Vulmon
Recent Vulnerabilities
Discussions
Trends
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
local users vulnerabilities and exploits
7.2
CVSSv2
CVE-2004-0186
smbmnt in Samba 2.x and 3.x on Linux 2.6, when installed setuid, allows local users to gain root privileges by mounting a Samba share that contains a setuid root program, whose setuid attributes are not cleared when the share is mounted....
Samba
Linux
Linux Kernel
1 EDB exploit available
1 Github repository available
3.3
CVSSv2
CVE-2011-1678
smbfs in Samba 3.5.8 and earlier attempts to use (1) mount.cifs to append to the /etc/mtab file and (2) umount.cifs to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab...
Samba
3.3
CVSSv2
CVE-2011-1089
The addmntent function in the GNU C Library (aka glibc or libc6) 2.13 and earlier does not report an error status for failed attempts to write to the /etc/mtab file, which makes it easier for local users to trigger corruption of this file, as demonstrated by writes from a...
Gnu
Glibc
2.1
CVSSv2
CVE-2018-1655
IBM AIX 5.3, 6.1, 7.1, and 7.2 contains a vulnerability in the rmsock command that may be used to expose kernel memory. IBM X-Force ID: 144748....
Ibm
Aix
2.1
CVSSv2
CVE-2009-3554
Twiddle in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP08 and 4.3 before 4.3.0.CP07 writes the JMX password, and other command-line arguments, to the twiddle.log file, which allows local users to obtain sensitive information by...
Redhat
Jboss Enterprise Application Platform
4.3
CVSSv2
CVE-2009-1380
Cross-site scripting (XSS) vulnerability in JMX-Console in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP08 and 4.3 before 4.3.0.CP07 allows remote attackers to inject arbitrary web script or HTML via the filter parameter,...
Redhat
Jboss Enterprise Application Platform
4.3
CVSSv2
CVE-2009-2405
Multiple cross-site scripting (XSS) vulnerabilities in the Web Console in the Application Server in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2.0 before 4.2.0.CP08, 4.2.2GA, 4.3 before 4.3.0.CP07, and 5.1.0GA allow remote attackers to inject...
Redhat
Jboss Enterprise Application Platform
2.1
CVSSv2
CVE-2005-0421
DelphiTurk FTP 1.0 stores usernames and passwords in the profile.dat file, which allows local users to gain privileges....
Delphiturk
Delphiturk Ftp
1 EDB exploit available
7.2
CVSSv2
CVE-2003-1167
misc.cpp in KPopup 0.9.1 trusts the PATH variable when executing killall, which allows local users to elevate their privileges by modifying the PATH variable to reference a malicious killall program....
Gernot Stocker
Kpopup
1 EDB exploit available
7.2
CVSSv2
CVE-2003-1170
Format string vulnerability in main.cpp in kpopup 0.9.1 and 0.9.5pre2 allows local users to cause a denial of service (segmentation fault) and possibly execute arbitrary code via format string specifiers in command line arguments....
Gernot Stocker
Kpopup
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
overflow
type confusion
wso2
CVE-2020-5212
api manager
bypass
CVE-2019-10779
CVE-2020-0609
CVE-2020-0674
CVE-2020-7998
CVE-2019-15581
1
2
3
4
5
NEXT »
Vulmon