debian Linux 8.0
Debian Debian Linux 10.0
Opensuse Leap 42.1
Opensuse Leap 42.2
7.8
CVSSv3
CVE-2017-5333
Integer overflow in the extract_group_icon_cursor_resource function in b/wrestool/extract.c in icoutils prior to 0.31.1 allows local users to cause a denial of service (process crash) or execute arbitrary code via a crafted executable file.
Icoutils Project Icoutils
Redhat Enterprise Linux Server Eus 7.7
Redhat Enterprise Linux Server Eus 7.4
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Eus 7.6
Redhat Enterprise Linux Server Tus 7.3
Redhat Enterprise Linux Server Tus 7.7
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server Aus 7.3
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux Server Eus 7.3
Redhat Enterprise Linux Server Eus 7.5
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Server Aus 7.7
Canonical Ubuntu Linux 12.04
Debian Debian Linux 9.0
Debian Debian Linux 8.0
Debian Debian Linux 10.0
Opensuse Leap 42.1
Opensuse Leap 42.2
7.8
CVSSv3
CVE-2017-5331
Integer overflow in the check_offset function in b/wrestool/fileread.c in icoutils prior to 0.31.1 allows local users to cause a denial of service (process crash) and execute arbitrary code via a crafted executable.
Icoutils Project Icoutils
Canonical Ubuntu Linux 12.04
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Opensuse Leap 42.1
Opensuse Opensuse 13.2
Opensuse Leap 42.2
7.8
CVSSv3
CVE-2018-15686
A vulnerability in unit_deserialize of systemd allows an malicious user to supply arbitrary state across systemd re-execution via NotifyAccess. This can be used to improperly influence systemd execution and possibly lead to root privilege escalation. Affected releases are systemd...
Debian Debian Linux 8.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 16.04
Systemd Project Systemd
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 1.4.0
1 EDB exploit
1 Github repository
7.8
CVSSv3
CVE-2018-16743
An issue exists in mgetty prior to 1.2.1. In contrib/next-login/login.c, the command-line parameter username is passed unsanitized to strcpy(), which can cause a stack-based buffer overflow.
Mgetty Project Mgetty
7.8
CVSSv3
CVE-2017-1000229
Integer overflow bug in function minitiff_read_info() of optipng 0.7.6 allows an malicious user to remotely execute code or cause denial of service.
Optipng Project Optipng 0.7.6
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
7.8
CVSSv3
CVE-2017-6298
An issue exists in ytnef prior to 1.9.1. This is related to a patch described as "1 of 9. Null Pointer Deref / calloc return value not checked."
Ytnef Project Ytnef
Debian Debian Linux 8.0
Debian Debian Linux 9.0
7.8
CVSSv3
CVE-2017-6300
An issue exists in ytnef prior to 1.9.1. This is related to a patch described as "3 of 9. Buffer Overflow in version field in lib/tnef-types.h."
Ytnef Project Ytnef
Debian Debian Linux 8.0
Debian Debian Linux 9.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »