Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
acl vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2019-1003001
A sandbox bypass vulnerability exists in Pipeline: Groovy Plugin 2.61 and previous versions in src/main/java/org/jenkinsci/plugins/workflow/cps/CpsFlowDefinition.java, src/main/java/org/jenkinsci/plugins/workflow/cps/CpsGroovyShellFactory.java that allows attackers with Overall/R...
Jenkins Pipeline\\ Groovy
Redhat Openshift Container Platform 3.11
1 EDB exploit
1 Github repository
8.8
CVSSv3
CVE-2019-1003002
A sandbox bypass vulnerability exists in Pipeline: Declarative Plugin 1.3.3 and previous versions in pipeline-model-definition/src/main/groovy/org/jenkinsci/plugins/pipeline/modeldefinition/parser/Converter.groovy that allows attackers with Overall/Read permission to provide a pi...
Jenkins Pipeline\\ Declarative
Redhat Openshift Container Platform 3.11
1 EDB exploit
1 Github repository
NA
CVE-2011-1499
acl.c in Tinyproxy prior to 1.8.3, when an Allow configuration setting specifies a CIDR block, permits TCP connections from all IP addresses, which makes it easier for remote malicious users to hide the origin of web traffic by leveraging the open HTTP proxy server.
Banu Tinyproxy 1.7.1
Banu Tinyproxy 1.7.0
Banu Tinyproxy 1.6.0
Banu Tinyproxy 1.5.0
Banu Tinyproxy 1.5.1
Banu Tinyproxy
Banu Tinyproxy 1.6.2
Banu Tinyproxy 1.5.3
Banu Tinyproxy 1.8.1
Banu Tinyproxy 1.8.0
Banu Tinyproxy 1.6.4
Banu Tinyproxy 1.6.3
Banu Tinyproxy 1.6.5
Banu Tinyproxy 1.6.1
Banu Tinyproxy 1.5.2
Debian Debian Linux 6.0
7.8
CVSSv3
CVE-2019-13164
qemu-bridge-helper.c in QEMU 3.1 and 4.0.0 does not ensure that a network interface name (obtained from bridge.conf or a --br=bridge option) is limited to the IFNAMSIZ size, which can lead to an ACL bypass.
Qemu Qemu 3.1
Qemu Qemu 4.0.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.0
Opensuse Leap 15.1
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 16.04
5.5
CVSSv3
CVE-2020-12771
An issue exists in the Linux kernel up to and including 5.6.11. btree_gc_coalesce in drivers/md/bcache/btree.c has a deadlock if a coalescing operation fails.
Linux Linux Kernel
Debian Debian Linux 9.0
Opensuse Leap 15.1
Opensuse Leap 15.2
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Netapp Cloud Backup -
Netapp Element Software -
Netapp Steelstore Cloud Integrated Storage -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Hci Bootstrap Os -
Netapp A700s Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
8.8
CVSSv3
CVE-2022-24834
Redis is an in-memory database that persists on disk. A specially crafted Lua script executing in Redis can trigger a heap overflow in the cjson library, and result with heap corruption and potentially remote code execution. The problem exists in all versions of Redis with Lua sc...
Redis Redis
Fedoraproject Fedora 37
Fedoraproject Fedora 38
1 Github repository
8.8
CVSSv3
CVE-2019-1003000
A sandbox bypass vulnerability exists in Script Security Plugin 1.49 and previous versions in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java that allows attackers with the ability to provide sandboxed scripts to execute arbitrary code on the ...
Jenkins Script Security
Redhat Openshift Container Platform 3.11
2 EDB exploits
6 Github repositories
7.5
CVSSv3
CVE-2008-4577
The ACL plugin in Dovecot prior to 1.1.4 treats negative access rights as if they are positive access rights, which allows malicious users to bypass intended access restrictions.
Dovecot Dovecot
Fedoraproject Fedora 9
Fedoraproject Fedora 8
Opensuse Opensuse 10.3-11.1
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 8.04
4.7
CVSSv3
CVE-2018-0247
A vulnerability in Web Authentication (WebAuth) clients for the Cisco Wireless LAN Controller (WLC) and Aironet Access Points running Cisco IOS Software could allow an unauthenticated, adjacent malicious user to bypass authentication and pass traffic. The vulnerability is due to ...
Cisco Wireless Lan Controller Software 8.3\\(104.105\\)
Cisco Aironet Access Point Software 8.5\\(107.52\\)
Cisco Aironet Access Point Software 8.3\\(104.105\\)
NA
CVE-2010-2842
Cisco Wireless LAN Controller (WLC) software, possibly 4.2 up to and including 6.0, allows remote authenticated users to bypass intended access restrictions and modify the configuration, and possibly obtain administrative privileges, via unspecified vectors, a different vulnerabi...
Cisco Wireless Lan Controller Software 4.2.61.0
Cisco Wireless Lan Controller Software 4.2
Cisco Wireless Lan Controller Software 4.2.182.0
Cisco Wireless Lan Controller Software 5.0.148.0
Cisco Wireless Lan Controller Software 4.2.173.0
Cisco Wireless Lan Controller Software 4.2.99.0
Cisco Wireless Lan Controller Software 5.2.169.0
Cisco Wireless Lan Controller Software 5.1
Cisco Wireless Lan Controller Software 6.0
Cisco Wireless Lan Controller Software 4.2.117.0
Cisco Wireless Lan Controller Software 4.2.112.0
Cisco Wireless Lan Controller Software 4.2.176.0
Cisco Wireless Lan Controller Software 5.1.152.0
Cisco Wireless Lan Controller Software 5.2
Cisco Wireless Lan Controller Software 5.1.151.0
Cisco Wireless Lan Controller Software 5.0.148.2
Cisco Wireless Lan Controller Software 6.0.182.0
Cisco Wireless Lan Controller Software 4.2.174.0
Cisco Wireless Lan Controller Software 4.2.130.0
Cisco Wireless Lan Controller Software 5.1.160.0
Cisco Wireless Lan Controller Software 5.2.157.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
XXE
CVE-2024-34490
SQL injection
CVE-2024-34488
CVE-2024-4507
CVE-2023-7028
CVE-2024-23187
TCP
CVE-2024-4439
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »