Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
systemd vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2019-3815
A memory leak exists in the backport of fixes for CVE-2018-16864 in Red Hat Enterprise Linux. Function dispatch_message_real() in journald-server.c does not free the memory allocated by set_iovec_field_free() to store the `_CMDLINE=` entry. A local attacker may use this flaw to m...
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Eus 7.6
Redhat Enterprise Linux Server Aus 7.6
Redhat Openshift Container Platform 3.11
Debian Debian Linux 8.0
2.1
CVSSv2
CVE-2018-16866
An out of bounds read exists in systemd-journald in the way it parses log messages that terminate with a colon ':'. A local attacker can use this flaw to disclose process memory data. Versions from v221 to v239 are vulnerable.
Systemd Project Systemd
Debian Debian Linux 9.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Netapp Active Iq Performance Analytics Services -
Netapp Element Software
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux For Scientific Computing 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux For Power Little Endian 7.0
Redhat Enterprise Linux For Power Big Endian 7.0
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Tus 7.4
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux 7.6
Redhat Enterprise Linux Server Update Services For Sap Solutions 7.6
Redhat Enterprise Linux Server Update Services For Sap Solutions 7.4
Redhat Enterprise Linux Compute Node Eus 7.6
Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 7.4
1 Github repository
2 Articles
2.1
CVSSv2
CVE-2017-8900
LightDM up to and including 1.22.0, when systemd is used in Ubuntu 16.10 and 17.x, allows physically proximate malicious users to bypass intended AppArmor restrictions and visit the home directories of arbitrary users by establishing a guest session.
Lightdm Project Lightdm
2.1
CVSSv2
CVE-2015-8842
tmpfiles.d/systemd.conf in systemd prior to 229 uses weak permissions for /var/log/journal/%m/system.journal, which allows local users to obtain sensitive information by reading the file.
Opensuse Opensuse 13.2
2.1
CVSSv2
CVE-2014-9770
tmpfiles.d/systemd.conf in systemd prior to 214 uses weak permissions for journal files under (1) /run/log/journal/%m and (2) /var/log/journal/%m, which allows local users to obtain sensitive information by reading these files.
Opensuse Opensuse 13.2
2.1
CVSSv2
CVE-2015-5969
The mysql-systemd-helper script in the mysql-community-server package prior to 5.6.28-2.17.1 in openSUSE 13.2 and prior to 5.6.28-13.1 in openSUSE Leap 42.1 and the mariadb package prior to 10.0.22-2.21.2 in openSUSE 13.2 and prior to 10.0.22-3.1 in SUSE Linux Enterprise (SLE) 12...
Suse Linux Enterprise Software Development Kit 12
Suse Linux Enterprise Server 12
Suse Linux Enterprise Workstation Extension 12
Suse Linux Enterprise Desktop 12
Opensuse Leap 42.1
Opensuse Opensuse 13.2
2.1
CVSSv2
CVE-2014-8399
The default configuration in systemd-shim 8 enables the Abandon debugging clause, which allows local users to cause a denial of service via unspecified vectors.
Shim Project Shim 8
2.1
CVSSv2
CVE-2013-4393
journald in systemd, when the origin of native messages is set to file, allows local users to cause a denial of service (logging service blocking) via a crafted file descriptor.
Systemd Project Systemd
1.9
CVSSv2
CVE-2018-16888
It exists systemd does not correctly check the content of PIDFile files before using it to kill processes. When a service is run from an unprivileged user (e.g. User field set in the service file), a local attacker who is able to write to the PIDFile of the mentioned service may ...
Systemd Project Systemd
Redhat Enterprise Linux 7.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 16.04
Netapp Element Software -
Netapp Active Iq Performance Analytics Services -
1 Github repository
1.9
CVSSv2
CVE-2015-0245
D-Bus 1.4.x up to and including 1.6.x prior to 1.6.30, 1.8.x prior to 1.8.16, and 1.9.x prior to 1.9.10 does not validate the source of ActivationFailure signals, which allows local users to cause a denial of service (activation failure error returned) by leveraging a race condit...
Freedesktop Dbus 1.6.4
Freedesktop Dbus 1.4.18
Freedesktop Dbus 1.6.0
Freedesktop Dbus 1.5.6
Freedesktop Dbus 1.6.24
Freedesktop Dbus 1.8.0
Freedesktop Dbus 1.5.8
Freedesktop Dbus 1.5.4
Freedesktop Dbus 1.5.10
Freedesktop Dbus 1.9.0
Freedesktop Dbus 1.4.24
Freedesktop Dbus 1.4.12
Freedesktop Dbus 1.6.20
Freedesktop Dbus 1.6.10
Freedesktop Dbus 1.5.0
Freedesktop Dbus 1.6.12
Freedesktop Dbus 1.6.16
Freedesktop Dbus 1.4.6
Freedesktop Dbus 1.6.8
Freedesktop Dbus 1.4.16
Freedesktop Dbus 1.5.2
Freedesktop Dbus 1.6.26
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »