Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
halfdog vulnerabilities and exploits
(subscribe to this query)
725
VMScore
CVE-2015-1336
The daily mandb cleanup job in Man-db prior to 2.7.6.1-1 as packaged in Ubuntu and Debian allows local users with access to the man account to gain privileges via vectors involving insecure chown use.
Man-db Project Man-db
1 EDB exploit
725
VMScore
CVE-2016-1575
The overlayfs implementation in the Linux kernel up to and including 4.5.2 does not properly maintain POSIX ACL xattr data, which allows local users to gain privileges by leveraging a group-writable setgid directory.
Linux Linux Kernel
Canonical Ubuntu Touch 15.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 16.10
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Core 15.04
1 EDB exploit
725
VMScore
CVE-2016-1576
The overlayfs implementation in the Linux kernel up to and including 4.5.2 does not properly restrict the mount namespace, which allows local users to gain privileges by mounting an overlayfs filesystem on top of a FUSE filesystem, and then executing a crafted setuid program.
Canonical Ubuntu Core 15.04
Canonical Ubuntu Touch 15.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 16.10
Linux Linux Kernel
1 EDB exploit
725
VMScore
CVE-2016-2856
pt_chown in the glibc package prior to 2.19-18+deb8u4 on Debian jessie; the elibc package prior to 2.15-0ubuntu10.14 on Ubuntu 12.04 LTS and prior to 2.19-0ubuntu6.8 on Ubuntu 14.04 LTS; and the glibc package prior to 2.21-0ubuntu4.2 on Ubuntu 15.10 and prior to 2.23-0ubuntu1 on ...
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 12.04
Debian Debian Linux 8.0
1 EDB exploit
725
VMScore
CVE-2015-1338
kernel_crashdump in Apport prior to 2.19 allows local users to cause a denial of service (disk consumption) or possibly gain privileges via a (1) symlink or (2) hard link attack on /var/crash/vmcore.log.
Apport Project Apport
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 15.04
1 EDB exploit
725
VMScore
CVE-2015-2285
The logrotation script (/etc/cron.daily/upstart) in the Ubuntu Upstart package prior to 1.13.2-0ubuntu9, as used in Ubuntu Vivid 15.04, allows local users to execute arbitrary commands and gain privileges via a crafted file in /run/user/*/upstart/sessions/.
Ubuntu Upstart
Ubuntu Vivid 15.04
1 EDB exploit
615
VMScore
CVE-2015-8543
The networking implementation in the Linux kernel up to and including 4.3.3, as used in Android and other products, does not validate protocol identifiers for certain protocol families, which allows local users to cause a denial of service (NULL function pointer dereference and s...
Linux Linux Kernel
585
VMScore
CVE-2010-3879
FUSE, possibly 2.8.5 and previous versions, allows local users to create mtab entries with arbitrary pathnames, and consequently unmount any filesystem, via a symlink attack on the parent directory of the mountpoint of a FUSE filesystem, a different vulnerability than CVE-2010-07...
Libfuse Project Libfuse
1 EDB exploit
465
VMScore
CVE-2016-2854
The aufs module for the Linux kernel 3.x and 4.x does not properly maintain POSIX ACL xattr data, which allows local users to gain privileges by leveraging a group-writable setgid directory.
Linux Linux Kernel
1 EDB exploit
465
VMScore
CVE-2012-0031
scoreboard.c in the Apache HTTP Server 2.2.21 and previous versions might allow local users to cause a denial of service (daemon crash during shutdown) or possibly have unspecified other impact by modifying a certain type field within a scoreboard shared memory segment, leading t...
Apache Http Server
Debian Debian Linux 5.0
Debian Debian Linux 7.0
Debian Debian Linux 6.0
Opensuse Opensuse 11.4
Suse Linux Enterprise Software Development Kit 10
Suse Linux Enterprise Server 10
Redhat Jboss Enterprise Web Server 1.0.0
Redhat Enterprise Linux Server Aus 6.2
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Storage 2.0
Redhat Enterprise Linux Eus 6.2
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »