Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
local users vulnerabilities and exploits
(subscribe to this query)
215
VMScore
CVE-2006-1549
PHP 4.4.2 and 5.1.2 allows local users to cause a crash (segmentation fault) by defining and executing a recursive function. NOTE: it has been reported by a reliable third party that some later versions are also affected.
Php Php 5.1.2
Php Php 4.4.2
1 EDB exploit
655
VMScore
CVE-2018-5511
On F5 BIG-IP 13.1.0-13.1.0.3 or 13.0.0, when authenticated administrative users execute commands in the Traffic Management User Interface (TMUI), also referred to as the BIG-IP Configuration utility, restrictions on allowed commands may not be enforced.
F5 Big-ip Local Traffic Manager 13.1.0
F5 Big-ip Local Traffic Manager 13.0.0
F5 Big-ip Application Acceleration Manager 13.1.0
F5 Big-ip Application Acceleration Manager 13.0.0
F5 Big-ip Advanced Firewall Manager 13.0.0
F5 Big-ip Advanced Firewall Manager 13.1.0
F5 Big-ip Analytics 13.1.0
F5 Big-ip Analytics 13.0.0
F5 Big-ip Access Policy Manager 13.1.0
F5 Big-ip Access Policy Manager 13.0.0
F5 Big-ip Application Security Manager 13.0.0
F5 Big-ip Application Security Manager 13.1.0
F5 Big-ip Edge Gateway 13.1.0
F5 Big-ip Edge Gateway 13.0.0
F5 Big-ip Global Traffic Manager 13.1.0
F5 Big-ip Global Traffic Manager 13.0.0
F5 Big-ip Link Controller 13.1.0
F5 Big-ip Link Controller 13.0.0
F5 Big-ip Policy Enforcement Manager 13.1.0
F5 Big-ip Policy Enforcement Manager 13.0.0
F5 Big-ip Webaccelerator 13.1.0
F5 Big-ip Webaccelerator 13.0.0
1 EDB exploit
409
VMScore
CVE-2004-0643
Double free vulnerability in the krb5_rd_cred function for MIT Kerberos 5 (krb5) 1.3.1 and previous versions may allow local users to execute arbitrary code.
Mit Kerberos 5
Debian Debian Linux 3.0
Redhat Enterprise Linux Desktop 3.0
Redhat Enterprise Linux Server 3.0
Redhat Enterprise Linux Workstation 3.0
409
VMScore
CVE-2020-5858
On BIG-IP 15.0.0-15.0.1.2, 14.1.0-14.1.2.2, 13.1.0-13.1.3.2, 12.1.0-12.1.5, and 11.5.2-11.6.5.1 and BIG-IQ 7.0.0, 6.0.0-6.1.0, and 5.2.0-5.4.0, users with non-administrator roles (for example, Guest or Resource Administrator) with tmsh shell access can execute arbitrary commands ...
F5 Big-iq Centralized Management
F5 Big-iq Centralized Management 7.0.0
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Analytics
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System
F5 Big-ip Edge Gateway
F5 Big-ip Fraud Protection Service
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Local Traffic Manager
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Webaccelerator
571
VMScore
CVE-2011-3188
The (1) IPv4 and (2) IPv6 implementations in the Linux kernel prior to 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote malicious users to cause a denial of service (disrupted networking) or hijack ...
Linux Linux Kernel
Redhat Enterprise Linux 4.0
F5 Enterprise Manager 3.0.0
F5 Firepass 7.0.0
F5 Big-ip Local Traffic Manager
F5 Big-ip Access Policy Manager
F5 Big-ip Edge Gateway
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Webaccelerator
F5 Big-ip Wan Optimization Manager
F5 Big-ip Protocol Security Module
F5 Big-ip Application Security Manager
F5 Firepass
F5 Arx
F5 Enterprise Manager
F5 Big-ip Analytics
445
VMScore
CVE-2018-15328
On BIG-IP 14.0.x, 13.x, 12.x, and 11.x, Enterprise Manager 3.1.1, BIG-IQ 6.x, 5.x, and 4.x, and iWorkflow 2.x, the passphrases for SNMPv3 users and trap destinations that are used for authentication and privacy are not handled by the BIG-IP system Secure Vault feature; they are w...
F5 Big-ip Application Acceleration Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Analytics 14.0.0
F5 Big-ip Access Policy Manager
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System
F5 Big-ip Edge Gateway 14.0.0
F5 Big-ip Fraud Protection Service
F5 Big-ip Link Controller
F5 Big-ip Policy Enforcement Manager 14.0.0
F5 Big-ip Webaccelerator
F5 Big-ip Advanced Firewall Manager 14.0.0
F5 Big-ip Analytics
F5 Big-ip Domain Name System 14.0.0
F5 Big-ip Edge Gateway
F5 Big-ip Link Controller 14.0.0
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Local Traffic Manager
F5 Big-ip Local Traffic Manager 14.0.0
F5 Big-ip Access Policy Manager 14.0.0
F5 Big-ip Fraud Protection Service 14.0.0
F5 Big-ip Global Traffic Manager
641
VMScore
CVE-2021-23012
On BIG-IP versions 16.0.x prior to 16.0.1.1, 15.1.x prior to 15.1.3, 14.1.x prior to 14.1.4, and 13.1.x prior to 13.1.4, lack of input validation for items used in the system support functionality may allow users granted either "Resource Administrator" or "Administ...
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Analytics
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System
F5 Big-ip Global Traffic Manager
F5 Big-ip Fraud Protection Service
F5 Big-ip Link Controller
F5 Big-ip Advanced Web Application Firewall
F5 Big-ip Ddos Hybrid Defender
F5 Big-ip Local Traffic Manager
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Ssl Orchestrator
356
VMScore
CVE-2021-26920
In the Druid ingestion system, the InputSource is used for reading data from a certain data source. However, the HTTP InputSource allows authenticated users to read data from other sources than intended, such as the local file system, with the privileges of the Druid server proce...
Apache Druid
1 Github repository
405
VMScore
CVE-2015-4040
Directory traversal vulnerability in the configuration utility in F5 BIG-IP prior to 12.0.0 and Enterprise Manager 3.0.0 up to and including 3.1.1 allows remote authenticated users to access arbitrary files in the web root via unspecified vectors.
F5 Enterprise Manager 3.1.1
F5 Enterprise Manager 3.0.0
F5 Enterprise Manager 3.1.0
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Analytics
F5 Big-ip Webaccelerator
F5 Big-ip Wan Optimization Manager
F5 Big-ip Access Policy Manager
F5 Big-ip Application Security Manager
F5 Big-ip Edge Gateway
F5 Big-ip Local Traffic Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Protocol Security Module
1 EDB exploit
169
VMScore
CVE-2010-0826
The Free Software Foundation (FSF) Berkeley DB NSS module (aka libnss-db) 2.2.3pre1 reads the DB_CONFIG file in the current working directory, which allows local users to obtain sensitive information via a symlink attack involving a setgid or setuid application that uses this mod...
Piotr Roszatycki Libnss-db 2.2.3
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »