Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
acl vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-2554
The Tracing Feature for Services in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 has incorrect ACLs on its registry keys, which allows local users to gain privileges via vectors involving a named pipe and impersonation, aka "Traci...
Microsoft Windows Server 2008
Microsoft Windows Server 2008 -
Microsoft Windows 7 -
Microsoft Windows Vista -
Microsoft Windows Vista
1 EDB exploit
4.3
CVSSv3
CVE-2017-12213
A vulnerability in the dynamic access control list (ACL) feature of Cisco IOS XE Software running on Cisco Catalyst 4000 Series Switches could allow an unauthenticated, adjacent malicious user to cause dynamic ACL assignment to fail and the port to fail open. This could allow the...
Cisco Ios Xe -
5.5
CVSSv3
CVE-2019-20810
go7007_snd_init in drivers/media/usb/go7007/snd-go7007.c in the Linux kernel prior to 5.6 does not call snd_card_free for a failure path, which causes a memory leak, aka CID-9453264ef586.
Linux Linux Kernel
Opensuse Leap 15.1
Opensuse Leap 15.2
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 20.04
NA
CVE-2010-1224
main/acl.c in Asterisk Open Source 1.6.0.x prior to 1.6.0.25, 1.6.1.x prior to 1.6.1.17, and 1.6.2.x prior to 1.6.2.5 does not properly enforce remote host access controls when CIDR notation "/0" is used in permit= and deny= configuration rules, which causes an improper...
Digium Asterisk 1.6.0.23
Digium Asterisk 1.6.0.22
Digium Asterisk 1.6.0.18
Digium Asterisk 1.6.0.12
Digium Asterisk 1.6.0.10
Digium Asterisk 1.6.0.9
Digium Asterisk 1.6.0.1
Digium Asterisk 1.6.0
Digium Asterisk 1.6.1.7
Digium Asterisk 1.6.1.11
Digium Asterisk 1.6.1.12
Digium Asterisk 1.6.2.0
Digium Asterisk 1.6.2.1
Digium Asterisk 1.6.2.2
Digium Asterisk 1.6.0.24
Digium Asterisk 1.6.0.14
Digium Asterisk 1.6.0.13
Digium Asterisk 1.6.0.3
Digium Asterisk 1.6.0.2
Digium Asterisk 1.6.1.5
Digium Asterisk 1.6.1.6
Digium Asterisk 1.6.1.10
NA
CVE-2009-0080
The ThreadPool class in Windows Vista Gold and SP1, and Server 2008, does not properly implement isolation among a set of distinct processes that (1) all run under the NetworkService account or (2) all run under the LocalService account, which allows local users to gain privilege...
Microsoft Windows Server 2008 -
Microsoft Windows Vista -
1 EDB exploit
NA
CVE-2010-0288
A typo in the administrator permission check in the ACL Manager plugin (plugins/acl/ajax.php) in DokuWiki prior to 2009-12-25b allows remote malicious users to gain privileges and access closed wikis by editing current ACL statements, as demonstrated in the wild in January 2010.
Dokuwiki Dokuwiki 2006-03-05
Dokuwiki Dokuwiki 2005-09-22
Dokuwiki Dokuwiki 2005-01-15
Dokuwiki Dokuwiki 2005-01-14
Dokuwiki Dokuwiki 2004-08-22
Dokuwiki Dokuwiki 2004-08-15a
Dokuwiki Dokuwiki 2006-03-09e
Dokuwiki Dokuwiki 2006-03-09
Dokuwiki Dokuwiki 2005-02-18
Dokuwiki Dokuwiki 2005-02-06
Dokuwiki Dokuwiki 2005-01-16a
Dokuwiki Dokuwiki 2004-09-25
Dokuwiki Dokuwiki 2004-09-12
Dokuwiki Dokuwiki 2004-07-07
Dokuwiki Dokuwiki 2004-07-04
Dokuwiki Dokuwiki 2005-09-19
Dokuwiki Dokuwiki 2005-07-13
Dokuwiki Dokuwiki 2004-11-10
Dokuwiki Dokuwiki 2004-11-02
Dokuwiki Dokuwiki 2004-08-08
Dokuwiki Dokuwiki 2004-07-25
Dokuwiki Dokuwiki
1 EDB exploit
NA
CVE-2010-0287
Directory traversal vulnerability in the ACL Manager plugin (plugins/acl/ajax.php) in DokuWiki prior to 2009-12-25b allows remote malicious users to list the contents of arbitrary directories via a .. (dot dot) in the ns parameter.
Dokuwiki Dokuwiki 2006-03-09
Dokuwiki Dokuwiki 2006-03-05
Dokuwiki Dokuwiki 2006-06-04
Dokuwiki Dokuwiki 2006-03-09e
Dokuwiki Dokuwiki 2005-05-07
Dokuwiki Dokuwiki 2005-02-18
Dokuwiki Dokuwiki 2004-11-01
Dokuwiki Dokuwiki 2004-09-30
Dokuwiki Dokuwiki 2004-09-25
Dokuwiki Dokuwiki 2004-07-12
Dokuwiki Dokuwiki 2004-07-07
Dokuwiki Dokuwiki
Dokuwiki Dokuwiki 2005-07-13
Dokuwiki Dokuwiki 2005-07-01
Dokuwiki Dokuwiki 2004-11-10
Dokuwiki Dokuwiki 2004-11-02
Dokuwiki Dokuwiki 2004-07-25
Dokuwiki Dokuwiki 2004-07-21
Dokuwiki Dokuwiki 2005-02-06
Dokuwiki Dokuwiki 2005-01-16a
Dokuwiki Dokuwiki 2004-09-12
Dokuwiki Dokuwiki 2004-08-22
1 EDB exploit
7.2
CVSSv3
CVE-2024-20263
A vulnerability with the access control list (ACL) management within a stacked switch configuration of Cisco Business 250 Series Smart Switches and Business 350 Series Managed Switches could allow an unauthenticated, remote malicious user to bypass protection offered by a configu...
Cisco Cbs250-8t-d Firmware
Cisco Cbs250-8pp-d Firmware
Cisco Cbs250-8t-e-2g Firmware
Cisco Cbs250-8pp-e-2g Firmware
Cisco Cbs250-8p-e-2g Firmware
Cisco Cbs250-8fp-e-2g Firmware
Cisco Cbs250-16t-2g Firmware
Cisco Cbs250-16p-2g Firmware
Cisco Cbs250-24t-4g Firmware
Cisco Cbs250-24pp-4g Firmware
Cisco Cbs250-24p-4g Firmware
Cisco Cbs250-24fp-4g Firmware
Cisco Cbs250-48t-4g Firmware
Cisco Cbs250-48pp-4g Firmware
Cisco Cbs250-48p-4g Firmware
Cisco Cbs250-24t-4x Firmware
Cisco Cbs250-24p-4x Firmware
Cisco Cbs250-24fp-4x Firmware
Cisco Cbs250-48t-4x Firmware
Cisco Cbs250-48p-4x Firmware
Cisco Cbs350-8t-e-2g Firmware
Cisco Cbs350-8p-2g Firmware
8.6
CVSSv3
CVE-2019-1686
A vulnerability in the TCP flags inspection feature for access control lists (ACLs) on Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote malicious user to bypass protection offered by a configured ACL on an affected device. The vulnerabilit...
Cisco Ios Xr
7.8
CVSSv3
CVE-2019-2023
In ServiceManager::add function in the hardware service manager, there is an insecure permissions check based on the PID of the caller. This could allow an app to add or replace a HAL service with its own service, gaining code execution in a privileged process.Product: AndroidVer...
Google Android 8.1
Google Android 8.0
Google Android 9.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »