Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
canonical apparmor vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2017-6507
An issue exists in AppArmor prior to 2.12. Incorrect handling of unknown AppArmor profiles in AppArmor init scripts, upstart jobs, and/or systemd unit files allows an malicious user to possibly have increased attack surfaces of processes that were intended to be confined by AppAr...
Apparmor Apparmor
Canonical Ubuntu Core 15.04
Canonical Ubuntu Touch 15.04
668
VMScore
CVE-2016-1585
In all versions of AppArmor mount rules are accidentally widened when compiled.
Canonical Apparmor
1 Github repository
570
VMScore
CVE-2014-1424
apparmor_parser in the apparmor package prior to 2.8.95~2430-0ubuntu5.1 in Ubuntu 14.04 allows malicious users to bypass AppArmor policies via unspecified vectors, related to a "miscompilation flaw."
Ubuntu Apparmor
Canonical Ubuntu 14.04
409
VMScore
CVE-2021-4120
snapd 2.54.2 fails to perform sufficient validation of snap content interface and layout paths, resulting in the ability for snaps to inject arbitrary AppArmor policy rules via malformed content interface and layout declarations and hence escape strict snap confinement. Fixed in ...
Canonical Snapd
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 21.10
Fedoraproject Fedora 34
Fedoraproject Fedora 35
1 Article
409
VMScore
CVE-2018-6553
The CUPS AppArmor profile incorrectly confined the dnssd backend due to use of hard links. A local attacker could possibly use this issue to escape confinement. This flaw affects versions before 2.2.7-1ubuntu2.1 in Ubuntu 18.04 LTS, before 2.2.4-7ubuntu3.1 in Ubuntu 17.10, before...
Cups Cups -
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Debian Debian Linux 9.0
Canonical Ubuntu Linux 18.04
Debian Debian Linux 8.0
641
VMScore
CVE-2015-1335
lxc-start in lxc prior to 1.0.8 and 1.1.x prior to 1.1.4 allows local container administrators to escape AppArmor confinement via a symlink attack on a (1) mount target or (2) bind mount source.
Linuxcontainers Lxc 1.1.2
Linuxcontainers Lxc 1.1.3
Linuxcontainers Lxc
Linuxcontainers Lxc 1.1.0
Linuxcontainers Lxc 1.1.1
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
695
VMScore
CVE-2019-11810
An issue exists in the Linux kernel prior to 5.0.7. A NULL pointer dereference can occur when megasas_create_frame_pool() fails in megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_base.c. This causes a Denial of Service, related to a use-after-free.
Linux Linux Kernel
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Debian Debian Linux 8.0
187
VMScore
CVE-2016-5337
The megasas_ctrl_get_info function in hw/scsi/megasas.c in QEMU allows local guest OS administrators to obtain sensitive host memory information via vectors related to reading device control information.
Qemu Qemu
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Debian Debian Linux 8.0
409
VMScore
CVE-2016-4439
The esp_reg_write function in hw/scsi/esp.c in the 53C9X Fast SCSI Controller (FSC) support in QEMU does not properly check command buffer length, which allows local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) or potentially e...
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Qemu Qemu
Debian Debian Linux 8.0
187
VMScore
CVE-2016-4441
The get_cmd function in hw/scsi/esp.c in the 53C9X Fast SCSI Controller (FSC) support in QEMU does not properly check DMA length, which allows local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via unspecified vectors, involvin...
Qemu Qemu
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Debian Debian Linux 8.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »