Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
alpine vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2017-9671
A heap overflow in apk (Alpine Linux's package manager) allows a remote malicious user to cause a denial of service, or achieve code execution, by crafting a malicious APKINDEX.tar.gz file with a bad pax header block.
Alpinelinux Alpine Linux -
1 Article
6.8
CVSSv2
CVE-2017-9669
A heap overflow in apk (Alpine Linux's package manager) allows a remote malicious user to cause a denial of service, or achieve code execution by crafting a malicious APKINDEX.tar.gz file.
Alpinelinux Alpine Linux -
1 Article
5
CVSSv2
CVE-2021-30139
In Alpine Linux apk-tools prior to 2.12.5, the tarball parser allows a buffer overflow and crash.
2 Github repositories
5
CVSSv2
CVE-2020-14929
Alpine prior to 2.23 silently proceeds to use an insecure connection after a /tls is sent in certain circumstances involving PREAUTH, which is a less secure behavior than the alternative of closing the connection and letting the user decide what they would like to do.
Alpine Project Alpine
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Debian Debian Linux 8.0
4.6
CVSSv2
CVE-2020-15596
The ALPS ALPINE touchpad driver prior to 8.2206.1717.634, as used on various Dell, HP, and Lenovo laptops, allows malicious users to conduct Path Disclosure attacks via a "fake" DLL file.
Hp Elite X2 1012 G1 Firmware
Hp Elite X2 1012 G2 Firmware
Hp Elitebook 1030 G1 Firmware
Hp Elitebook 1040 G4 Firmware
Hp Elitebook Folio 1040 G3 Firmware
Hp Elitebook Folio G1 Firmware
Hp Elitebook Revolve 810 G2 Firmware
Hp Elitebook Revolve 810 G3 Firmware
Hp Elitebook X360 1020 G2 Firmware
Hp Elitebook X360 1030 G2 Firmware
Hp Pro X2 612 G2 Firmware
Hp Zbook Studio G3 Firmware
Hp Zbook Studio G4 Firmware
Hp Zbook X2 G4 Firmware
4.3
CVSSv2
CVE-2017-20087
A vulnerability, which was classified as problematic, has been found in Alpine PhotoTile for Instagram Plugin 1.2.7.7. Affected by this issue is some unknown functionality. The manipulation leads to basic cross site scripting. The attack may be launched remotely.
Thealpinepress Alpine-photo-tile-for-instagram 1.2.7.7
4.3
CVSSv2
CVE-2021-38370
In Alpine prior to 2.25, untagged responses from an IMAP server are accepted before STARTTLS.
Alpine Project Alpine
4.3
CVSSv2
CVE-2021-36158
In the xrdp package (in branches up to and including 3.14) for Alpine Linux, RDP sessions are vulnerable to man-in-the-middle attacks because pre-generated RSA certificates and private keys are used.
Alpinelinux Aports
4.3
CVSSv2
CVE-2015-9432
The alpine-photo-tile-for-instagram plugin prior to 1.2.7.6 for WordPress has CSRF with resultant XSS via the wp-admin/options-general.php?page=alpine-photo-tile-for-instagram-settings tab parameter.
Thealpinepress Alpine-photo-tile-for-instagram
4
CVSSv2
CVE-2019-12875
Alpine Linux abuild up to and including 3.4.0 allows an unprivileged member of the abuild group to add an untrusted package via a --keys-dir option that causes acceptance of an untrusted signing key.
Alpinelinux Abuild
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519
open redirect
CVE-2024-21683
cache poisoning
CVE-2021-47524
CVE-2021-47521
CVE-2024-5229
CVE-2021-47560
local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »