Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apparmor vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2015-3629
Libcontainer 1.6.0, as used in Docker Engine, allows local users to escape containerization ("mount namespace breakout") and write to arbitrary file on the host system via a symlink attack in an image when respawning a container.
Docker Libcontainer 1.6.0
Opensuse Opensuse 13.2
NA
CVE-2015-3630
Docker Engine prior to 1.6.1 uses weak permissions for (1) /proc/asound, (2) /proc/timer_stats, (3) /proc/latency_stats, and (4) /proc/fs, which allows local users to modify the host, obtain sensitive information, and perform protocol downgrade attacks via a crafted image.
Docker Docker
NA
CVE-2010-2640
Array index error in the PK font parser in the dvi-backend component in Evince 2.32 and previous versions allows remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is pr...
Redhat Evince 2.31.92
Redhat Evince 2.31.90
Redhat Evince 2.31.2
Redhat Evince 2.31.1
Redhat Evince 2.25
Redhat Evince 2.24
Redhat Evince 0.9
Redhat Evince 0.6
Redhat Evince 2.31.4.1
Redhat Evince 2.31.4
Redhat Evince 2.29
Redhat Evince 2.28
Redhat Evince 2.22
Redhat Evince 2.19
Redhat Evince 0.5
Redhat Evince 0.2
Redhat Evince 2.31.6.1
Redhat Evince 2.31.6
Redhat Evince 2.29.92
Redhat Evince 2.31
Redhat Evince 2.30
Redhat Evince 2.23
NA
CVE-2010-2641
Array index error in the VF font parser in the dvi-backend component in Evince 2.32 and previous versions allows remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is pr...
Redhat Evince
Redhat Evince 2.31
Redhat Evince 2.24
Redhat Evince 2.28
Redhat Evince 2.27
Redhat Evince 2.20
Redhat Evince 2.19
Redhat Evince 0.3
Redhat Evince 0.2
Redhat Evince 2.30.3
Redhat Evince 2.30.2
Redhat Evince 2.30
Redhat Evince 2.29
Redhat Evince 2.22
Redhat Evince 2.21
Redhat Evince 0.5
Redhat Evince 0.4
Redhat Evince 2.31.90
Redhat Evince 2.31.4
Redhat Evince 2.23
Redhat Evince 0.7
Redhat Evince 0.6
7
CVSSv3
CVE-2023-27561
runc up to and including 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. N...
Linuxfoundation Runc
Redhat Enterprise Linux 8.0
Redhat Openshift Container Platform 4.0
Redhat Enterprise Linux 9.0
Debian Debian Linux 10.0
6.3
CVSSv3
CVE-2021-32760
containerd is a container runtime. A bug was found in containerd versions before 1.4.8 and 1.5.4 where pulling and extracting a specially-crafted container image can result in Unix file permission changes for existing files in the host’s filesystem. Changes to file permissi...
Linuxfoundation Containerd
Fedoraproject Fedora 34
NA
CVE-2009-0692
Stack-based buffer overflow in the script_write_params method in client/dhclient.c in ISC DHCP dhclient 4.1 prior to 4.1.0p1, 4.0 prior to 4.0.1p1, 3.1 prior to 3.1.2p1, 3.0, and 2.0 allows remote DHCP servers to execute arbitrary code via a crafted subnet-mask option.
Isc Dhcp 3.0
Isc Dhcp 3.1
Isc Dhcp 2.0
Isc Dhcp 4.1.0
Isc Dhcp 4.0
1 EDB exploit
8.5
CVSSv3
CVE-2021-30465
runc prior to 1.0.0-rc95 allows a Container Filesystem Breakout via Directory Traversal. To exploit the vulnerability, an attacker must be able to create multiple containers with a fairly specific mount configuration. The problem occurs via a symlink-exchange attack that relies o...
Linuxfoundation Runc 1.0.0
Linuxfoundation Runc
Fedoraproject Fedora 33
Fedoraproject Fedora 34
7 Github repositories
NA
CVE-2015-2756
QEMU, as used in Xen 3.3.x up to and including 4.5.x, does not properly restrict access to PCI command registers, which might allow local HVM guest users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) memory or (2) I/O decoding for a PCI...
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Xen Xen 4.4.0
Xen Xen 4.3.0
Xen Xen 4.5.0
Xen Xen 4.3.1
Xen Xen 4.3.2
Xen Xen 4.4.1
Fedoraproject Fedora 21
Fedoraproject Fedora 20
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 14.10
6.3
CVSSv3
CVE-2023-25809
runc is a CLI tool for spawning and running containers according to the OCI specification. In affected versions it was found that rootless runc makes `/sys/fs/cgroup` writable in following conditons: 1. when runc is executed inside the user namespace, and the `config.json` does n...
Linuxfoundation Runc
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »