Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file reporter vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2021-41133
Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. In versions before 1.10.4 and 1.12.0, Flatpak apps with direct access to AF_UNIX sockets such as those used by Wayland, Pipewire or pipewire-pulse can trick portals and other host...
Flatpak Flatpak
Debian Debian Linux 11.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
7.8
CVSSv3
CVE-2020-13549
An exploitable local privilege elevation vulnerability exists in the file system permissions of Sytech XL Reporter v14.0.1 install directory. Depending on the vector chosen, an attacker can overwrite service executables and execute arbitrary code with privileges of user set to ru...
Sytech Xlreporter 14.0.1
7.8
CVSSv3
CVE-2017-8951
A Disclosure of Sensitive Information vulnerability in HPE SiteScope version v11.2x, v11.3x was found.
Hp Sitescope 11.24.391
Hp Sitescope 11.30
Hp Sitescope 11.30.521
Hp Sitescope 11.31
Hp Sitescope 11.32
Hp Sitescope 11.21
Hp Sitescope 11.23
Hp Sitescope 11.33
Hp Sitescope 11.20
Hp Sitescope 11.22
Hp Sitescope 11.24
7.8
CVSSv3
CVE-2016-9950
An issue exists in Apport prior to 2.20.4. There is a path traversal issue in the Apport crash file "Package" and "SourcePackage" fields. These fields are used to build a path to the package specific hook files in the /usr/share/apport/package-hooks/ directory...
Apport Project Apport
Canonical Ubuntu Linux
1 EDB exploit
1 Github repository
1 Article
7.8
CVSSv3
CVE-2016-9949
An issue exists in Apport prior to 2.20.4. In apport/ui.py, Apport reads the CrashDB field and it then evaluates the field as Python code if it begins with a "{". This allows remote malicious users to execute arbitrary Python code.
Apport Project Apport
Canonical Ubuntu Linux
1 EDB exploit
1 Github repository
1 Article
7.5
CVSSv3
CVE-2017-8952
A Disclosure of Sensitive Information vulnerability in HPE SiteScope version v11.2x, v11.3x was found.
Hp Sitescope 11.22
Hp Sitescope 11.23
Hp Sitescope 11.24
Hp Sitescope 11.24.391
Hp Sitescope 11.21
Hp Sitescope 11.30
Hp Sitescope 11.31
Hp Sitescope 11.33
Hp Sitescope 11.20
Hp Sitescope 11.30.521
Hp Sitescope 11.32
7.5
CVSSv3
CVE-2015-2875
Absolute path traversal vulnerability on Seagate GoFlex Satellite, Seagate Wireless Mobile Storage, Seagate Wireless Plus Mobile Storage, and LaCie FUEL devices with firmware prior to 3.4.1.105 allows remote malicious users to read arbitrary files via a full pathname in a downloa...
Seagate Goflex Sattelite
Seagate Wireless Plus Mobile Storage
Seagate Wireless Mobile Storage
Lacie Lac9000464u Firmware
Lacie Lac9000436u Firmware
6.5
CVSSv3
CVE-2020-8834
KVM in the Linux kernel on Power8 processors has a conflicting use of HSTATE_HOST_R1 to store r1 state in kvmppc_hv_entry plus in kvmppc_{save,restore}_tm, leading to a stack corruption. Because of this, an attacker with the ability run code in kernel space of a guest VM can caus...
Linux Linux Kernel -
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Opensuse Leap 15.1
6.5
CVSSv3
CVE-2016-4966
The diagnosis_control.php page in Fortinet FortiWan (formerly AscernLink) prior to 4.2.5 allows remote authenticated users to download PCAP files via vectors related to the UserName GET parameter.
Fortinet Fortiwan
6.5
CVSSv3
CVE-2016-4967
Fortinet FortiWan (formerly AscernLink) prior to 4.2.5 allows remote authenticated users to obtain sensitive information from (1) a backup of the device configuration via script/cfg_show.php or (2) PCAP files via script/system/tcpdump.php.
Fortinet Fortiwan
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »