Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
linux vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-37920
Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi prior to version 2023.07.22 recognizes "e-Tugra" root certificates. e-Tugra's root certificates were subje...
Kennethreitz Certifi
3 Github repositories
9.8
CVSSv3
CVE-2023-35941
Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12, a malicious client is able to construct credentials with permanent validity in some specific scenarios. This is caused by the som...
Envoyproxy Envoy
9.8
CVSSv3
CVE-2023-38408
The PKCS#11 feature in ssh-agent in OpenSSH prior to 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this ...
Openbsd Openssh
Openbsd Openssh 9.3
Fedoraproject Fedora 37
Fedoraproject Fedora 38
10 Github repositories
9.8
CVSSv3
CVE-2023-36670
A remotely exploitable command injection vulnerability was found on the Kratos NGC-IDU 9.1.0.4. An attacker can execute arbitrary Linux commands as root by sending crafted TCP requests to the device.
Kratosdefense Ngc Indoor Unit Firmware 9.1.0.4
9.8
CVSSv3
CVE-2022-4146
Expression Language Injection vulnerability in Hitachi Replication Manager on Windows, Linux, Solaris allows Code Injection.This issue affects Hitachi Replication Manager: prior to 8.8.5-02.
Hitachi Replication Manager
9.8
CVSSv3
CVE-2023-38427
An issue exists in the Linux kernel prior to 6.3.8. fs/smb/server/smb2pdu.c in ksmbd has an integer underflow and out-of-bounds read in deassemble_neg_contexts.
Linux Linux Kernel
Netapp H300s -
Netapp H500s -
Netapp H700s -
Netapp H410s -
9.8
CVSSv3
CVE-2023-38429
An issue exists in the Linux kernel prior to 6.3.4. fs/ksmbd/connection.c in ksmbd has an off-by-one error in memory allocation (because of ksmbd_smb2_check_message) that may lead to out-of-bounds access.
Linux Linux Kernel
9.8
CVSSv3
CVE-2023-26512
CWE-502 Deserialization of Untrusted Data at the rabbitmq-connector plugin module in Apache EventMesh (incubating) V1.7.0\V1.8.0 on windows\linux\mac os e.g. platforms allows malicious users to send controlled message and remote code execute via rabbitmq messages. Users can use t...
Apache Eventmesh
9.8
CVSSv3
CVE-2023-26563
The Syncfusion EJ2 Node File Provider 0102271 is vulnerable to filesystem-server.js directory traversal. As a result, an unauthenticated attacker can: - On Windows, list files in any directory, read any file, delete any file, upload any file to any directory accessible by the web...
Syncfusion Nodejs File System Provider 0102271
1 Github repository
9.8
CVSSv3
CVE-2023-29824
A use-after-free issue exists in Py_FindObjects() function in SciPy versions before 1.8.0. NOTE: the vendor and discoverer indicate that this is not a security issue.
Scipy Scipy
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3661
open redirect
CVE-2024-25512
CVE-2024-33788
command injection
SSTI
CVE-2024-0043
CVE-2024-29210
CVE-2024-25510
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »