Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
systemd vulnerabilities and exploits
(subscribe to this query)
7
CVSSv3
CVE-2019-3842
In systemd before v242-rc4, it exists that pam_systemd does not properly sanitize the environment before using the XDG_SEAT variable. It is possible for an attacker, in some particular configurations, to set a XDG_SEAT environment variable which allows for commands to be checked ...
Systemd Project Systemd 242
Systemd Project Systemd
Redhat Enterprise Linux 7.0
Fedoraproject Fedora 30
Debian Debian Linux 8.0
1 EDB exploit
7
CVSSv3
CVE-2018-15687
A race condition in chown_one() of systemd allows an malicious user to cause systemd to set arbitrary permissions on arbitrary files. Affected releases are systemd versions up to and including 239.
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Systemd Project Systemd
1 EDB exploit
6.7
CVSSv3
CVE-2020-13776
systemd through v245 mishandles numerical usernames such as ones composed of decimal digits or 0x followed by hex digits, as demonstrated by use of root privileges when privileges of the 0x0 user account were intended. NOTE: this issue exists because of an incomplete fix for CVE-...
Systemd Project Systemd
Netapp Solidfire \\& Hci Management Node -
Netapp Active Iq Unified Manager -
Fedoraproject Fedora 32
6.2
CVSSv3
CVE-2015-5969
The mysql-systemd-helper script in the mysql-community-server package prior to 5.6.28-2.17.1 in openSUSE 13.2 and prior to 5.6.28-13.1 in openSUSE Leap 42.1 and the mariadb package prior to 10.0.22-2.21.2 in openSUSE 13.2 and prior to 10.0.22-3.1 in SUSE Linux Enterprise (SLE) 12...
Suse Linux Enterprise Software Development Kit 12
Suse Linux Enterprise Server 12
Suse Linux Enterprise Workstation Extension 12
Suse Linux Enterprise Desktop 12
Opensuse Leap 42.1
Opensuse Opensuse 13.2
6.1
CVSSv3
CVE-2020-13529
An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigu...
Systemd Project Systemd 245
Fedoraproject Fedora 33
Netapp Cloud Backup -
Netapp Active Iq Unified Manager -
5.9
CVSSv3
CVE-2023-7008
A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles (or the upstream DNS resolver) to manipulate records.
Systemd Project Systemd 25
5.9
CVSSv3
CVE-2018-1196
Spring Boot supports an embedded launch script that can be used to easily run the application as a systemd or init.d linux service. The script included with Spring Boot 1.5.9 and previous versions and 2.0.0.M1 up to and including 2.0.0.M7 is susceptible to a symlink attack which ...
Vmware Spring Boot 2.0.0
Vmware Spring Boot
1 Github repository
5.9
CVSSv3
CVE-2017-6507
An issue exists in AppArmor prior to 2.12. Incorrect handling of unknown AppArmor profiles in AppArmor init scripts, upstart jobs, and/or systemd unit files allows an malicious user to possibly have increased attack surfaces of processes that were intended to be confined by AppAr...
Apparmor Apparmor
Canonical Ubuntu Core 15.04
Canonical Ubuntu Touch 15.04
5.6
CVSSv3
CVE-2019-11091
Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products c...
Intel Microarchitectural Data Sampling Uncacheable Memory Firmware -
Fedoraproject Fedora 29
3 Github repositories
1 Article
5.6
CVSSv3
CVE-2018-12126
Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found...
Intel Microarchitectural Store Buffer Data Sampling Firmware -
Fedoraproject Fedora 29
3 Github repositories
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »