Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
selinux vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2020-10731
A flaw was found in the nova_libvirt container provided by the Red Hat OpenStack Platform 16, where it does not have SELinux enabled. This flaw causes sVirt, an important isolation mechanism, to be disabled for all running virtual machines.
Redhat Openstack Platform 15.0
Redhat Openstack Platform 16.0
Redhat Openstack Platform 16.1
1 Article
2.1
CVSSv2
CVE-2020-27056
In SELinux policies of mls, there is a missing permission check. This could lead to local information disclosure of package metadata with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-1...
Google Android 11.0
6.5
CVSSv2
CVE-2012-3462
A flaw was found in SSSD version 1.9.0. The SSSD's access-provider logic causes the result of the HBAC rule processing to be ignored in the event that the access-provider is also handling the setup of the user's SELinux user context.
Fedoraproject Sssd 1.9.0
7.5
CVSSv2
CVE-2022-23132
During Zabbix installation from RPM, DAC_OVERRIDE SELinux capability is in use to access PID files in [/var/run/zabbix] folder. In this case, Zabbix Proxy or Server processes can bypass file read, write and execute permissions check on the file system level
Zabbix Zabbix 6.0.0
Zabbix Zabbix
Fedoraproject Fedora 34
Fedoraproject Fedora 35
4.4
CVSSv2
CVE-2009-1184
The selinux_ip_postroute_iptables_compat function in security/selinux/hooks.c in the SELinux subsystem in the Linux kernel prior to 2.6.27.22, and 2.6.28.x prior to 2.6.28.10, when compat_net is enabled, omits calls to avc_has_perm for the (1) node and (2) port, which allows loca...
Linux Linux Kernel 2.6.27.12
Linux Linux Kernel 2.6.20.6
Linux Linux Kernel 2.6.25.4
Linux Linux Kernel 2.6.25.11
Linux Linux Kernel 2.6.28
Linux Linux Kernel 2.6.20.9
Linux Linux Kernel 2.6.26
Linux Linux Kernel 2.6.18
Linux Linux Kernel 2.6.11
Linux Linux Kernel 2.6.25.9
Linux Linux Kernel 2.6.23.4
Linux Linux Kernel 2.6.22.15
Linux Linux Kernel 2.6.16.16
Linux Linux Kernel 2.6.18.7
Linux Linux Kernel 2.6.17.12
Linux Linux Kernel 2.6.16.39
Linux Linux Kernel 2.6.27.3
Linux Linux Kernel 2.6.21
Linux Linux Kernel 2.6.16.9
Linux Linux Kernel 2.6.17.9
Linux Linux Kernel 2.6.11.2
Linux Linux Kernel 2.6.27.1
4.6
CVSSv2
CVE-2018-9488
In the SELinux permissions of crash_dump.te, there is a permissions bypass due to a missing restriction. This could lead to a local escalation of privilege, with System privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.0 Andr...
Google Android 8.1
Google Android 9.0
Google Android 8.0
1 EDB exploit
9.3
CVSSv2
CVE-2016-3762
The sockets subsystem in Android 5.0.x prior to 5.0.2, 5.1.x prior to 5.1.1, and 6.x prior to 2016-07-01 allows malicious users to gain privileges via a crafted application that uses (1) the AF_MSM_IPC socket class or (2) another socket class that is unrecognized by SELinux, aka ...
Google Android 6.0
Google Android 5.1.0
Google Android 5.1
Google Android 5.0.1
Google Android 5.0
Google Android 6.0.1
NA
CVE-2022-20340
In SELinux policy, there is a possible way of inferring which websites are being opened in the browser due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitatio...
Google Android 13.0
7.2
CVSSv2
CVE-2021-43057
An issue exists in the Linux kernel prior to 5.14.8. A use-after-free in selinux_ptrace_traceme (aka the SELinux handler for PTRACE_TRACEME) could be used by local malicious users to cause memory corruption and escalate privileges, aka CID-a3727a8bac0a. This occurs because of an ...
Linux Linux Kernel
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
3.3
CVSSv2
CVE-2021-3631
A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels. This flaw allows one exploited guest to access files labeled for another guest, resulting in the breaking out of sVirt confinement. The highest threat from this vulnerability i...
Redhat Libvirt
Redhat Enterprise Linux 8.0
Redhat Openshift Container Platform 4.8
Netapp Ontap Select Deploy Administration Utility -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38002
CVE-2006-4304
CVE-2024-4336
CVE-2024-33437
CVE-2024-4340
CVE-2024-27956
privilege
insecure direct object reference
XSS
item search icon">CVE-2024-25938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »