Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
max kellermann vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2019-12412
A flaw in the libapreq2 v2.07 to v2.13 multipart parser can deference a null pointer leading to a process crash. A remote attacker could send a request causing a process crash which could lead to a denial of service attack.
Apache Libapreq2
NA
CVE-2008-5824
Heap-based buffer overflow in msadpcm.c in libaudiofile in audiofile 0.2.6 allows context-dependent malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted WAV file.
68k Audiofile 0.2.6
1 EDB exploit
7.8
CVSSv3
CVE-2022-0516
A vulnerability was found in kvm_s390_guest_sida_op in the arch/s390/kvm/kvm-s390.c function in KVM for s390 in the Linux kernel. This flaw allows a local attacker with a normal user privilege to obtain unauthorized memory write access. This flaw affects Linux kernel versions bef...
Linux Linux Kernel
Linux Linux Kernel 5.17
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 11.0
Redhat Virtualization Host 4.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux Server Update Services For Sap Solutions 8.4
Redhat Enterprise Linux For Power Little Endian 8.0
Redhat Enterprise Linux For Ibm Z Systems Eus 8.4
Redhat Enterprise Linux For Ibm Z Systems 8.0
Redhat Enterprise Linux For Power Little Endian Eus 8.4
Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 8.4
Redhat Codeready Linux Builder -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
7.8
CVSSv3
CVE-2022-25636
net/netfilter/nf_dup_netdev.c in the Linux kernel 5.4 up to and including 5.6.10 allows local users to gain privileges because of a heap out-of-bounds write. This is related to nf_tables_offload.
Linux Linux Kernel
Debian Debian Linux 11.0
Netapp H300s -
Netapp H500s -
Netapp H700s -
Netapp H300e -
Netapp H500e -
Netapp H700e -
Netapp H410s -
Netapp H410c -
Oracle Communications Cloud Native Core Binding Support Function 22.1.3
Oracle Communications Cloud Native Core Policy 22.2.0
Oracle Communications Cloud Native Core Network Exposure Function 22.1.1
6 Github repositories
7.8
CVSSv3
CVE-2022-0847
A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to...
Linux Linux Kernel
Fedoraproject Fedora 35
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux For Real Time 8
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux For Real Time For Nfv Tus 8.4
Redhat Enterprise Linux For Real Time For Nfv Tus 8.2
Redhat Enterprise Linux For Real Time Tus 8.4
Redhat Enterprise Linux For Real Time Tus 8.2
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux For Real Time For Nfv 8
Redhat Enterprise Linux Server Update Services For Sap Solutions 8.2
Redhat Enterprise Linux Server Update Services For Sap Solutions 8.4
Redhat Enterprise Linux Server Update Services For Sap Solutions 8.1
Redhat Enterprise Linux For Power Little Endian Eus 8.2
Redhat Enterprise Linux For Ibm Z Systems Eus 8.2
Redhat Enterprise Linux For Power Little Endian 8.0
Redhat Enterprise Linux For Ibm Z Systems Eus 8.4
147 Github repositories
4 Articles
5.6
CVSSv3
CVE-2022-23960
Certain Arm Cortex and Neoverse processors through 2022-03-08 do not properly restrict cache speculation, aka Spectre-BHB. An attacker can leverage the shared branch history in the Branch History Buffer (BHB) to influence mispredicted branches. Then, cache allocation can allow th...
Xen Xen -
Arm Cortex-r7 Firmware -
Arm Cortex-r8 Firmware -
Arm Cortex-a57 Firmware -
Arm Cortex-a65 Firmware -
Arm Cortex-a65ae Firmware -
Arm Cortex-a710 Firmware -
Arm Cortex-a72 Firmware -
Arm Cortex-a73 Firmware -
Arm Cortex-a75 Firmware -
Arm Cortex-a76 Firmware -
Arm Cortex-a76ae Firmware -
Arm Cortex-a77 Firmware -
Arm Cortex-a78 Firmware -
Arm Cortex-a78ae Firmware -
Arm Cortex-x1 Firmware -
Arm Cortex-x2 Firmware -
Arm Neoverse-e1 Firmware -
Arm Neoverse-v1 Firmware -
Arm Neoverse N1 Firmware -
Arm Neoverse N2 Firmware -
Debian Debian Linux 9.0
1 Github repository
2 Articles
4.6
CVSSv3
CVE-2021-43976
In the Linux kernel up to and including 5.15.2, mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker (who can connect a crafted USB device) to cause a denial of service (skb_over_panic).
Linux Linux Kernel
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Cloud Backup -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
Oracle Communications Cloud Native Core Binding Support Function 22.1.3
Oracle Communications Cloud Native Core Policy 22.2.0
Oracle Communications Cloud Native Core Network Exposure Function 22.1.1
4.6
CVSSv3
CVE-2022-25258
An issue exists in drivers/usb/gadget/composite.c in the Linux kernel prior to 5.16.10. The USB Gadget subsystem lacks certain validation of interface OS descriptor requests (ones with a large array index and ones associated with NULL function pointer retrieval). Memory corruptio...
Linux Linux Kernel
Fedoraproject Fedora 35
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Active Iq Unified Manager -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
1 Github repository
5.5
CVSSv3
CVE-2022-25375
An issue exists in drivers/usb/gadget/function/rndis.c in the Linux kernel prior to 5.16.10. The RNDIS USB gadget lacks validation of the size of the RNDIS_MSG_SET command. Attackers can obtain sensitive information from kernel memory.
Linux Linux Kernel
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
1 Github repository
5.5
CVSSv3
CVE-2022-24959
An issue exists in the Linux kernel prior to 5.16.5. There is a memory leak in yam_siocdevprivate in drivers/net/hamradio/yam.c.
Linux Linux Kernel
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065
open redirect
CVE-2024-1086
path traversal
CVE-2024-29825
XXE
CVE-2024-29822
CVE-2024-20696
CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »