Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
compound vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2021-47450
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix host stage-2 PGD refcount The KVM page-table library refcounts the pages of concatenated stage-2 PGDs individually. However, when running KVM in protected mode, the host's stage-2 PGD is curr...
NA
CVE-2023-52739
In the Linux kernel, the following vulnerability has been resolved: Fix page corruption caused by racy check in __free_pages When we upgraded our kernel, we started seeing some page corruption like the following consistently: BUG: Bad page state in process ganesha.nfsd pfn:1304ca...
NA
CVE-2024-26640
In the Linux kernel, the following vulnerability has been resolved: tcp: add sanity checks to rx zerocopy TCP rx zerocopy intent is to map pages initially allocated from NIC drivers, not pages owned by a fs. This patch adds to can_map_frag() these additional checks: - Page must n...
NA
CVE-2023-52442
In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate session id and tree id in compound request `smb2_get_msg()` in smb2_get_ksmbd_tcon() and smb2_check_user_session() will always return the first request smb2 header in a compound request. if `SMB2_...
8.1
CVSSv3
CVE-2022-47943
An issue exists in ksmbd in the Linux kernel 5.15 up to and including 5.19 prior to 5.19.2. There is an out-of-bounds read and OOPS for SMB2_WRITE, when there is a large length in the zero DataOffset case.
Linux Linux Kernel
9.8
CVSSv3
CVE-2022-47939
An issue exists in ksmbd in the Linux kernel 5.15 up to and including 5.19 prior to 5.19.2. fs/ksmbd/smb2pdu.c has a use-after-free and OOPS for SMB2_TREE_DISCONNECT.
Linux Linux Kernel
6.5
CVSSv3
CVE-2018-20802
A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries with compound indexes affecting QueryPlanner. This issue affects MongoDB Server v3.6 versions before 3.6.9 and MongoDB Server v4.0 versions before 4.0.3.
Mongodb Mongodb
7.5
CVSSv3
CVE-2019-20809
The price oracle in PriceOracle.sol in Compound Finance Compound Price Oracle 1.0 up to and including 2.0 allows a price poster to set an invalid asset price via the setPrice function, and consequently violate the intended limits on price swings.
Compound Price Oracle
9.8
CVSSv3
CVE-2020-11656
In SQLite up to and including 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a compound SELECT statement.
Sqlite Sqlite
Netapp Ontap Select Deploy Administration Utility -
Oracle Outside In Technology 8.5.4
Oracle Outside In Technology 8.5.5
Oracle Hyperion Infrastructure Technology 11.1.2.4
Oracle Enterprise Manager Ops Center 12.4.0.0
Oracle Mysql
Oracle Communications Network Charging And Control 12.0.2
Oracle Communications Network Charging And Control 6.0.1
Oracle Communications Network Charging And Control
Oracle Zfs Storage Appliance Kit 8.8
Oracle Communications Messaging Server 8.1
Oracle Mysql Workbench
Siemens Sinec Infrastructure Network Services
Tenable Tenable.sc
5.5
CVSSv3
CVE-2018-5201
Hancom Office 2018 10.0.0.8214 and previous versions, Hancom Office NEO 9.6.1.10472 and previous versions, Hancom Office 2014 9.1.1.4540 and previous versions, Hancom Office 2010 8.5.8.1724 and previous versions versions have a heap overflow vulnerability when handling Compound F...
Hancom Hancom Office 2018
Hancom Hancom Office Neo
Hancom Hancom Office 2014
Hancom Hancom Office 2010
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »