Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
noam rathaus vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2018-14734
drivers/infiniband/core/ucma.c in the Linux kernel up to and including 4.17.11 allows ucma_leave_multicast to access a certain data structure after a cleanup step in ucma_process_join, which allows malicious users to cause a denial of service (use-after-free).
Linux Linux Kernel
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Debian Debian Linux 9.0
Debian Debian Linux 8.0
5.9
CVSSv3
CVE-2018-10938
A flaw was found in the Linux kernel present since v4.0-rc1 and through v4.13-rc4. A crafted network packet sent remotely by an attacker may force the kernel to enter an infinite loop in the cipso_v4_optptr() function in net/ipv4/cipso_ipv4.c leading to a denial-of-service. A cer...
Linux Linux Kernel 4.0
Linux Linux Kernel 4.1
Linux Linux Kernel 4.2
Linux Linux Kernel 4.4
Linux Linux Kernel 4.6
Linux Linux Kernel 4.8
Linux Linux Kernel 4.10
Linux Linux Kernel 4.12
Linux Linux Kernel 4.3
Linux Linux Kernel 4.5
Linux Linux Kernel 4.7
Linux Linux Kernel 4.9
Linux Linux Kernel 4.11
Linux Linux Kernel 4.13
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Debian Debian Linux 9.0
6.1
CVSSv3
CVE-2018-16658
An issue exists in the Linux kernel prior to 4.18.6. An information leak in cdrom_ioctl_drive_status in drivers/cdrom/cdrom.c could be used by local malicious users to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to ...
Linux Linux Kernel
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Debian Debian Linux 9.0
Debian Debian Linux 8.0
NA
CVE-2006-4343
The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 prior to 0.9.7l, 0.9.8 prior to 0.9.8d, and previous versions versions allows remote servers to cause a denial of service (client crash) via unknown vectors that trigger a null pointer dereference.
Openssl Openssl 0.9.7f
Openssl Openssl 0.9.7g
Openssl Openssl 0.9.8b
Openssl Openssl 0.9.8c
Openssl Openssl 0.9.7a
Openssl Openssl 0.9.7b
Openssl Openssl 0.9.7c
Openssl Openssl 0.9.7j
Openssl Openssl 0.9.7k
Openssl Openssl 0.9.7d
Openssl Openssl 0.9.7e
Openssl Openssl 0.9.8
Openssl Openssl 0.9.8a
Openssl Openssl 0.9.7
Openssl Openssl 0.9.7h
Openssl Openssl 0.9.7i
Debian Debian Linux 3.1
Canonical Ubuntu Linux 5.04
Canonical Ubuntu Linux 5.10
Canonical Ubuntu Linux 6.06
2 EDB exploits
NA
CVE-2006-5444
Integer overflow in the get_input function in the Skinny channel driver (chan_skinny.c) in Asterisk 1.0.x prior to 1.0.12 and 1.2.x prior to 1.2.13, as used by Cisco SCCP phones, allows remote malicious users to execute arbitrary code via a certain dlen value that passes a signed...
Digium Asterisk 0.4
Digium Asterisk 0.7
Digium Asterisk 1.0.8
Digium Asterisk 1.0.9
Digium Asterisk 1.2.9
Digium Asterisk 1.2 Beta1
Digium Asterisk 0.2
Digium Asterisk 0.3
Digium Asterisk 1.0.11
Digium Asterisk 1.0.7
Digium Asterisk 1.2.7
Digium Asterisk 1.2.8
Digium Asterisk 0.1.7
Digium Asterisk 0.1.8
Digium Asterisk 0.7.1
Digium Asterisk 0.7.2
Digium Asterisk 1.2.10
Digium Asterisk 1.2.11
Digium Asterisk 1.2 Beta2
Digium Asterisk 0.1.9
Digium Asterisk 0.1.9.1
Digium Asterisk 0.9
1 EDB exploit
NA
CVE-2004-0600
Buffer overflow in the Samba Web Administration Tool (SWAT) in Samba 3.0.2 to 3.0.4 allows remote malicious users to execute arbitrary code via an invalid base-64 character during HTTP basic authentication.
Samba Samba 3.0.2
Samba Samba 3.0.2a
Samba Samba 3.0.3
Samba Samba 3.0.4
Trustix Secure Linux 2.0
Trustix Secure Linux 2.1
Trustix Secure Linux 1.5
1 EDB exploit
NA
CVE-2005-0404
KMail 1.7.1 in KDE 3.3.2 allows remote malicious users to spoof email information, such as whether the email has been digitally signed or encrypted, via HTML formatted email.
Kmail Kmail 1.7.1
Kde Kde 3.3.2
1 EDB exploit
NA
CVE-2004-2263
SQL injection vulnerability in the valid function in fr_left.php in PlaySMS 0.7 and previous versions allows remote malicious users to modify SQL statements via the vc2 cookie.
Playsms Playsms 0.6
Playsms Playsms 0.7
1 EDB exploit
NA
CVE-2002-2360
The RPC module in Webmin 0.21 up to and including 0.99, when installed without root or admin privileges, allows remote malicious users to read and write to arbitrary files and execute arbitrary commands via remote_foreign_require and remote_foreign_call requests.
Webmin Webmin 0.41
Webmin Webmin 0.51
Webmin Webmin 0.88
Webmin Webmin 0.92
Webmin Webmin 0.970
Webmin Webmin 0.990
Webmin Webmin 0.21
Webmin Webmin 0.22
Webmin Webmin 0.31
Webmin Webmin 0.93
Webmin Webmin 0.94
Webmin Webmin 0.950
Webmin Webmin 0.960
Webmin Webmin 0.77
Webmin Webmin 0.78
Webmin Webmin 0.79
Webmin Webmin 0.80
Webmin Webmin 0.42
Webmin Webmin 0.76
Webmin Webmin 0.85
Webmin Webmin 0.91
Webmin Webmin 0.980
1 EDB exploit
NA
CVE-2004-1939
Cross-site scripting (XSS) vulnerability in Zaep AntiSpam 2.0 allows remote malicious users to inject arbitrary web script or HTML via double encoded slashes (%252F) in the key parameter.
Rhinosoft Zaep Antispam 2.0
Rhinosoft Zaep Antispam 2.0 .0.1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »