Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
lock vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2023-3090
A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation. The out-of-bounds write is caused by missing skb->cb initialization in the ipvlan network driver. The vulnerability is reachable if CONFIG...
Linux Linux Kernel
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
7.8
CVSSv3
CVE-2023-21225
there is a possible way to bypass the protected confirmation screen due to Failure to lock display power. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android...
Google Android -
7.8
CVSSv3
CVE-2023-35788
An issue exists in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel prior to 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. This may result in denial of service or privilege escalation.
Linux Linux Kernel
Debian Debian Linux 12.0
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 22.04
Debian Debian Linux 10.0
Debian Debian Linux 11.0
7.8
CVSSv3
CVE-2023-29733
The Lock Master app 2.2.4 for Android allows unauthorized apps to modify the values in its SharedPreference files. These files hold data that affects many app functions. Malicious modifications by unauthorized apps can cause security issues, such as functionality manipulation, re...
Dualspace Lock Master 2.2.4
7.8
CVSSv3
CVE-2023-2124
An out-of-bounds memory access flaw was found in the Linux kernel’s XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user to crash or potentially escalate their privileges on the system.
Linux Linux Kernel
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Netapp H300s Firmware -
Netapp H410c Firmware -
Netapp H410s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
7.8
CVSSv3
CVE-2023-1078
A flaw was found in the Linux Kernel in RDS (Reliable Datagram Sockets) protocol. The rds_rm_zerocopy_callback() uses list_entry() on the head of a list causing a type confusion. Local user can trigger this with rds_message_put(). Type confusion leads to `struct rds_msg_zcopy_inf...
Linux Linux Kernel
7.8
CVSSv3
CVE-2022-36443
An issue exists in Zebra Enterprise Home Screen 4.1.19. The device allows the administrator to lock some communication channels (wireless and SD card) but it is still possible to use a physical connection (Ethernet cable) without restriction.
Zebra Enterprise Home Screen 4.1.19
7.8
CVSSv3
CVE-2022-22095
Memory corruption in synx driver due to use-after-free condition in the synx driver due to accessing object handles without acquiring lock in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
Qualcomm Apq8053 Firmware -
Qualcomm Msm8953 Firmware -
Qualcomm Qca6390 Firmware -
Qualcomm Qca6391 Firmware -
Qualcomm Qca6426 Firmware -
Qualcomm Qca6436 Firmware -
Qualcomm Qcm2290 Firmware -
Qualcomm Qcm4290 Firmware -
Qualcomm Qcs2290 Firmware -
Qualcomm Qcs4290 Firmware -
Qualcomm Qrb5165 Firmware -
Qualcomm Qrb5165m Firmware -
Qualcomm Qrb5165n Firmware -
Qualcomm Sd439 Firmware -
Qualcomm Sd460 Firmware -
Qualcomm Sd662 Firmware -
Qualcomm Sd680 Firmware -
Qualcomm Sd690 5g Firmware -
Qualcomm Sd750g Firmware -
Qualcomm Sd765 Firmware -
Qualcomm Sd765g Firmware -
Qualcomm Sd768g Firmware -
7.8
CVSSv3
CVE-2022-2225
By using warp-cli subcommands (disable-ethernet, disable-wifi), it was possible for a user without admin privileges to bypass configured Zero Trust security policies (e.g. Secure Web Gateway policies) and features such as 'Lock WARP switch'.
Cloudflare Warp
7.8
CVSSv3
CVE-2022-33743
network backend may cause Linux netfront to use freed SKBs While adding logic to support XDP (eXpress Data Path), a code label was moved in a way allowing for SKBs having references (pointers) retained for further processing to nevertheless be freed.
Xen Xen -
Linux Linux Kernel
Debian Debian Linux 11.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »