Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
linux audit vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2015-5186
Audit prior to 2.4.4 in Linux does not sanitize escape characters in filenames.
Linux Audit Project Linux Audit
4.1
CVSSv2
CVE-2008-1628
Stack-based buffer overflow in the audit_log_user_command function in lib/audit_logging.c in Linux Audit prior to 1.7 might allow remote malicious users to execute arbitrary code via a long command argument. NOTE: some of these details are obtained from third party information.
Linux Audit
9.3
CVSSv2
CVE-2020-8813
graph_realtime.php in Cacti 1.2.8 allows remote malicious users to execute arbitrary OS commands via shell metacharacters in a cookie, if a guest user has the graph real-time privilege.
Cacti Cacti 1.2.8
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Opmantek Open-audit 3.3.1
Opensuse Suse Package Hub
Debian Debian Linux 10.0
2 EDB exploits
5 Github repositories
3.6
CVSSv2
CVE-2020-35501
A flaw was found in the Linux kernels implementation of audit rules, where a syscall can unexpectedly not be correctly not be logged by the audit subsystem
Linux Linux Kernel
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
7.5
CVSSv2
CVE-2008-1926
Argument injection vulnerability in login (login-utils/login.c) in util-linux-ng 2.14 and previous versions makes it easier for remote malicious users to hide activities by modifying portions of log events, as demonstrated by appending an "addr=" statement to the login ...
Linux Util-linux 2.13.0.1
Linux Util-linux 2.13
Linux Util-linux 2.13.1
Linux Util-linux 2.13.1.1
Linux Util-linux 2.14
4.7
CVSSv2
CVE-2007-0001
The file watch implementation in the audit subsystem (auditctl -w) in the Red Hat Enterprise Linux (RHEL) 4 kernel 2.6.9 allows local users to cause a denial of service (kernel panic) by replacing a watched file, which does not cause the watch on the old inode to be dropped.
Redhat Enterprise Linux 4.0
1 EDB exploit
5
CVSSv2
CVE-2018-1125
procps-ng before version 3.3.15 is vulnerable to a stack buffer overflow in pgrep. This vulnerability is mitigated by FORTIFY, as it involves strncat() to a stack-allocated string. When pgrep is compiled with FORTIFY (as on Red Hat Enterprise Linux and Fedora), the impact is limi...
Procps-ng Project Procps-ng
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 18.04
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
Opensuse Leap 15.1
5
CVSSv2
CVE-2018-1123
procps-ng before version 3.3.15 is vulnerable to a denial of service in ps via mmap buffer overflow. Inbuilt protection in ps maps a guard page at the end of the overflowed buffer, ensuring that the impact of this flaw is limited to a crash (temporary denial of service).
Procps-ng Project Procps-ng
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 18.04
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
1 EDB exploit
2.1
CVSSv2
CVE-2004-1237
Unknown vulnerability in the system call filtering code in the audit subsystem for Red Hat Enterprise Linux 3 allows local users to cause a denial of service (system crash) via unknown vectors.
Suse Suse Linux 9.0
Linux Linux Kernel 2.4.18
Linux Linux Kernel 2.4.15
Linux Linux Kernel 2.4.0
Linux Linux Kernel 2.6.5
Linux Linux Kernel 2.4.11
Linux Linux Kernel 2.6.1
Suse Suse Linux 9.2
Redhat Enterprise Linux Desktop 3.0
Linux Linux Kernel 2.4.27
Linux Linux Kernel 2.4.26
Suse Suse Linux 8.2
Redhat Enterprise Linux 3.0
Linux Linux Kernel 2.4.19
Linux Linux Kernel 2.4.21
Linux Linux Kernel 2.6.10
Linux Linux Kernel 2.4.12
Linux Linux Kernel 2.4.13
Linux Linux Kernel 2.6.0
Suse Suse Linux 8
Linux Linux Kernel 2.6.3
Suse Suse Linux 1.0
4.6
CVSSv2
CVE-2016-5412
arch/powerpc/kvm/book3s_hv_rmhandlers.S in the Linux kernel up to and including 4.7 on PowerPC platforms, when CONFIG_KVM_BOOK3S_64_HV is enabled, allows guest OS users to cause a denial of service (host OS infinite loop) by making a H_CEDE hypercall during the existence of a sus...
Linux Linux Kernel
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »