Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
systemd project vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2015-7510
Stack-based buffer overflow in the getpwnam and getgrnam functions of the NSS module nss-mymachines in systemd.
Systemd Project Systemd 223
10
CVSSv2
CVE-2017-1000082
systemd v233 and previous versions fails to safely parse usernames starting with a numeric digit (e.g. "0day"), running the service in question with root privileges rather than the user intended.
Systemd Project Systemd
2 Github repositories
5
CVSSv2
CVE-2017-9445
In systemd through 233, certain sizes passed to dns_packet_new in systemd-resolved can cause it to allocate a buffer that's too small. A malicious DNS server can exploit this via a response with a specially crafted TCP payload to trick systemd-resolved into allocating a buff...
Systemd Project Systemd
1 Article
5
CVSSv2
CVE-2017-9217
systemd-resolved through 233 allows remote malicious users to cause a denial of service (daemon crash) via a crafted DNS response with an empty question section.
Systemd Project Systemd
7.2
CVSSv2
CVE-2016-10156
A flaw in systemd v228 in /src/basic/fs-util.c caused world writable suid files to be created when using the systemd timers features, allowing local malicious users to escalate their privileges to root. This is fixed in v229.
Systemd Project Systemd 228
1 EDB exploit
1 Article
2.1
CVSSv2
CVE-2014-8399
The default configuration in systemd-shim 8 enables the Abandon debugging clause, which allows local users to cause a denial of service via unspecified vectors.
Shim Project Shim 8
6.3
CVSSv2
CVE-2012-0871
The session_link_x11_socket function in login/logind-session.c in systemd-logind in systemd, possibly 37 and previous versions, allows local users to create or overwrite arbitrary files via a symlink attack on the X11 user directory in /run/user/.
Systemd Project Systemd 31
Systemd Project Systemd 30
Systemd Project Systemd 29
Systemd Project Systemd 28
Systemd Project Systemd 14
Systemd Project Systemd 13
Systemd Project Systemd 12
Systemd Project Systemd 11
Opensuse Opensuse 12.1
Systemd Project Systemd
Systemd Project Systemd 36
Systemd Project Systemd 23
Systemd Project Systemd 22
Systemd Project Systemd 21
Systemd Project Systemd 20
Systemd Project Systemd 19
Systemd Project Systemd 6
Systemd Project Systemd 5
Systemd Project Systemd 4
Systemd Project Systemd 3
Systemd Project Systemd 34
Systemd Project Systemd 32
1 Github repository
7.5
CVSSv2
CVE-2013-4391
Integer overflow in the valid_user_field function in journal/journald-native.c in systemd allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a large journal data field, which triggers a heap-based buffer overflow.
Systemd Project Systemd
Debian Debian Linux 7.0
3.3
CVSSv2
CVE-2013-4392
systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.
Systemd Project Systemd
2 Github repositories
5.9
CVSSv2
CVE-2013-4394
The SetX11Keyboard function in systemd, when PolicyKit Local Authority (PKLA) is used to change the group permissions on the X Keyboard Extension (XKB) layouts description, allows local users in the group to modify the Xorg X11 Server configuration file and possibly gain privileg...
Systemd Project Systemd
Debian Debian Linux 7.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »