Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
backports vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-3250
It exists that Canonical's Pebble service manager read-file API and the associated pebble pull command, before v1.10.2, allowed unprivileged local users to read files with root-equivalent permissions when Pebble was running as root. Fixes are also available as backports to v...
7.8
CVSSv3
CVE-2024-23225
A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4. An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report...
Apple Ipad Os
Apple Iphone Os
Apple Macos
Apple Tvos
Apple Visionos
Apple Watchos
4 Articles
7.8
CVSSv3
CVE-2024-23296
A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 17.4 and iPadOS 17.4. An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this issue may have been...
Apple Ipad Os
Apple Iphone Os
Apple Macos
Apple Tvos
Apple Visionos
Apple Watchos
5 Articles
8.8
CVSSv3
CVE-2024-23222
A type confusion issue was addressed with improved checks. This issue is fixed in iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, tvOS 17.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been expl...
Apple Macos
Apple Iphone Os
Apple Ipados
Apple Tvos
Apple Safari
Apple Visionos
2 Articles
6.5
CVSSv3
CVE-2023-42916
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 17.1.2 and iPadOS 17.1.2, macOS Sonoma 14.1.2, Safari 17.1.2. Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been exploit...
Apple Safari
Apple Ipados
Apple Iphone Os
Apple Macos
5 Articles
8.8
CVSSv3
CVE-2023-42917
A memory corruption vulnerability was addressed with improved locking. This issue is fixed in iOS 17.1.2 and iPadOS 17.1.2, macOS Sonoma 14.1.2, Safari 17.1.2. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been ex...
Apple Safari
Apple Ipados
Apple Iphone Os
Apple Macos
5 Articles
5.9
CVSSv3
CVE-2022-2127
An out-of-bounds read vulnerability was found in Samba due to insufficient length checks in winbindd_pam_auth_crap.c. When performing NTLM authentication, the client replies to cryptographic challenges back to the server. These replies have variable lengths, and Winbind fails to ...
Samba Samba
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Debian Debian Linux 12.0
5.9
CVSSv3
CVE-2023-3347
A vulnerability was found in Samba's SMB2 packet signing mechanism. The SMB2 packet signing is not enforced if an admin configured "server signing = required" or for SMB2 connections to Domain Controllers where SMB2 packet signing is mandatory. This flaw allows an ...
Samba Samba
Redhat Enterprise Linux 8.0
Redhat Storage 3.0
Redhat Enterprise Linux 9.0
Fedoraproject Fedora 38
7.5
CVSSv3
CVE-2023-34966
An infinite loop vulnerability was found in Samba's mdssvc RPC service for Spotlight. When parsing Spotlight mdssvc RPC packets sent by the client, the core unmarshalling function sl_unpack_loop() did not validate a field in the network packet that contains the count of elem...
Samba Samba
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
5.3
CVSSv3
CVE-2023-34967
A Type Confusion vulnerability was found in Samba's mdssvc RPC service for Spotlight. When parsing Spotlight mdssvc RPC packets, one encoded data structure is a key-value style dictionary where the keys are character strings, and the values can be any of the supported types ...
Samba Samba
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »