Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
systemd vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2017-9669
A heap overflow in apk (Alpine Linux's package manager) allows a remote malicious user to cause a denial of service, or achieve code execution by crafting a malicious APKINDEX.tar.gz file.
Alpinelinux Alpine Linux -
1 Article
7.8
CVSSv3
CVE-2017-9671
A heap overflow in apk (Alpine Linux's package manager) allows a remote malicious user to cause a denial of service, or achieve code execution, by crafting a malicious APKINDEX.tar.gz file with a bad pax header block.
Alpinelinux Alpine Linux -
1 Article
7.8
CVSSv3
CVE-2016-10156
A flaw in systemd v228 in /src/basic/fs-util.c caused world writable suid files to be created when using the systemd timers features, allowing local malicious users to escalate their privileges to root. This is fixed in v229.
Systemd Project Systemd 228
1 EDB exploit
1 Article
7.5
CVSSv3
CVE-2021-41281
Synapse is a package for Matrix homeservers written in Python 3/Twisted. Prior to version 1.47.1, Synapse instances with the media repository enabled can be tricked into downloading a file from a remote server into an arbitrary directory. No authentication is required for the aff...
Matrix Synapse
Fedoraproject Fedora 34
Fedoraproject Fedora 35
7.5
CVSSv3
CVE-2021-36754
PowerDNS Authoritative Server 4.5.0 prior to 4.5.1 allows anybody to crash the process by sending a specific query (QTYPE 65535) that causes an out-of-bounds exception.
Powerdns Authoritative Server
7.5
CVSSv3
CVE-2017-14178
In snapd 2.27 up to and including 2.29.2 the 'snap logs' command could be made to call journalctl without match arguments and therefore allow unprivileged, unauthenticated users to bypass systemd-journald's access restrictions.
Snapcraft Snapd
7.5
CVSSv3
CVE-2017-15908
In systemd 223 through 235, a remote DNS server can respond with a custom crafted DNS NSEC resource record to trigger an infinite loop in the dns_packet_read_type_window() function of the 'systemd-resolved' service and cause a DoS of the affected service.
Systemd Project Systemd 228
Systemd Project Systemd 229
Systemd Project Systemd 226
Systemd Project Systemd 227
Systemd Project Systemd 234
Systemd Project Systemd 235
Systemd Project Systemd 223
Systemd Project Systemd 224
Systemd Project Systemd 225
Systemd Project Systemd 232
Systemd Project Systemd 233
Systemd Project Systemd 230
Systemd Project Systemd 231
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
7.5
CVSSv3
CVE-2017-11565
debian/tor.init in the Debian tor_0.2.9.11-1~deb9u1 package for Tor was designed to execute aa-exec from the standard system pathname if the apparmor package is installed, but implements this incorrectly (with a wrong assumption that the specific pathname would remain the same fo...
Debian Tor 0.2.9.11-1
7.5
CVSSv3
CVE-2017-9445
In systemd through 233, certain sizes passed to dns_packet_new in systemd-resolved can cause it to allocate a buffer that's too small. A malicious DNS server can exploit this via a response with a specially crafted TCP payload to trick systemd-resolved into allocating a buff...
Systemd Project Systemd
1 Article
7.5
CVSSv3
CVE-2017-9217
systemd-resolved through 233 allows remote malicious users to cause a denial of service (daemon crash) via a crafted DNS response with an empty question section.
Systemd Project Systemd
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »