Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
shadow vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-36159
Contec FXA3200 version 1.13 and under were discovered to contain a hard coded hash password for root stored in the component /etc/shadow. As the password strength is weak, it can be cracked in few minutes. Through this credential, a malicious actor can access the Wireless LAN Man...
Contec Fxa3000 Firmware
Contec Fxa3020 Firmware
Contec Fxa3200 Firmware
Contec Fxa2000 Firmware
1 Github repository
NA
CVE-2022-25641
Foxit PDF Reader prior to 11.2.2 and PDF Editor prior to 11.2.2, and PhantomPDF prior to 10.1.8, mishandle cross-reference information during compressed-object parsing within signed documents. This leads to delivery of incorrect signature information via an Incremental Saving Att...
Foxit Pdf Editor
Foxit Pdf Reader
Foxit Phantompdf
NA
CVE-2022-33745
insufficient TLB flush for x86 PV guests in shadow mode For migration as well as to work around kernels unaware of L1TF (see XSA-273), PV guests may be run in shadow paging mode. To address XSA-401, code was moved inside a function in Xen. This code movement missed a variable cha...
Xen Xen
Debian Debian Linux 11.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
2.1
CVSSv2
CVE-2022-30154
Microsoft File Server Shadow Copy Agent Service (RVSS) Elevation of Privilege Vulnerability
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016 -
Microsoft Windows Server 2012 -
Microsoft Windows Server 2019 -
Microsoft Windows 10 20h2
Microsoft Windows Server 2022 -
6.9
CVSSv2
CVE-2022-1789
With shadow paging enabled, the INVPCID instruction results in a call to kvm_mmu_invpcid_gva. If INVPCID is executed with CR0.PG=0, the invlpg callback is not set and the result is a NULL pointer dereference.
Linux Linux Kernel
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Redhat Enterprise Linux 9.0
Debian Debian Linux 11.0
5
CVSSv2
CVE-2022-29588
Konica Minolta bizhub MFP devices prior to 2022-04-14 use cleartext password storage for the /var/log/nginx/html/ADMINPASS and /etc/shadow files.
Konicaminolta Bizhub 226i Firmware
Konicaminolta Bizhub 227 Firmware
Konicaminolta Bizhub 246i Firmware
Konicaminolta Bizhub 287 Firmware
Konicaminolta Bizhub 306i Firmware
Konicaminolta Bizhub 308 Firmware
Konicaminolta Bizhub 308e Firmware
Konicaminolta Bizhub 367 Firmware
Konicaminolta Bizhub 368 Firmware
Konicaminolta Bizhub 368e Firmware
Konicaminolta Bizhub 4052 Firmware
Konicaminolta Bizhub 458 Firmware
Konicaminolta Bizhub 458e Firmware
Konicaminolta Bizhub 4752 Firmware
Konicaminolta Bizhub 558 Firmware
Konicaminolta Bizhub 558e Firmware
Konicaminolta Bizhub 658e Firmware
Konicaminolta Bizhub 758 Firmware
Konicaminolta Bizhub 808 Firmware
Konicaminolta Bizhub 958 Firmware
Konicaminolta Bizhub C227 Firmware
Konicaminolta Bizhub C250i Firmware
6.9
CVSSv2
CVE-2022-1537
file.copy operations in GruntJS are vulnerable to a TOCTOU race condition leading to arbitrary file write in GitHub repository gruntjs/grunt before 1.5.3. This vulnerability is capable of arbitrary file writes which can lead to local privilege escalation to the GruntJS user if a ...
Gruntjs Grunt
2 Github repositories
6.4
CVSSv2
CVE-2022-22795
Signiant - Manager+Agents XML External Entity (XXE) - Extract internal files of the affected machine An attacker can read all the system files, the product is running with root on Linux systems and nt/authority on windows systems, which allows him to access and extract any file o...
Signiant Manager\\+agents
Signiant Manager\\+agents 14.0
Signiant Manager\\+agents 15.0
2.1
CVSSv2
CVE-2021-3732
A flaw was found in the Linux kernel's OverlayFS subsystem in the way the user mounts the TmpFS filesystem with OverlayFS. This flaw allows a local user to gain access to hidden files that should not be accessible.
Linux Linux Kernel 5.14
Linux Linux Kernel
7.2
CVSSv2
CVE-2021-3656
A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "virt_ext" fiel...
Linux Linux Kernel 5.14
Linux Linux Kernel
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Redhat Software Collections -
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux For Scientific Computing 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux For Power Little Endian 7.0
Redhat Enterprise Linux For Real Time 7
Redhat Enterprise Linux For Real Time For Nfv 7
Redhat Enterprise Linux For Power Big Endian 7.0
Redhat Enterprise Linux For Ibm Z Systems 7.0
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Server Aus 7.7
Redhat Enterprise Linux Server Tus 7.7
Redhat Enterprise Linux Eus 8.1
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Server Tus 8.2
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
XXE
CVE-2024-34490
SQL injection
CVE-2024-34488
CVE-2024-4507
CVE-2023-7028
CVE-2024-23187
TCP
CVE-2024-4439
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »