Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xen xen vulnerabilities and exploits
(subscribe to this query)
4.1
CVSSv3
CVE-2023-3863
A use-after-free flaw was found in nfc_llcp_find_local in net/nfc/llcp_core.c in NFC in the Linux kernel. This flaw allows a local user with special privileges to impact a kernel information leak issue.
Linux Linux Kernel
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
5.5
CVSSv3
CVE-2023-2430
A vulnerability was found due to missing lock for IOPOLL flaw in io_cqring_event_overflow() in io_uring.c in Linux Kernel. This flaw allows a local attacker with user privilege to trigger a Denial of Service threat.
Linux Linux Kernel
Linux Linux Kernel 6.2
7.8
CVSSv3
CVE-2023-3776
A use-after-free vulnerability in the Linux kernel's net/sched: cls_fw component can be exploited to achieve local privilege escalation. If tcf_change_indev() fails, fw_set_parms() will immediately return an error after incrementing or decrementing the reference counter in t...
Linux Linux Kernel 6.5
Linux Linux Kernel
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
2 Github repositories
7.8
CVSSv3
CVE-2023-3609
A use-after-free vulnerability in the Linux kernel's net/sched: cls_u32 component can be exploited to achieve local privilege escalation. If tcf_change_indev() fails, u32_set_parms() will immediately return an error after incrementing or decrementing the reference counter in...
Linux Linux Kernel 6.4
Linux Linux Kernel
Debian Debian Linux 10.0
Debian Debian Linux 11.0
7.8
CVSSv3
CVE-2023-3611
An out-of-bounds write vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation. The qfq_change_agg() function in net/sched/sch_qfq.c allows an out-of-bounds write because lmax is updated according to packet size...
Linux Linux Kernel 6.5
Linux Linux Kernel
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
7.8
CVSSv3
CVE-2023-21255
In multiple functions of binder.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Google Android -
Debian Debian Linux 10.0
Debian Debian Linux 11.0
6.7
CVSSv3
CVE-2023-21400
In multiple functions of io_uring.c, there is a possible kernel memory corruption due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.
Google Android -
Debian Debian Linux 10.0
Debian Debian Linux 11.0
6.5
CVSSv3
CVE-2023-3338
A null pointer dereference flaw was found in the Linux kernel's DECnet networking protocol. This issue could allow a remote user to crash the system.
Linux Linux Kernel
Netapp Active Iq Unified Manager -
Debian Debian Linux 10.0
Debian Debian Linux 11.0
5.7
CVSSv3
CVE-2023-1206
A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel’s IPv6 functionality when a user makes a new kind of SYN flood attack. A user located in the local network or with a high bandwidth connection can increase the CPU usage of the server th...
Linux Linux Kernel
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Fedoraproject Fedora 38
7.8
CVSSv3
CVE-2023-3389
A use-after-free vulnerability in the Linux Kernel io_uring subsystem can be exploited to achieve local privilege escalation. Racing a io_uring cancel poll request with a linked timeout can cause a UAF in a hrtimer. We recommend upgrading past commit ef7dfac51d8ed961b742218f526bd...
Linux Linux Kernel
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 22.04
Debian Debian Linux 10.0
Debian Debian Linux 11.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »