Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
physical vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2023-20598
An improper privilege management in the AMD Radeon™ Graphics driver may allow an authenticated malicious user to craft an IOCTL request to gain I/O control over arbitrary hardware ports or physical addresses resulting in a potential arbitrary code execution.
Amd Radeon Software
7.8
CVSSv3
CVE-2023-34319
The fix for XSA-423 added logic to Linux'es netback driver to deal with a frontend splitting a packet in a way such that not all of the headers would come in one piece. Unfortunately the logic introduced there didn't account for the extreme case of the entire packet bei...
Xen Xen
Debian Debian Linux 10.0
7.8
CVSSv3
CVE-2023-4147
A use-after-free flaw was found in the Linux kernel’s Netfilter functionality when adding a rule with NFTA_RULE_CHAIN_ID. This flaw allows a local user to crash or escalate their privileges on the system.
Linux Linux Kernel 6.5
Linux Linux Kernel
Fedoraproject Fedora 38
Redhat Enterprise Linux 9.0
Redhat Enterprise Linux For Real Time For Nfv 9.0
Redhat Enterprise Linux For Real Time 9.0
Redhat Enterprise Linux Server Aus 9.2
Redhat Enterprise Linux Eus 9.2
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
7.8
CVSSv3
CVE-2023-4004
A use-after-free flaw was found in the Linux kernel's netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a NFT_SET_EXT_KEY_END. This issue could allow a local user to crash the system or potentially escalate their privileges on the ...
Linux Linux Kernel
Fedoraproject Fedora 38
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Netapp H300s -
Netapp H500s -
Netapp H700s -
Netapp H410s -
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
7.8
CVSSv3
CVE-2023-2598
A flaw was found in the fixed buffer registration code for io_uring (io_sqe_buffer_register in io_uring/rsrc.c) in the Linux kernel that allows out-of-bounds access to physical memory beyond the end of the buffer. This flaw enables full local privilege escalation.
Linux Linux Kernel
Netapp Hci Baseboard Management Controller H300s
Netapp Hci Baseboard Management Controller H500s
Netapp Hci Baseboard Management Controller H700s
Netapp Hci Baseboard Management Controller H410s
Netapp Hci Baseboard Management Controller H410c
2 Github repositories
7.8
CVSSv3
CVE-2023-28410
Improper restriction of operations within the bounds of a memory buffer in some Intel(R) i915 Graphics drivers for linux before kernel version 6.2.10 may allow an authenticated user to potentially enable escalation of privilege via local access.
Intel I915 Graphics
7.8
CVSSv3
CVE-2023-21642
Memory corruption in HAB Memory management due to broad system privileges via physical address.
Qualcomm Qam8295p Firmware -
Qualcomm Qca6574au Firmware -
Qualcomm Qca6696 Firmware -
Qualcomm Sa6145p Firmware -
Qualcomm Sa6150p Firmware -
Qualcomm Sa6155p Firmware -
Qualcomm Sa8145p Firmware -
Qualcomm Sa8150p Firmware -
Qualcomm Sa8155p Firmware -
Qualcomm Sa8195p Firmware -
Qualcomm Sa8295p Firmware -
Qualcomm Sa8540p Firmware -
Qualcomm Sa9000p Firmware -
7.8
CVSSv3
CVE-2022-36443
An issue exists in Zebra Enterprise Home Screen 4.1.19. The device allows the administrator to lock some communication channels (wireless and SD card) but it is still possible to use a physical connection (Ethernet cable) without restriction.
Zebra Enterprise Home Screen 4.1.19
7.8
CVSSv3
CVE-2022-2639
An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reserve_sfa_size() function does not return -EMSGSIZE as expected, potentially leading to an ...
Linux Linux Kernel
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
2 Github repositories
7.8
CVSSv3
CVE-2022-1158
A flaw was found in KVM. When updating a guest's page table entry, vm_pgoff was improperly used as the offset to get the page's pfn. As vaddr and vm_pgoff are controllable by user-mode processes, this flaw allows unprivileged local users on the host to write outside the...
Linux Linux Kernel
Fedoraproject Fedora 36
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »