Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
debian shadow vulnerabilities and exploits
(subscribe to this query)
4.7
CVSSv2
CVE-2018-12127
Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here:...
Intel Microarchitectural Load Port Data Sampling Firmware -
Fedoraproject Fedora 29
2 Github repositories
1 Article
4.7
CVSSv2
CVE-2018-12130
Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found h...
Intel Microarchitectural Fill Buffer Data Sampling Firmware -
Fedoraproject Fedora 29
3 Github repositories
1 Article
4.7
CVSSv2
CVE-2019-11091
Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products c...
Intel Microarchitectural Data Sampling Uncacheable Memory Firmware -
Fedoraproject Fedora 29
3 Github repositories
1 Article
6.8
CVSSv2
CVE-2018-20346
SQLite prior to 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allowing remote malicious users to execute arbitrary code by leveraging the ability ...
Sqlite Sqlite
Google Chrome
Redhat Linux 6.0
Debian Debian Linux 8.0
Opensuse Leap 42.3
Opensuse Leap 15.0
1 Github repository
7.2
CVSSv2
CVE-2018-19966
An issue exists in Xen up to and including 4.11.x allowing x86 PV guest OS users to cause a denial of service (host OS crash) or possibly gain host OS privileges because of an interpretation conflict for a union data structure associated with shadow paging. NOTE: this issue exist...
Xen Xen
Debian Debian Linux 9.0
2.1
CVSSv2
CVE-2017-17087
fileio.c in Vim before 8.0.1263 sets the group ownership of a .swp file to the editor's primary group (which may be different from the group ownership of the original file), which allows local users to obtain sensitive information by leveraging an applicable group membership...
Vim Vim
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
7.5
CVSSv2
CVE-2017-12424
In shadow prior to 4.5, the newusers tool could be made to manipulate internal data structures in ways unintended by the authors. Malformed input may lead to crashes (with a buffer overflow or other memory corruption) or other unspecified behaviors. This crosses a privilege bound...
Shadow Project Shadow
Debian Debian Linux 9.0
1.7
CVSSv2
CVE-2016-3159
The fpu_fxrstor function in arch/x86/i387.c in Xen 4.x does not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allows local guest OS users to obtain sensitive register content information from another guest by leveraging pending exceptio...
Oracle Vm Server 3.3
Oracle Vm Server 3.4
Xen Xen
Fedoraproject Fedora 22
Fedoraproject Fedora 23
Debian Debian Linux 8.0
7.5
CVSSv2
CVE-2015-1256
Use-after-free vulnerability in the SVG implementation in Blink, as used in Google Chrome prior to 43.0.2357.65, allows remote malicious users to cause a denial of service or possibly have unspecified other impact via a crafted document that leverages improper handling of a shado...
Debian Debian Linux 8.0
Google Chrome
6.4
CVSSv2
CVE-2011-0721
Multiple CRLF injection vulnerabilities in (1) chfn and (2) chsh in shadow 1:4.1.4 allow local users to add new users or groups to /etc/passwd via the GECOS field.
Debian Shadow 1\\
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »