Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
alexander cherepanov vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2018-10360
The do_core_note function in readelf.c in libmagic.a in file 5.33 allows remote malicious users to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file.
File Project File 5.33
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 18.04
Opensuse Leap 42.3
Opensuse Leap 15.0
7.5
CVSSv2
CVE-2014-9093
LibreOffice prior to 4.3.5 allows remote malicious users to cause a denial of service (invalid write operation and crash) and possibly execute arbitrary code via a crafted RTF file.
Libreoffice Libreoffice
Fedoraproject Fedora 20
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 14.10
Debian Debian Linux 7.0
6.4
CVSSv2
CVE-2015-2304
Absolute path traversal vulnerability in bsdcpio in libarchive 3.1.2 and previous versions allows remote malicious users to write to arbitrary files via a full pathname in an archive.
Libarchive Libarchive
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
5
CVSSv2
CVE-2014-9621
The ELF parser in file 5.16 up to and including 5.21 allows remote malicious users to cause a denial of service via a long string.
File Project File 5.20
File Project File 5.21
File Project File 5.16
File Project File 5.17
File Project File 5.18
File Project File 5.19
1.9
CVSSv2
CVE-2015-1197
cpio 2.11, when using the --no-absolute-filenames option, allows local users to write to arbitrary files via a symlink attack on a file in an archive.
Gnu Cpio 2.11
1 Metasploit module
1 Article
NA
CVE-2022-41352
An issue exists in Zimbra Collaboration (ZCS) 8.8.15 and 9.0. An attacker can upload arbitrary files through amavis via a cpio loophole (extraction to /opt/zimbra/jetty/webapps/zimbra/public) that can lead to incorrect access to any other user accounts. Zimbra recommends pax over...
Zimbra Collaboration 9.0.0
Zimbra Collaboration 8.8.15
1 Metasploit module
4 Github repositories
1 Article
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started