Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
leap vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2017-6594
The transit path validation code in Heimdal prior to 7.3 might allow malicious users to bypass the capath policy protection mechanism by leveraging failure to add the previous hop realm to the transit path of issued tickets.
Heimdal Project Heimdal
Opensuse Leap 42.2
Opensuse Leap 42.3
3.5
CVSSv2
CVE-2017-5930
The AliasHandler component in PostfixAdmin prior to 3.0.2 allows remote authenticated domain admins to delete protected aliases via the delete parameter to delete.php, involving a missing permission check.
Opensuse Leap 42.1
Opensuse Leap 42.2
Postfixadmin Project Postfixadmin
4.4
CVSSv2
CVE-2020-0305
In cdev_get of char_dev.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-15346...
Google Android 10.0
Opensuse Leap 15.1
Opensuse Leap 15.2
4.7
CVSSv2
CVE-2020-14416
In the Linux kernel prior to 5.4.16, a race condition in tty->disc_data handling in the slip and slcan line discipline could lead to a use-after-free, aka CID-0ace17d56824. This affects drivers/net/slip/slip.c and drivers/net/can/slcan.c.
Linux Linux Kernel
Opensuse Leap 15.1
Opensuse Leap 15.2
2.1
CVSSv2
CVE-2019-15919
An issue exists in the Linux kernel prior to 5.0.10. SMB2_write in fs/cifs/smb2pdu.c has a use-after-free.
Linux Linux Kernel
Opensuse Leap 15.0
Opensuse Leap 15.1
7.5
CVSSv2
CVE-2019-8341
An issue exists in Jinja2 2.10. The from_string function is prone to Server Side Template Injection (SSTI) where it takes the "source" parameter as a template object, renders it, and then returns it. The attacker can exploit it with {{INJECTION COMMANDS}} in a URI. NOTE...
Pocoo Jinja2 2.10
Opensuse Leap 42.3
Opensuse Leap 15.0
1 EDB exploit
1 Github repository
4.3
CVSSv2
CVE-2015-8010
Cross-site scripting (XSS) vulnerability in the Classic-UI with the CSV export link and pagination feature in Icinga prior to 1.14 allows remote malicious users to inject arbitrary web script or HTML via the query string to cgi-bin/status.cgi.
Icinga Icinga
Opensuse Leap 42.2
Opensuse Project Leap 42.1
1.9
CVSSv2
CVE-2019-2850
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are before 5.2.32 and before 6.0.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Orac...
Oracle Vm Virtualbox
Opensuse Leap 15.0
Opensuse Leap 15.1
4.6
CVSSv2
CVE-2019-2859
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are before 5.2.32 and before 6.0.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Orac...
Oracle Vm Virtualbox
Opensuse Leap 15.0
Opensuse Leap 15.1
4.4
CVSSv2
CVE-2019-2864
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are before 5.2.32 and before 6.0.10. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where O...
Oracle Vm Virtualbox
Opensuse Leap 15.0
Opensuse Leap 15.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »