Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
qualys security advisory vulnerabilities and exploits
(subscribe to this query)
7
CVSSv3
CVE-2017-1000376
libffi requests an executable stack allowing malicious users to more easily trigger arbitrary code execution by overwriting the stack. Please note that libffi is used by a number of other libraries. It was previously stated that this affects libffi version 3.2.1 but this appears ...
Redhat Enterprise Virtualization Server -
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Openshift 2.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Libffi Project Libffi
Oracle Peopletools 8.57
Oracle Peopletools 8.56
9.8
CVSSv3
CVE-2020-7247
smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote malicious users to execute arbitrary commands as root via a crafted SMTP session, as demonstrated by shell metacharacters in a MAIL FROM field. This affects the "uncomm...
Openbsd Opensmtpd 6.6
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 32
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
9 Github repositories
1 Article
5.5
CVSSv3
CVE-2020-36311
An issue exists in the Linux kernel prior to 5.9. arch/x86/kvm/svm/sev.c allows malicious users to cause a denial of service (soft lockup) by triggering destruction of a large SEV VM (which requires unregistering many encrypted regions), aka CID-7be74942f184.
Linux Linux Kernel
Debian Debian Linux 9.0
Debian Debian Linux 10.0
7.8
CVSSv3
CVE-2021-33909
fs/seq_file.c in the Linux kernel 3.16 up to and including 5.13.x prior to 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05.
Linux Linux Kernel
Fedoraproject Fedora 34
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Netapp Solidfire -
Netapp Hci Management Node -
Oracle Communications Session Border Controller 8.3
Oracle Communications Session Border Controller 8.4
Oracle Communications Session Border Controller 9.0
Oracle Communications Session Border Controller 8.2
Sonicwall Sma1000 Firmware
9 Github repositories
7.8
CVSSv3
CVE-2020-28007
Exim 4 prior to 4.94.2 allows Execution with Unnecessary Privileges. Because Exim operates as root in the log directory (owned by a non-root user), a symlink or hard link attack allows overwriting critical root-owned files anywhere on the filesystem.
Exim Exim
7.5
CVSSv3
CVE-2020-28019
Exim 4 prior to 4.94.2 has Improper Initialization that can lead to recursion-based stack consumption or other consequences. This occurs because use of certain getc functions is mishandled when a client uses BDAT instead of DATA.
Exim Exim
9.8
CVSSv3
CVE-2020-28022
Exim 4 prior to 4.94.2 has Improper Restriction of Write Operations within the Bounds of a Memory Buffer. This occurs when processing name=value pairs within MAIL FROM and RCPT TO commands.
Exim Exim
7.5
CVSSv3
CVE-2020-28023
Exim 4 prior to 4.94.2 allows Out-of-bounds Read. smtp_setup_msg may disclose sensitive information from process memory to an unauthenticated SMTP client.
Exim Exim
9.8
CVSSv3
CVE-2020-28024
Exim 4 prior to 4.94.2 allows Buffer Underwrite that may result in unauthenticated remote attackers executing arbitrary commands, because smtp_ungetc was only intended to push back characters, but can actually push back non-character error codes such as EOF.
Exim Exim
7.8
CVSSv3
CVE-2020-28009
Exim 4 prior to 4.94.2 allows Integer Overflow to Buffer Overflow because get_stdinput allows unbounded reads that are accompanied by unbounded increases in a certain size variable. NOTE: exploitation may be impractical because of the execution time needed to overflow (multiple d...
Exim Exim
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »