Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

denis andzakovic vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2015-6908
The ber_get_next function in libraries/liblber/io.c in OpenLDAP 2.4.42 and previous versions allows remote malicious users to cause a denial of service (reachable assertion and application crash) via crafted BER data, as demonstrated by an attack against slapd.
Openldap OpenldapApple Mac Os X
9.8
CVSSv3
CVE-2019-11365
An issue exists in atftpd in atftp 0.7.1. A remote attacker may send a crafted packet triggering a stack-based buffer overflow due to an insecurely implemented strncpy call. The vulnerability is triggered by sending an error packet of 3 bytes or fewer. There are multiple instance...
Atftp Project Atftp 0.7.1
5.9
CVSSv3
CVE-2019-11366
An issue exists in atftpd in atftp 0.7.1. It does not lock the thread_list_mutex mutex before assigning the current thread data structure. As a result, the daemon is vulnerable to a denial of service attack due to a NULL pointer dereference. If thread_data is NULL when assigned t...
Atftp Project Atftp 0.7.1
NA
CVE-2014-9713
The default slapd configuration in the Debian openldap package 2.4.23-3 up to and including 2.4.39-1.1 allows remote authenticated users to modify the user's permissions and other user attributes via unspecified vectors.
Openldap Openldap 2.4.23Openldap Openldap 2.4.30Openldap Openldap 2.4.24Openldap Openldap 2.4.25Openldap Openldap 2.4.32Openldap Openldap 2.4.33Openldap Openldap 2.4.26Openldap Openldap 2.4.27Openldap Openldap 2.4.34Openldap Openldap 2.4.35Openldap Openldap 2.4.31Openldap Openldap 2.4.39Openldap Openldap 2.4.28Openldap Openldap 2.4.29Openldap Openldap 2.4.36Openldap Openldap 2.4.37Openldap Openldap 2.4.38Debian Debian Linux 7.0
6.5
CVSSv3
CVE-2015-8553
Xen allows guest OS users to obtain sensitive information from uninitialized locations in host OS kernel memory by not enabling memory and I/O decoding control bits. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-0777.
Xen Xen -Redhat Enterprise Linux 5
7.8
CVSSv3
CVE-2017-18509
An issue exists in net/ipv6/ip6mr.c in the Linux kernel prior to 4.11. By setting a specific socket option, an attacker can control a pointer in kernel land and cause an inet_csk_listen_stop general protection fault, or potentially execute arbitrary code under certain circumstanc...
Linux Linux KernelDebian Debian Linux 8.0Canonical Ubuntu Linux 16.04Debian Debian Linux 9.0Debian Debian Linux 10.0
5.5
CVSSv3
CVE-2018-5995
The pcpu_embed_first_chunk function in mm/percpu.c in the Linux kernel up to and including 4.14.14 allows local users to obtain sensitive address information by reading dmesg data from a "pages/cpu" printk call.
Linux Linux Kernel
7.8
CVSSv3
CVE-2018-20856
An issue exists in the Linux kernel prior to 4.18.7. In block/blk-core.c, there is an __blk_drain_queue() use-after-free because a certain error case is mishandled.
Linux Linux Kernel
7.7
CVSSv3
CVE-2019-3900
An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming packets in handle_rx(). It could occur if one end sends packets faster than the other end can process them. A guest user, maybe remote one, could ...
Linux Linux KernelFedoraproject Fedora 29Fedoraproject Fedora 30Redhat Enterprise Linux 7.0Redhat Enterprise Linux 6.0Debian Debian Linux 8.0Debian Debian Linux 9.0Debian Debian Linux 10.0Canonical Ubuntu Linux 16.04Canonical Ubuntu Linux 18.04Canonical Ubuntu Linux 19.04Netapp Vasa Provider For Clustered Data OntapNetapp Solidfire -Netapp Hci Management Node -Netapp Snapprotect -Netapp Active Iq Unified Manager For Vmware VsphereNetapp Virtual Storage Console For Vmware VsphereNetapp Storage Replication Adapter For Clustered Data Ontap For Vmware VsphereNetapp Cn1610 Firmware -Oracle Sd-wan Edge 8.2Fedoraproject Fedora 28
7.5
CVSSv3
CVE-2019-10639
The Linux kernel 4.x (starting from 4.1) and 5.x prior to 5.0.8 allows Information Exposure (partial kernel address disclosure), leading to a KASLR bypass. Specifically, it is possible to extract the KASLR kernel image offset using the IP ID values the kernel produces for connect...
Linux Linux Kernel
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionSSRFbuffer overflowCVE-2023-28952CVE-2023-41822CVE-2024-27956CVE-2023-7028CVE-2024-34447CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook