Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
systemd vulnerabilities and exploits
(subscribe to this query)
294
VMScore
CVE-2020-26261
jupyterhub-systemdspawner enables JupyterHub to spawn single-user notebook servers using systemd. In jupyterhub-systemdspawner before version 0.15 user API tokens issued to single-user servers are specified in the environment of systemd units. These tokens are incorrectly accessi...
Jupyterhub Systemdspawner
187
VMScore
CVE-2014-9770
tmpfiles.d/systemd.conf in systemd prior to 214 uses weak permissions for journal files under (1) /run/log/journal/%m and (2) /var/log/journal/%m, which allows local users to obtain sensitive information by reading these files.
Opensuse Opensuse 13.2
NA
CVE-2022-3560
A flaw was found in pesign. The pesign package provides a systemd service used to start the pesign daemon. This service unit runs a script to set ACLs for /etc/pki/pesign and /run/pesign directories to grant access privileges to users in the 'pesign' group. However, the...
Pesign Project Pesign
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
445
VMScore
CVE-2017-14178
In snapd 2.27 up to and including 2.29.2 the 'snap logs' command could be made to call journalctl without match arguments and therefore allow unprivileged, unauthenticated users to bypass systemd-journald's access restrictions.
Snapcraft Snapd
891
VMScore
CVE-2022-22704
The zabbix-agent2 package prior to 5.4.9-r1 for Alpine Linux sometimes allows privilege escalation to root because the design incorrectly expected that systemd would (in effect) determine part of the configuration.
Zabbix Zabbix-agent2
Zabbix Zabbix-agent2 5.4.9
890
VMScore
CVE-2019-14514
An issue exists in Microvirt MEmu all versions before 7.0.2. A guest Android operating system inside the MEmu emulator contains a /system/bin/systemd binary that is run with root privileges on startup (this is unrelated to Red Hat's systemd init program, and is a closed-sour...
Microvirt Memu
1 Github repository
409
VMScore
CVE-2015-8222
The lxd-unix.socket systemd unit file in the Ubuntu lxd package prior to 0.20-0ubuntu4.1 uses world-readable permissions for /var/lib/lxd/unix.socket, which allows local users to gain privileges via unspecified vectors.
Canonical Ubuntu Linux 15.10
NA
CVE-2024-3154
A flaw was found in cri-o, where an arbitrary systemd property can be injected via a Pod annotation. Any user who can create a pod with an arbitrary annotation may perform an arbitrary action on the host system.
1 Github repository
169
VMScore
CVE-2015-0245
D-Bus 1.4.x up to and including 1.6.x prior to 1.6.30, 1.8.x prior to 1.8.16, and 1.9.x prior to 1.9.10 does not validate the source of ActivationFailure signals, which allows local users to cause a denial of service (activation failure error returned) by leveraging a race condit...
Freedesktop Dbus 1.6.4
Freedesktop Dbus 1.4.18
Freedesktop Dbus 1.6.0
Freedesktop Dbus 1.5.6
Freedesktop Dbus 1.6.24
Freedesktop Dbus 1.8.0
Freedesktop Dbus 1.5.8
Freedesktop Dbus 1.5.4
Freedesktop Dbus 1.5.10
Freedesktop Dbus 1.9.0
Freedesktop Dbus 1.4.24
Freedesktop Dbus 1.4.12
Freedesktop Dbus 1.6.20
Freedesktop Dbus 1.6.10
Freedesktop Dbus 1.5.0
Freedesktop Dbus 1.6.12
Freedesktop Dbus 1.6.16
Freedesktop Dbus 1.4.6
Freedesktop Dbus 1.6.8
Freedesktop Dbus 1.4.16
Freedesktop Dbus 1.5.2
Freedesktop Dbus 1.6.26
668
VMScore
CVE-2021-40084
opensysusers up to and including 0.6 does not safely use eval on files in sysusers.d that may contain shell metacharacters. For example, it allows command execution via a crafted GECOS field whereas systemd-sysusers (a program with the same specification) does not do that.
Artixlinux Opensysusers
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »