Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
andy lutomirski vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2013-1796
The kvm_set_msr_common function in arch/x86/kvm/x86.c in the Linux kernel up to and including 3.8.4 does not ensure a required time_page alignment during an MSR_KVM_SYSTEM_TIME operation, which allows guest OS users to cause a denial of service (buffer overflow and host OS memory...
Linux Linux Kernel 3.8.2
Linux Linux Kernel 3.8.0
Linux Linux Kernel
Linux Linux Kernel 3.8.1
Linux Linux Kernel 3.8.3
6.2
CVSSv2
CVE-2014-5207
fs/namespace.c in the Linux kernel up to and including 3.16.1 does not properly restrict clearing MNT_NODEV, MNT_NOSUID, and MNT_NOEXEC and changing MNT_ATIME_MASK during a remount of a bind mount, which allows local users to gain privileges, interfere with backups and auditing o...
Linux Linux Kernel
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
1 EDB exploit
6.1
CVSSv2
CVE-2018-14734
drivers/infiniband/core/ucma.c in the Linux kernel up to and including 4.17.11 allows ucma_leave_multicast to access a certain data structure after a cleanup step in ucma_process_join, which allows malicious users to cause a denial of service (use-after-free).
Linux Linux Kernel
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 18.04
Debian Debian Linux 8.0
Debian Debian Linux 9.0
5
CVSSv2
CVE-2016-5244
The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel up to and including 4.6.3 does not initialize a certain structure member, which allows remote malicious users to obtain sensitive information from kernel stack memory by reading an RDS message.
Fedoraproject Fedora 23
Suse Linux Enterprise Real Time Extension 11
Fedoraproject Fedora 24
Suse Linux Enterprise Debuginfo 11
Suse Linux Enterprise Real Time Extension 12
Suse Linux Enterprise Server 11
Redhat Enterprise Linux 6.0
Suse Suse Linux Enterprise Software Development Kit 11
Suse Linux Enterprise Workstation Extension 12
Redhat Enterprise Linux 5
Suse Linux Enterprise Desktop 12
Suse Opensuse Leap 42.1
Suse Suse Linux Enterprise Software Development Kit 12
Fedoraproject Fedora 22
Linux Linux Kernel
Suse Suse Linux Enterprise Server 12
5
CVSSv2
CVE-2016-4485
The llc_cmsg_rcv function in net/llc/af_llc.c in the Linux kernel prior to 4.5.5 does not initialize a certain data structure, which allows malicious users to obtain sensitive information from kernel stack memory by reading a message.
Novell Suse Linux Enterprise Server 11
Novell Suse Linux Enterprise Debuginfo 11
Novell Suse Linux Enterprise Software Development Kit 11.0
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Linux Linux Kernel
5
CVSSv2
CVE-2016-4580
The x25_negotiate_facilities function in net/x25/x25_facilities.c in the Linux kernel prior to 4.5.5 does not properly initialize a certain data structure, which allows malicious users to obtain sensitive information from kernel stack memory via an X.25 Call Request.
Linux Linux Kernel
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
5
CVSSv2
CVE-2015-1593
The stack randomization feature in the Linux kernel prior to 3.19.1 on 64-bit platforms uses incorrect data types for the results of bitwise left-shift operations, which makes it easier for malicious users to bypass the ASLR protection mechanism by predicting the address of the t...
Linux Linux Kernel
1 Github repository
5
CVSSv2
CVE-2012-0698
tcsd in TrouSerS prior to 0.3.10 allows remote malicious users to cause a denial of service (daemon crash) via a crafted type_offset value in a TCP packet to port 30003.
Trustedcomputinggroup Trousers 0.2.8
Trustedcomputinggroup Trousers 0.2.9
Trustedcomputinggroup Trousers 0.2.9.1
Trustedcomputinggroup Trousers 0.2.9.2
Trustedcomputinggroup Trousers 0.3.0
Trustedcomputinggroup Trousers 0.3.1
Trustedcomputinggroup Trousers 0.3.2
Trustedcomputinggroup Trousers 0.3.3
Trustedcomputinggroup Trousers 0.3.4
Trustedcomputinggroup Trousers 0.3.5
Trustedcomputinggroup Trousers 0.3.6
Trustedcomputinggroup Trousers 0.3.7
Trustedcomputinggroup Trousers 0.3.8
Trustedcomputinggroup Trousers
1 EDB exploit
4.9
CVSSv2
CVE-2019-9213
In the Linux kernel prior to 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for malicious users to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task.
Linux Linux Kernel
Debian Debian Linux 8.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Opensuse Leap 42.3
Opensuse Leap 15.0
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
1 EDB exploit
3 Github repositories
4.9
CVSSv2
CVE-2018-6554
Memory leak in the irda_bind function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel prior to 4.17 allows local users to cause a denial of service (memory consumption) by repeatedly binding an AF_IRDA socket.
Linux Linux Kernel
Debian Debian Linux 8.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Debian Debian Linux 9.0
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 18.04
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »