Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apparmor apparmor vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2017-11565
debian/tor.init in the Debian tor_0.2.9.11-1~deb9u1 package for Tor was designed to execute aa-exec from the standard system pathname if the apparmor package is installed, but implements this incorrectly (with a wrong assumption that the specific pathname would remain the same fo...
Debian Tor 0.2.9.11-1
2.1
CVSSv2
CVE-2017-8900
LightDM up to and including 1.22.0, when systemd is used in Ubuntu 16.10 and 17.x, allows physically proximate malicious users to bypass intended AppArmor restrictions and visit the home directories of arbitrary users by establishing a guest session.
Lightdm Project Lightdm
4.3
CVSSv2
CVE-2017-6507
An issue exists in AppArmor prior to 2.12. Incorrect handling of unknown AppArmor profiles in AppArmor init scripts, upstart jobs, and/or systemd unit files allows an malicious user to possibly have increased attack surfaces of processes that were intended to be confined by AppAr...
Apparmor Apparmor
Canonical Ubuntu Core 15.04
Canonical Ubuntu Touch 15.04
1.9
CVSSv2
CVE-2016-4952
QEMU (aka Quick Emulator), when built with VMWARE PVSCSI paravirtual SCSI bus emulation support, allows local guest OS administrators to cause a denial of service (out-of-bounds array access) via vectors related to the (1) PVSCSI_CMD_SETUP_RINGS or (2) PVSCSI_CMD_SETUP_MSG_RING S...
Qemu Qemu
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Debian Debian Linux 8.0
1 Github repository
1.9
CVSSv2
CVE-2016-5105
The megasas_dcmd_cfg_read function in hw/scsi/megasas.c in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, uses an uninitialized variable, which allows local guest administrators to read host memory via vectors involving a MegaRAID Firmware Interfac...
Qemu Qemu
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Debian Debian Linux 8.0
1.9
CVSSv2
CVE-2016-5106
The megasas_dcmd_set_properties function in hw/scsi/megasas.c in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest administrators to cause a denial of service (out-of-bounds write access) via vectors involving a MegaRAID Firmware In...
Qemu Qemu
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Debian Debian Linux 8.0
1.9
CVSSv2
CVE-2016-5107
The megasas_lookup_frame function in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest OS administrators to cause a denial of service (out-of-bounds read and crash) via unspecified vectors.
Qemu Qemu
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Debian Debian Linux 8.0
4.9
CVSSv2
CVE-2016-5403
The virtqueue_pop function in hw/virtio/virtio.c in QEMU allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by submitting requests without waiting for completion.
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Oracle Linux 5
Oracle Linux 6
Oracle Linux 7
Oracle Vm Server 3.4
Qemu Qemu
Qemu Qemu 2.7.0
Debian Debian Linux 8.0
Redhat Openstack 5.0
Redhat Openstack 6.0
Redhat Openstack 7.0
Redhat Openstack 8
Redhat Openstack 9
Redhat Virtualization 3.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Aus 7.2
Redhat Enterprise Linux Server Aus 7.3
2.1
CVSSv2
CVE-2016-5238
The get_cmd function in hw/scsi/esp.c in QEMU might allow local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via vectors related to reading from the information transfer buffer in non-DMA mode.
Qemu Qemu
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Debian Debian Linux 8.0
2.1
CVSSv2
CVE-2016-5337
The megasas_ctrl_get_info function in hw/scsi/megasas.c in QEMU allows local guest OS administrators to obtain sensitive host memory information via vectors related to reading device control information.
Qemu Qemu
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Debian Debian Linux 8.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »