Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
systemd project systemd vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2015-7510
Stack-based buffer overflow in the getpwnam and getgrnam functions of the NSS module nss-mymachines in systemd.
Systemd Project Systemd 223
9.8
CVSSv3
CVE-2017-1000082
systemd v233 and previous versions fails to safely parse usernames starting with a numeric digit (e.g. "0day"), running the service in question with root privileges rather than the user intended.
Systemd Project Systemd
2 Github repositories
7.5
CVSSv3
CVE-2017-9445
In systemd through 233, certain sizes passed to dns_packet_new in systemd-resolved can cause it to allocate a buffer that's too small. A malicious DNS server can exploit this via a response with a specially crafted TCP payload to trick systemd-resolved into allocating a buff...
Systemd Project Systemd
1 Article
7.5
CVSSv3
CVE-2017-9217
systemd-resolved through 233 allows remote malicious users to cause a denial of service (daemon crash) via a crafted DNS response with an empty question section.
Systemd Project Systemd
7.8
CVSSv3
CVE-2016-10156
A flaw in systemd v228 in /src/basic/fs-util.c caused world writable suid files to be created when using the systemd timers features, allowing local malicious users to escalate their privileges to root. This is fixed in v229.
Systemd Project Systemd 228
1 EDB exploit
1 Article
NA
CVE-2014-8399
The default configuration in systemd-shim 8 enables the Abandon debugging clause, which allows local users to cause a denial of service via unspecified vectors.
Shim Project Shim 8
NA
CVE-2012-0871
The session_link_x11_socket function in login/logind-session.c in systemd-logind in systemd, possibly 37 and previous versions, allows local users to create or overwrite arbitrary files via a symlink attack on the X11 user directory in /run/user/.
Systemd Project Systemd 31
Systemd Project Systemd 30
Systemd Project Systemd 29
Systemd Project Systemd 28
Systemd Project Systemd 14
Systemd Project Systemd 13
Systemd Project Systemd 12
Systemd Project Systemd 11
Opensuse Opensuse 12.1
Systemd Project Systemd
Systemd Project Systemd 36
Systemd Project Systemd 23
Systemd Project Systemd 22
Systemd Project Systemd 21
Systemd Project Systemd 20
Systemd Project Systemd 19
Systemd Project Systemd 6
Systemd Project Systemd 5
Systemd Project Systemd 4
Systemd Project Systemd 3
Systemd Project Systemd 34
Systemd Project Systemd 32
1 Github repository
NA
CVE-2013-4391
Integer overflow in the valid_user_field function in journal/journald-native.c in systemd allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a large journal data field, which triggers a heap-based buffer overflow.
Systemd Project Systemd
Debian Debian Linux 7.0
NA
CVE-2013-4392
systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.
Systemd Project Systemd
2 Github repositories
NA
CVE-2013-4393
journald in systemd, when the origin of native messages is set to file, allows local users to cause a denial of service (logging service blocking) via a crafted file descriptor.
Systemd Project Systemd
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32886
insecure direct object reference
CVE-2024-34342
file inclusion
CVE-2024-34562
CVE-2024-34347
CVE-2024-26026
CVE-2024-4647
unprivileged
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »