Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
echo security vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2019-10639
The Linux kernel 4.x (starting from 4.1) and 5.x prior to 5.0.8 allows Information Exposure (partial kernel address disclosure), leading to a KASLR bypass. Specifically, it is possible to extract the KASLR kernel image offset using the IP ID values the kernel produces for connect...
Linux Linux Kernel
4.7
CVSSv3
CVE-2016-8405
An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requi...
Linux Linux Kernel 3.18
Linux Linux Kernel 3.10
5.5
CVSSv3
CVE-2017-5549
The klsi_105_get_line_state function in drivers/usb/serial/kl5kusb105.c in the Linux kernel prior to 4.9.5 places uninitialized heap-memory contents into a log entry upon a failure to read the line status, which allows local users to obtain sensitive information by reading the lo...
Linux Linux Kernel
4.4
CVSSv3
CVE-2017-5551
The simple_set_acl function in fs/posix_acl.c in the Linux kernel prior to 4.9.6 preserves the setgid bit during a setxattr call involving a tmpfs filesystem, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on ex...
Linux Linux Kernel
7
CVSSv3
CVE-2017-12146
The driver_override implementation in drivers/base/platform.c in the Linux kernel prior to 4.12.1 allows local users to gain privileges by leveraging a race condition between a read operation and a store operation that involve different overrides.
Linux Linux Kernel
7.8
CVSSv3
CVE-2017-14497
The tpacket_rcv function in net/packet/af_packet.c in the Linux kernel prior to 4.13 mishandles vnet headers, which might allow local users to cause a denial of service (buffer overflow, and disk and memory corruption) or possibly have unspecified other impact via crafted system ...
Linux Linux Kernel
Debian Debian Linux 8.0
Debian Debian Linux 9.0
8.8
CVSSv3
CVE-2017-12134
The xen_biovec_phys_mergeable function in drivers/xen/biomerge.c in Xen might allow local OS guest users to corrupt block device data streams and consequently obtain sensitive memory information, cause a denial of service, or gain host OS privileges by leveraging incorrect block ...
Xen Xen
Citrix Xenserver 7.0
Citrix Xenserver 6.5
Citrix Xenserver 7.1
Citrix Xenserver 6.2.0
Citrix Xenserver 7.2
Citrix Xenserver 6.0.2
6.6
CVSSv3
CVE-2017-16538
drivers/media/usb/dvb-usb-v2/lmedm04.c in the Linux kernel up to and including 4.13.11 allows local users to cause a denial of service (general protection fault and system crash) or possibly have unspecified other impact via a crafted USB device, related to a missing warm-start c...
Linux Linux Kernel
7.8
CVSSv3
CVE-2017-1000371
The offset2lib patch as used by the Linux Kernel contains a vulnerability, if RLIMIT_STACK is set to RLIM_INFINITY and 1 Gigabyte of memory is allocated (the maximum under the 1/4 restriction) then the stack will be grown down to 0x80000000, and as the PIE binary is mapped above ...
Linux Linux Kernel
2 EDB exploits
9.8
CVSSv3
CVE-2017-5897
The ip6gre_err function in net/ipv6/ip6_gre.c in the Linux kernel allows remote malicious users to have unspecified impact via vectors involving GRE flags in an IPv6 packet, which trigger an out-of-bounds access.
Linux Linux Kernel
Canonical Ubuntu Linux 14.04
Debian Debian Linux 8.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »