Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apparmor vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2014-1423
signond prior to 8.57+15.04.20141127.1-0ubuntu1, as used in Ubuntu Touch, did not properly restrict applications from querying oath tokens due to incorrect checks and the missing installation of the signon-apparmor-extension. An attacker could use this create a malicious click ap...
Signond Project Signond
Ubports Ubuntu Touch -
4.4
CVSSv2
CVE-2019-19921
runc up to and including 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom image...
Linuxfoundation Runc 1.0.0
Linuxfoundation Runc
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.1
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Redhat Openshift Container Platform 4.1
Redhat Openshift Container Platform 4.2
7.5
CVSSv2
CVE-2019-18814
An issue exists in the Linux kernel up to and including 5.3.9. There is a use-after-free when aa_label_parse() fails in aa_audit_rule_init() in security/apparmor/audit.c.
Linux Linux Kernel
5
CVSSv2
CVE-2019-16884
runc up to and including 1.0.0-rc8, as used in Docker up to and including 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfs_linux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc directory.
Linuxfoundation Runc
Linuxfoundation Runc 1.0.0
Docker Docker
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Opensuse Leap 15.0
Opensuse Leap 15.1
Redhat Enterprise Linux 8.0
Redhat Openshift Container Platform 4.1
Redhat Openshift Container Platform 4.2
Redhat Enterprise Linux Eus 8.1
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux Server Aus 8.4
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
1 Github repository
4.6
CVSSv2
CVE-2019-10166
It exists that libvirtd, versions 4.x.x prior to 4.10.1 and 5.x.x prior to 5.4.1, would permit readonly clients to use the virDomainManagedSaveDefineXML() API, which would permit them to modify managed save state files. If a managed save had already been created by a privileged u...
Redhat Libvirt
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Eus 7.6
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Workstation 7.0
Redhat Virtualization 4.3
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux Server Tus 7.6
4.6
CVSSv2
CVE-2019-10167
The virConnectGetDomainCapabilities() libvirt API, versions 4.x.x prior to 4.10.1 and 5.x.x prior to 5.4.1, accepts an "emulatorbin" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe the domain...
Redhat Libvirt
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Workstation 7.0
Redhat Virtualization 4.3
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Eus 7.6
4.6
CVSSv2
CVE-2019-10168
The virConnectBaselineHypervisorCPU() and virConnectCompareHypervisorCPU() libvirt APIs, 4.x.x prior to 4.10.1 and 5.x.x prior to 5.4.1, accept an "emulator" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that progr...
Redhat Libvirt
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Virtualization 4.3
Redhat Enterprise Linux Server Eus 7.6
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Server Aus 7.6
7.2
CVSSv2
CVE-2019-10161
It exists that libvirtd prior to 4.10.1 and 5.4.1 would permit read-only clients to use the virDomainSaveImageGetXMLDesc() API, specifying an arbitrary path which would be accessed with the permissions of the libvirtd process. An attacker with access to the libvirtd socket could ...
Redhat Libvirt
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 8.0
Redhat Virtualization 4.0
Redhat Virtualization Host 4.0
Canonical Ubuntu Linux 14.04
9.3
CVSSv2
CVE-2019-11815
An issue exists in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel prior to 5.0.8. There is a race condition leading to a use-after-free, related to net namespace cleanup.
Linux Linux Kernel
Linux Linux Kernel 5.1
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Opensuse Leap 15.0
Opensuse Leap 15.1
Opensuse Leap 42.3
Netapp Active Iq Unified Manager
Netapp Hci Management Node -
Netapp Snapprotect -
Netapp Solidfire -
Netapp Storage Replication Adapter 7.2
Netapp Vasa Provider For Clustered Data Ontap
Netapp Virtual Storage Console
Netapp Hci Compute Node -
Netapp Hci Storage Node -
Netapp Cn1610 Firmware -
7.8
CVSSv2
CVE-2019-11810
An issue exists in the Linux kernel prior to 5.0.7. A NULL pointer dereference can occur when megasas_create_frame_pool() fails in megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_base.c. This causes a Denial of Service, related to a use-after-free.
Linux Linux Kernel
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Debian Debian Linux 8.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »