Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
arp protocol vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2020-29130
slirp.c in libslirp up to and including 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packet length.
Libslirp Project Libslirp
Debian Debian Linux 9.0
Fedoraproject Fedora 32
Fedoraproject Fedora 33
3.9
CVSSv3
CVE-2020-29443
ide_atapi_cmd_reply_end in hw/ide/atapi.c in QEMU 5.1.0 allows out-of-bounds read access because a buffer index is not validated.
Qemu Qemu 5.1.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
3.2
CVSSv3
CVE-2020-25723
A reachable assertion issue was found in the USB EHCI emulation code of QEMU. It could occur while processing USB requests due to missing handling of DMA memory map failure. A malicious privileged user within the guest may abuse this flaw to send bogus USB requests and crash the ...
Qemu Qemu
Debian Debian Linux 10.0
6
CVSSv3
CVE-2020-27821
A flaw was found in the memory management API of QEMU during the initialization of a memory region cache. This issue could lead to an out-of-bounds write access to the MSI-X table while performing MMIO operations. A guest user may abuse this flaw to crash the QEMU process on the ...
Qemu Qemu
Debian Debian Linux 10.0
6.5
CVSSv3
CVE-2021-0292
An Uncontrolled Resource Consumption vulnerability in the ARP daemon (arpd) and Network Discovery Protocol (ndp) process of Juniper Networks Junos OS Evolved allows a malicious attacker on the local network to consume memory resources, ultimately resulting in a Denial of Service ...
Juniper Junos Os Evolved 19.4
Juniper Junos Os Evolved 20.1
Juniper Junos Os Evolved 20.2
NA
CVE-2024-99999
whatsthetalk.eu Research in API security If you want to lead, just find the API key. Powered by wtt wtt is a simple command line "ChatGPT". It is a wrapper around google.generativeai that accepts variable number of string and/or file path arguments. It concatenates them...
1 Github repository
4.3
CVSSv3
CVE-2023-0609
Improper Authorization in GitHub repository wallabag/wallabag before 2.5.3.
Wallabag Wallabag
1 Github repository
9.8
CVSSv3
CVE-2023-1091
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Alpata Licensed Warehousing Automation System allows Command Line Execution through SQL Injection.This issue affects Licensed Warehousing Automation System: up to and i...
Alpatateknoloji Licensed Warehousing Automation System
1 Github repository
7.8
CVSSv3
CVE-2023-21812
Windows Common Log File System Driver Elevation of Privilege Vulnerability
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016 -
Microsoft Windows Server 2008 -
Microsoft Windows Server 2012 -
Microsoft Windows Server 2019 -
Microsoft Windows Server 2022 -
Microsoft Windows 10 1809
Microsoft Windows 10 20h2
Microsoft Windows 11 21h2
Microsoft Windows 10 21h2
Microsoft Windows 11 22h2
Microsoft Windows 10 22h2
Microsoft Windows 10 1607
Microsoft Windows 10
1 Github repository
7.8
CVSSv3
CVE-2010-2524
The DNS resolution functionality in the CIFS implementation in the Linux kernel prior to 2.6.35, when CONFIG_CIFS_DFS_UPCALL is enabled, relies on a user's keyring for the dns_resolver upcall in the cifs.upcall userspace helper, which allows local users to spoof the results ...
Linux Linux Kernel
Vmware Esx 4.1
Vmware Esx 4.0
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 9.10
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
Suse Suse Linux Enterprise Server 11
Suse Suse Linux Enterprise Desktop 11
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5274
CVE-2024-35388
CVE-2024-35396
elevation of privilege
CVE-2021-47544
file upload
CVE-2021-47545
memory leak
CVE-2024-4956
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »