Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
shadow vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-6702
S.T.A.L.K.E.R.: Shadow of Chernobyl 1.0006 and previous versions allows remote malicious users to cause a denial of service (crash) via a long nickname, which triggers an exception.
Stalker-game S.t.a.l.k.e.r.\\ Shadow Of Chernobyl
1 EDB exploit
8.1
CVSSv3
CVE-2023-38354
MiniTool Shadow Maker version 4.1 contains an insecure installation process that allows malicious users to achieve remote code execution through a man in the middle attack.
Minitool Shadowmaker 4.1
NA
CVE-2012-3467
Apache QPID 0.14, 0.16, and previous versions uses a NullAuthenticator mechanism to authenticate catch-up shadow connections to AMQP brokers, which allows remote malicious users to bypass authentication.
Apache Qpid
Apache Qpid 0.6
Apache Qpid 0.14
Apache Qpid 0.5
NA
CVE-2010-3962
Use-after-free vulnerability in Microsoft Internet Explorer 6, 7, and 8 allows remote malicious users to execute arbitrary code via vectors related to Cascading Style Sheets (CSS) token sequences and the clip attribute, aka an "invalid flag reference" issue or "Uni...
Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
Microsoft Internet Explorer 8
3 EDB exploits
1 Article
4.9
CVSSv3
CVE-2020-11491
Monitoring::Logs in Zen Load Balancer 3.10.1 allows remote authenticated admins to conduct absolute path traversal attacks, as demonstrated by a filelog=/etc/shadow request to index.cgi.
Zevenet Zen Load Balancer 3.10.1
NA
CVE-2013-4356
Xen 4.3.x writes hypervisor mappings to certain shadow pagetables when live migration is performed on hosts with more than 5TB of RAM, which allows local 64-bit PV guests to read or write to invalid memory and cause a denial of service (crash).
Xen Xen 4.3.0
NA
CVE-2007-0003
pam_unix.so in Linux-PAM 0.99.7.0 allows context-dependent malicious users to log into accounts whose password hash, as stored in /etc/passwd or /etc/shadow, has only two characters.
Andrew Morgan Linux Pam 0.99.7.0
6.5
CVSSv3
CVE-2021-43043
An issue exists in Kaseya Unitrends Backup Appliance prior to 10.5.5. The apache user could read arbitrary files such as /etc/shadow by abusing an insecure Sudo rule.
Kaseya Unitrends Backup
7.8
CVSSv3
CVE-2001-0195
sash prior to 3.4-4 in Debian GNU/Linux does not properly clone /etc/shadow, which makes it world-readable and could allow local users to gain privileges via password cracking.
Debian Debian Linux 2.2
4.7
CVSSv3
CVE-2016-5709
SolarWinds Virtualization Manager 6.3.1 and previous versions uses weak encryption to store passwords in /etc/shadow, which allows local users with superuser privileges to obtain user passwords via a brute force attack.
Solarwinds Virtualization Manager
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »