Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

steve grubb vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2008-1694
vcdiff in Emacs 20.7 to 22.1.50, when used with SCCS, allows local users to overwrite arbitrary files via a symlink attack on temporary files.
Gnu Emacs 21.3Gnu Emacs 21.4Gnu SccsGnu Emacs 20.7Gnu Emacs 21.1Gnu Emacs 21.2
NA
CVE-2007-6109
Stack-based buffer overflow in emacs allows user-assisted malicious users to cause a denial of service (application crash) and possibly have unspecified other impact via a large precision value in an integer format string specifier to the format function, as demonstrated via a ce...
Gnu Emacs
NA
CVE-2006-5461
Avahi prior to 0.6.15 does not verify the sender identity of netlink messages to ensure that they come from the kernel instead of another process, which allows local users to spoof network changes to Avahi.
Avahi Avahi
NA
CVE-2012-2653
arpwatch 2.1a15, as used by Red Hat, Debian, Fedora, and possibly others, does not properly drop supplementary groups, which might allow malicious users to gain root privileges by leveraging other vulnerabilities in the daemon.
Lawrence Berkeley National Laboratory Arpwatch 2.1a15
NA
CVE-2004-0421
The Portable Network Graphics library (libpng) 1.0.15 and previous versions allows malicious users to cause a denial of service (crash) via a malformed PNG image file that triggers an error that causes an out-of-bounds read when creating the error message.
Openpkg Openpkg 2.0Libpng Libpng 1.2.2Libpng Libpng 1.0.8Libpng Libpng 1.2.4Libpng Libpng 1.0.14Libpng Libpng 1.2.0Openpkg Openpkg 1.3Libpng Libpng 1.0.11Libpng Libpng 1.0.9Libpng Libpng 1.0.13Libpng Libpng 1.0.6Libpng Libpng 1.0.7Libpng Libpng 1.2.3Libpng Libpng 1.0.5Libpng Libpng 1.2.1Redhat Libpng 1.2.2-16Libpng Libpng 1.0.12Libpng Libpng 1.2.5Libpng Libpng 1.0.0Redhat Libpng 1.2.2-20Libpng Libpng 1.0.10Trustix Secure Linux 2.0
NA
CVE-2004-1001
Unknown vulnerability in the passwd_check function in Shadow 4.0.4.1, and possibly other versions prior to 4.0.5, allows local users to conduct unauthorized activities when an error from a pam_chauthtok function call is not properly handled.
Debian Shadow 4.0.4.1
NA
CVE-2009-2957
Heap-based buffer overflow in the tftp_request function in tftp.c in dnsmasq prior to 2.50, when --enable-tftp is used, might allow remote malicious users to execute arbitrary code via a long filename in a TFTP packet, as demonstrated by a read (aka RRQ) request.
Thekelleys Dnsmasq 2.48Thekelleys Dnsmasq 2.47Thekelleys Dnsmasq 2.35Thekelleys Dnsmasq 2.22Thekelleys Dnsmasq 2.34Thekelleys Dnsmasq 2.33Thekelleys Dnsmasq 2.31Thekelleys Dnsmasq 2.23Thekelleys Dnsmasq 2.21Thekelleys Dnsmasq 2.14Thekelleys Dnsmasq 2.13Thekelleys Dnsmasq 2.5Thekelleys Dnsmasq 2.4Thekelleys Dnsmasq 1.16Thekelleys Dnsmasq 1.15Thekelleys Dnsmasq 1.8Thekelleys Dnsmasq 1.7Thekelleys Dnsmasq 0.992Thekelleys Dnsmasq 0.98Thekelleys DnsmasqThekelleys Dnsmasq 2.44Thekelleys Dnsmasq 2.43
NA
CVE-2009-2958
The tftp_request function in tftp.c in dnsmasq prior to 2.50, when --enable-tftp is used, allows remote malicious users to cause a denial of service (NULL pointer dereference and daemon crash) via a TFTP read (aka RRQ) request with a malformed blksize option.
Thekelleys Dnsmasq 2.45Thekelleys Dnsmasq 2.44Thekelleys Dnsmasq 2.40Thekelleys Dnsmasq 2.39Thekelleys Dnsmasq 2.29Thekelleys Dnsmasq 2.28Thekelleys Dnsmasq 2.19Thekelleys Dnsmasq 2.18Thekelleys Dnsmasq 2.43Thekelleys Dnsmasq 2.42Thekelleys Dnsmasq 2.38Thekelleys Dnsmasq 2.37Thekelleys Dnsmasq 2.36Thekelleys Dnsmasq 2.27Thekelleys Dnsmasq 2.26Thekelleys Dnsmasq 2.17Thekelleys Dnsmasq 2.16Thekelleys Dnsmasq 2.9Thekelleys Dnsmasq 2.8Thekelleys Dnsmasq 2.7Thekelleys Dnsmasq 2.0Thekelleys Dnsmasq 1.18
5.5
CVSSv3
CVE-2012-0879
The I/O implementation for block devices in the Linux kernel prior to 2.6.33 does not properly handle the CLONE_IO feature, which allows local users to cause a denial of service (I/O instability) by starting multiple processes that share an I/O context.
Linux Linux KernelCanonical Ubuntu Linux 10.04Debian Debian Linux 6.0Suse Linux Enterprise Server 11Suse Linux Enterprise Desktop 11Suse Linux Enterprise High Availability Extension 11
NA
CVE-2012-1601
The KVM implementation in the Linux kernel prior to 3.3.6 allows host OS users to cause a denial of service (NULL pointer dereference and host OS crash) by making a KVM_CREATE_IRQCHIP ioctl call after a virtual CPU already exists.
Linux Linux Kernel
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693CVE-2024-30851CVE-2024-34460CVE-2024-2887localCVE-2024-27956remote code executionCVE-2024-34475privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook