Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
denis andzakovic vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-11365
An issue exists in atftpd in atftp 0.7.1. A remote attacker may send a crafted packet triggering a stack-based buffer overflow due to an insecurely implemented strncpy call. The vulnerability is triggered by sending an error packet of 3 bytes or fewer. There are multiple instance...
Atftp Project Atftp 0.7.1
2 Github repositories
8.1
CVSSv3
CVE-2018-20836
An issue exists in the Linux kernel prior to 4.20. There is a race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c, leading to a use-after-free.
Linux Linux Kernel
Canonical Ubuntu Linux 16.04
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
F5 Traffix Signaling Delivery Controller 5.1.0
F5 Traffix Signaling Delivery Controller 5.0.0
Netapp Virtual Storage Console
Netapp Active Iq Unified Manager
Netapp Vasa Provider For Clustered Data Ontap
Netapp Solidfire \\& Hci Management Node -
Netapp Snapprotect -
Netapp Hci Compute Node -
Netapp Solidfire \\& Hci Storage Node -
Netapp Storage Replication Adapter For Clustered Data Ontap -
Opensuse Leap 15.0
Opensuse Leap 15.1
7.8
CVSSv3
CVE-2017-18509
An issue exists in net/ipv6/ip6mr.c in the Linux kernel prior to 4.11. By setting a specific socket option, an attacker can control a pointer in kernel land and cause an inet_csk_listen_stop general protection fault, or potentially execute arbitrary code under certain circumstanc...
Linux Linux Kernel
Debian Debian Linux 8.0
Canonical Ubuntu Linux 16.04
Debian Debian Linux 9.0
Debian Debian Linux 10.0
7.8
CVSSv3
CVE-2018-20856
An issue exists in the Linux kernel prior to 4.18.7. In block/blk-core.c, there is an __blk_drain_queue() use-after-free because a certain error case is mishandled.
Linux Linux Kernel
7.8
CVSSv3
CVE-2018-10900
Network Manager VPNC plugin (aka networkmanager-vpnc) before version 1.2.6 is vulnerable to a privilege escalation attack. A new line character can be used to inject a Password helper parameter into the configuration data passed to VPNC, allowing an malicious user to execute arbi...
Gnome Network Manager Vpnc
Debian Debian Linux 8.0
Debian Debian Linux 9.0
1 EDB exploit
7.7
CVSSv3
CVE-2019-3900
An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming packets in handle_rx(). It could occur if one end sends packets faster than the other end can process them. A guest user, maybe remote one, could ...
Linux Linux Kernel
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Netapp Vasa Provider For Clustered Data Ontap
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Snapprotect -
Netapp Active Iq Unified Manager For Vmware Vsphere
Netapp Virtual Storage Console For Vmware Vsphere
Netapp Storage Replication Adapter For Clustered Data Ontap For Vmware Vsphere
Netapp Cn1610 Firmware -
Oracle Sd-wan Edge 8.2
Fedoraproject Fedora 28
7.5
CVSSv3
CVE-2019-10639
The Linux kernel 4.x (starting from 4.1) and 5.x prior to 5.0.8 allows Information Exposure (partial kernel address disclosure), leading to a KASLR bypass. Specifically, it is possible to extract the KASLR kernel image offset using the IP ID values the kernel produces for connect...
Linux Linux Kernel
6.8
CVSSv3
CVE-2019-14283
In the Linux kernel prior to 5.2.3, set_geometry in drivers/block/floppy.c does not validate the sect and head fields, as demonstrated by an integer overflow and out-of-bounds read. It can be triggered by an unprivileged local user when a floppy disk has been inserted. NOTE: QEMU...
Linux Linux Kernel
6.8
CVSSv3
CVE-2019-13631
In parse_hid_report_descriptor in drivers/input/tablet/gtco.c in the Linux kernel up to and including 5.2.1, a malicious USB device can send an HID report that triggers an out-of-bounds write during generation of debugging messages.
Linux Linux Kernel
6.5
CVSSv3
CVE-2019-10638
In the Linux kernel prior to 5.1.7, a device can be tracked by an attacker using the IP ID values the kernel produces for connection-less protocols (e.g., UDP and ICMP). When such traffic is sent to multiple destination IP addresses, it is possible to obtain hash collisions (of i...
Linux Linux Kernel
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »