Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
steve grubb vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-1694
vcdiff in Emacs 20.7 to 22.1.50, when used with SCCS, allows local users to overwrite arbitrary files via a symlink attack on temporary files.
Gnu Emacs 21.3
Gnu Emacs 21.4
Gnu Sccs
Gnu Emacs 20.7
Gnu Emacs 21.1
Gnu Emacs 21.2
NA
CVE-2007-6109
Stack-based buffer overflow in emacs allows user-assisted malicious users to cause a denial of service (application crash) and possibly have unspecified other impact via a large precision value in an integer format string specifier to the format function, as demonstrated via a ce...
Gnu Emacs
NA
CVE-2006-5461
Avahi prior to 0.6.15 does not verify the sender identity of netlink messages to ensure that they come from the kernel instead of another process, which allows local users to spoof network changes to Avahi.
Avahi Avahi
NA
CVE-2012-2653
arpwatch 2.1a15, as used by Red Hat, Debian, Fedora, and possibly others, does not properly drop supplementary groups, which might allow malicious users to gain root privileges by leveraging other vulnerabilities in the daemon.
Lawrence Berkeley National Laboratory Arpwatch 2.1a15
NA
CVE-2004-0421
The Portable Network Graphics library (libpng) 1.0.15 and previous versions allows malicious users to cause a denial of service (crash) via a malformed PNG image file that triggers an error that causes an out-of-bounds read when creating the error message.
Openpkg Openpkg 2.0
Libpng Libpng 1.2.2
Libpng Libpng 1.0.8
Libpng Libpng 1.2.4
Libpng Libpng 1.0.14
Libpng Libpng 1.2.0
Openpkg Openpkg 1.3
Libpng Libpng 1.0.11
Libpng Libpng 1.0.9
Libpng Libpng 1.0.13
Libpng Libpng 1.0.6
Libpng Libpng 1.0.7
Libpng Libpng 1.2.3
Libpng Libpng 1.0.5
Libpng Libpng 1.2.1
Redhat Libpng 1.2.2-16
Libpng Libpng 1.0.12
Libpng Libpng 1.2.5
Libpng Libpng 1.0.0
Redhat Libpng 1.2.2-20
Libpng Libpng 1.0.10
Trustix Secure Linux 2.0
NA
CVE-2004-1001
Unknown vulnerability in the passwd_check function in Shadow 4.0.4.1, and possibly other versions prior to 4.0.5, allows local users to conduct unauthorized activities when an error from a pam_chauthtok function call is not properly handled.
Debian Shadow 4.0.4.1
NA
CVE-2009-2957
Heap-based buffer overflow in the tftp_request function in tftp.c in dnsmasq prior to 2.50, when --enable-tftp is used, might allow remote malicious users to execute arbitrary code via a long filename in a TFTP packet, as demonstrated by a read (aka RRQ) request.
Thekelleys Dnsmasq 2.48
Thekelleys Dnsmasq 2.47
Thekelleys Dnsmasq 2.35
Thekelleys Dnsmasq 2.22
Thekelleys Dnsmasq 2.34
Thekelleys Dnsmasq 2.33
Thekelleys Dnsmasq 2.31
Thekelleys Dnsmasq 2.23
Thekelleys Dnsmasq 2.21
Thekelleys Dnsmasq 2.14
Thekelleys Dnsmasq 2.13
Thekelleys Dnsmasq 2.5
Thekelleys Dnsmasq 2.4
Thekelleys Dnsmasq 1.16
Thekelleys Dnsmasq 1.15
Thekelleys Dnsmasq 1.8
Thekelleys Dnsmasq 1.7
Thekelleys Dnsmasq 0.992
Thekelleys Dnsmasq 0.98
Thekelleys Dnsmasq
Thekelleys Dnsmasq 2.44
Thekelleys Dnsmasq 2.43
1 EDB exploit
NA
CVE-2009-2958
The tftp_request function in tftp.c in dnsmasq prior to 2.50, when --enable-tftp is used, allows remote malicious users to cause a denial of service (NULL pointer dereference and daemon crash) via a TFTP read (aka RRQ) request with a malformed blksize option.
Thekelleys Dnsmasq 2.45
Thekelleys Dnsmasq 2.44
Thekelleys Dnsmasq 2.40
Thekelleys Dnsmasq 2.39
Thekelleys Dnsmasq 2.29
Thekelleys Dnsmasq 2.28
Thekelleys Dnsmasq 2.19
Thekelleys Dnsmasq 2.18
Thekelleys Dnsmasq 2.43
Thekelleys Dnsmasq 2.42
Thekelleys Dnsmasq 2.38
Thekelleys Dnsmasq 2.37
Thekelleys Dnsmasq 2.36
Thekelleys Dnsmasq 2.27
Thekelleys Dnsmasq 2.26
Thekelleys Dnsmasq 2.17
Thekelleys Dnsmasq 2.16
Thekelleys Dnsmasq 2.9
Thekelleys Dnsmasq 2.8
Thekelleys Dnsmasq 2.7
Thekelleys Dnsmasq 2.0
Thekelleys Dnsmasq 1.18
1 EDB exploit
5.5
CVSSv3
CVE-2012-0879
The I/O implementation for block devices in the Linux kernel prior to 2.6.33 does not properly handle the CLONE_IO feature, which allows local users to cause a denial of service (I/O instability) by starting multiple processes that share an I/O context.
Linux Linux Kernel
Canonical Ubuntu Linux 10.04
Debian Debian Linux 6.0
Suse Linux Enterprise Server 11
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise High Availability Extension 11
NA
CVE-2012-1601
The KVM implementation in the Linux kernel prior to 3.3.6 allows host OS users to cause a denial of service (NULL pointer dereference and host OS crash) by making a KVM_CREATE_IRQCHIP ioctl call after a virtual CPU already exists.
Linux Linux Kernel
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »