Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file file 4.8 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-0291
The sigalgs implementation in t1_lib.c in OpenSSL 1.0.2 prior to 1.0.2a allows remote malicious users to cause a denial of service (NULL pointer dereference and daemon crash) by using an invalid signature_algorithms extension in the ClientHello message during a renegotiation.
Openssl Openssl 1.0.2
3 Github repositories
2 Articles
9.8
CVSSv3
CVE-2017-5897
The ip6gre_err function in net/ipv6/ip6_gre.c in the Linux kernel allows remote malicious users to have unspecified impact via vectors involving GRE flags in an IPv6 packet, which trigger an out-of-bounds access.
Linux Linux Kernel
Canonical Ubuntu Linux 14.04
Debian Debian Linux 8.0
4.4
CVSSv3
CVE-2017-5551
The simple_set_acl function in fs/posix_acl.c in the Linux kernel prior to 4.9.6 preserves the setgid bit during a setxattr call involving a tmpfs filesystem, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on ex...
Linux Linux Kernel
7.8
CVSSv3
CVE-2016-9083
drivers/vfio/pci/vfio_pci.c in the Linux kernel up to and including 4.8.11 allows local users to bypass integer overflow checks, and cause a denial of service (memory corruption) or have unspecified other impact, by leveraging access to a vfio PCI device file for a VFIO_DEVICE_SE...
Linux Linux Kernel
7.8
CVSSv3
CVE-2016-9084
drivers/vfio/pci/vfio_pci_intrs.c in the Linux kernel up to and including 4.8.11 misuses the kzalloc function, which allows local users to cause a denial of service (integer overflow) or have unspecified other impact by leveraging access to a vfio PCI device file.
Linux Linux Kernel
7.5
CVSSv3
CVE-2017-7618
crypto/ahash.c in the Linux kernel up to and including 4.10.9 allows malicious users to cause a denial of service (API operation calling its own callback, and infinite recursion) by triggering EBUSY on a full queue.
Linux Linux Kernel
5.5
CVSSv3
CVE-2017-2671
The ping_unhash function in net/ipv4/ping.c in the Linux kernel up to and including 4.10.8 is too late in obtaining a certain lock and consequently cannot ensure that disconnect function calls are safe, which allows local users to cause a denial of service (panic) by leveraging a...
Linux Linux Kernel
1 EDB exploit
1 Github repository
7.8
CVSSv3
CVE-2017-7187
The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel up to and including 4.10.4 allows local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a large command size in an SG_NEXT_CMD_LEN ioctl call, leading to ...
Linux Linux Kernel
5.5
CVSSv3
CVE-2017-5549
The klsi_105_get_line_state function in drivers/usb/serial/kl5kusb105.c in the Linux kernel prior to 4.9.5 places uninitialized heap-memory contents into a log entry upon a failure to read the line status, which allows local users to obtain sensitive information by reading the lo...
Linux Linux Kernel
4.7
CVSSv3
CVE-2016-8405
An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requi...
Linux Linux Kernel 3.10
Linux Linux Kernel 3.18
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30078
CVE-2024-37896
code injection
CVE-2024-3080
CVE-2024-5172
cross-site request forgery
CVE-2024-6111
firmware
CVE-2024-38504
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »