Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nsfocus vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv3
CVE-2022-25258
An issue exists in drivers/usb/gadget/composite.c in the Linux kernel prior to 5.16.10. The USB Gadget subsystem lacks certain validation of interface OS descriptor requests (ones with a large array index and ones associated with NULL function pointer retrieval). Memory corruptio...
Linux Linux Kernel
Fedoraproject Fedora 35
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Active Iq Unified Manager -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
1 Github repository
7.8
CVSSv3
CVE-2022-22942
The vmwgfx driver contains a local privilege escalation vulnerability that allows unprivileged users to gain access to files opened by other processes on the system through a dangling 'file' pointer.
Vmware Photon Os 4.0
Vmware Photon Os 3.0
7
CVSSv3
CVE-2021-3640
A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other way triggers race condition of the call sco_conn_del() together with the call sco_sock_sendmsg() with the expected controllable fau...
Linux Linux Kernel
Debian Debian Linux 9.0
Fedoraproject Fedora 34
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 21.10
Netapp H300s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
Netapp H500s Firmware -
7.8
CVSSv3
CVE-2021-39685
In various setup methods of the USB gadget subsystem, there is a possible out of bounds write due to an incorrect flag check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: ...
Google Android -
1 Github repository
7.4
CVSSv3
CVE-2021-20322
A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass the source port UDP randomizat...
Linux Linux Kernel
Fedoraproject Fedora 34
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Netapp Solidfire \\& Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp E-series Santricity Os Controller
Netapp Solidfire\\, Enterprise Sds \\& Hci Storage Node -
Netapp Fas Baseboard Management Controller Firmware -
Netapp Aff Baseboard Management Controller Firmware -
Netapp Aff A700s Firmware -
Netapp H700s Firmware -
Netapp H700e Firmware -
Netapp H500s Firmware -
Netapp H410s Firmware -
Netapp H500e Firmware -
Netapp H300e Firmware -
Netapp H300s Firmware -
Netapp Hci Compute Node Firmware -
Oracle Communications Cloud Native Core Binding Support Function 22.1.3
Oracle Communications Cloud Native Core Policy 22.2.0
Oracle Communications Cloud Native Core Network Exposure Function 22.1.1
1 Article
4.7
CVSSv3
CVE-2021-20321
A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS. A local user could use this flaw to crash the system.
Linux Linux Kernel 5.15
Linux Linux Kernel
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
5.5
CVSSv3
CVE-2021-4135
A memory leak vulnerability was found in the Linux kernel's eBPF for the Simulated networking device driver in the way user uses BPF for the device such that function nsim_map_alloc_elem being called. A local user could use this flaw to get unauthorized access to some data.
Linux Linux Kernel 5.16
Linux Linux Kernel
5.5
CVSSv3
CVE-2021-45095
pep_sock_accept in net/phonet/pep.c in the Linux kernel up to and including 5.15.8 has a refcount leak.
Linux Linux Kernel
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
7
CVSSv3
CVE-2021-4083
A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition. This flaw allows a local user to crash the system or es...
Linux Linux Kernel 5.16
Linux Linux Kernel
Netapp H410c Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Netapp Solidfire -
Netapp Hci Management Node -
Oracle Communications Cloud Native Core Binding Support Function 22.1.3
Oracle Communications Cloud Native Core Policy 22.2.0
Oracle Communications Cloud Native Core Network Exposure Function 22.1.1
1 Github repository
5.5
CVSSv3
CVE-2020-36322
An issue exists in the FUSE filesystem implementation in the Linux kernel prior to 5.10.6, aka CID-5d069dbe8aaf. fuse_do_getattr() calls make_bad_inode() in inappropriate situations, causing a system crash. NOTE: the original fix for this vulnerability was incomplete, and its inc...
Linux Linux Kernel
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Starwindsoftware Starwind Virtual San 8
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »