Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openvz vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-6927
vzctl prior to 4.9.4 determines the virtual environment (VE) layout based on the presence of root.hdd/DiskDescriptor.xml in the VE private directory, which allows local simfs container (CT) root users to change the root password for arbitrary ploop containers, as demonstrated by ...
Openvz Vzctl
6.5
CVSSv3
CVE-2014-3519
The open_by_handle_at function in vzkernel prior to 042stab090.5 in the OpenVZ modification for the Linux kernel 2.6.32, when using simfs, might allow local container users with CAP_DAC_READ_SEARCH capability to bypass an intended container protection mechanism and access arbitra...
Openvz Vzkernel 2.6.32
1 Github repository
NA
CVE-2013-2239
vzkernel prior to 042stab080.2 in the OpenVZ modification for the Linux kernel 2.6.32 does not initialize certain length variables, which allows local users to obtain sensitive information from kernel stack memory via (1) a crafted ploop driver ioctl call, related to the ploop_ge...
Openvz Vzkernel 2.6.32
NA
CVE-2013-6838
An unspecified Enghouse Interactive Professional Services "addon product" in Enghouse Interactive IVR Pro (VIP2000) 9.0.3 (rel903), when using OpenVZ and fallback customization, uses the same SSH private key across different customers' installations, which allows r...
Enghouseinteractive Ivr Pro 9.0.3
NA
CVE-2006-0038
Integer overflow in the do_replace function in netfilter for Linux prior to 2.6.16-rc3, when using "virtualization solutions" such as OpenVZ, allows local users with CAP_NET_ADMIN rights to cause a buffer overflow in the copy_from_user function.
Linux Linux Kernel 2.6.11
Linux Linux Kernel 2.6.12
Linux Linux Kernel 2.6.14
Linux Linux Kernel 2.6.5
Linux Linux Kernel 2.6.15.3
Linux Linux Kernel 2.6.1
Linux Linux Kernel 2.6.16
Linux Linux Kernel 2.6.13
Linux Linux Kernel 2.6.13.3
Linux Linux Kernel 2.6.11.8
Linux Linux Kernel 2.6.14.4
Linux Linux Kernel 2.6.10
Linux Linux Kernel 2.6.14.3
Linux Linux Kernel 2.6.11.6
Linux Linux Kernel 2.6.11.11
Linux Linux Kernel 2.6.0
Linux Linux Kernel 2.6.3
Linux Linux Kernel 2.6.4
Linux Linux Kernel 2.6 Test9 Cvs
Linux Linux Kernel 2.6.15.1
Linux Linux Kernel 2.6.11.5
Linux Linux Kernel 2.6.7
NA
CVE-2006-1859
Memory leak in __setlease in fs/locks.c in Linux kernel prior to 2.6.16.16 allows malicious users to cause a denial of service (memory consumption) via unspecified actions related to an "uninitialised return value," aka "slab leak."
Linux Linux Kernel 2.6.16.15
NA
CVE-2006-1860
lease_init in fs/locks.c in Linux kernel prior to 2.6.16.16 allows malicious users to cause a denial of service (fcntl_setlease lockup) via actions that cause lease_init to free a lock that might not have been allocated on the stack.
Linux Linux Kernel 2.6.16.15
NA
CVE-2006-2071
Linux kernel 2.4.x and 2.6.x up to 2.6.16 allows local users to bypass IPC permissions and modify a readonly attachment of shared memory by using mprotect to give write permission to the attachment. NOTE: some original raw sources combined this issue with CVE-2006-1524, but they ...
Linux Linux Kernel 2.6.11
Linux Linux Kernel 2.4.18
Linux Linux Kernel 2.4.15
Linux Linux Kernel 2.4.30
Linux Linux Kernel 2.6.12
Linux Linux Kernel 2.6.14
Linux Linux Kernel 2.4.0
Linux Linux Kernel 2.6.5
Linux Linux Kernel 2.6.15.3
Linux Linux Kernel 2.4.11
Linux Linux Kernel 2.6.1
Linux Linux Kernel 2.4.32
Linux Linux Kernel 2.4.33
Linux Linux Kernel 2.4.27
Linux Linux Kernel 2.6.13
Linux Linux Kernel 2.6.13.3
Linux Linux Kernel 2.6.11.8
Linux Linux Kernel 2.4.26
Linux Linux Kernel 2.6.14.4
Linux Linux Kernel 2.4.19
Linux Linux Kernel 2.4.21
Linux Linux Kernel 2.6.10
NA
CVE-2006-1527
The SCTP-netfilter code in Linux kernel prior to 2.6.16.13 allows remote malicious users to trigger a denial of service (infinite loop) via unknown vectors that cause an invalid SCTP chunk size to be processed by the for_each_sctp_chunk function.
Linux Linux Kernel 2.6.16.12
7.5
CVSSv3
CVE-2006-2275
Linux SCTP (lksctp) prior to 2.6.17 allows remote malicious users to cause a denial of service (deadlock) via a large number of small messages to a receiver application that cannot process the messages quickly enough, which leads to "spillover of the receive buffer."
Lksctp Stream Control Transmission Protocol
Canonical Ubuntu Linux 5.04
Canonical Ubuntu Linux 5.10
Canonical Ubuntu Linux 6.06
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »