Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
patch vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-4651
Directory traversal vulnerability in util.c in GNU patch 2.6.1 and previous versions allows user-assisted remote malicious users to create or overwrite arbitrary files via a filename that is specified with a .. (dot dot) or full pathname, a related issue to CVE-2010-1679.
Gnu Gnu Patch
Gnu Gnu Patch 2.6
Gnu Gnu Patch 2.5
Gnu Gnu Patch 2.5.9
Gnu Gnu Patch 2.5.4
NA
CVE-2007-0257
Unspecified vulnerability in the expand_stack function in grsecurity PaX allows local users to gain privileges via unspecified vectors. NOTE: the grsecurity developer has disputed this issue, stating that "the function they claim the vulnerability to be in is a trivial funct...
Grsecurity Grsecurity Kernel Patch 2.0.1
Grsecurity Grsecurity Kernel Patch 2.1.5
Grsecurity Grsecurity Kernel Patch 2.1.1
Grsecurity Grsecurity Kernel Patch 2.1.7
Grsecurity Grsecurity Kernel Patch 2.1.8
Grsecurity Grsecurity Kernel Patch 2.1.2
Grsecurity Grsecurity Kernel Patch 1.9.4
Grsecurity Grsecurity Kernel Patch 2.1.4
Grsecurity Grsecurity Kernel Patch 2.1.3
Grsecurity Grsecurity Kernel Patch 2.1.0
Grsecurity Grsecurity Kernel Patch 2.0.2
Grsecurity Grsecurity Kernel Patch 2.1.6
1 EDB exploit
NA
CVE-2006-0228
The RBAC functionality in grsecurity prior to 2.1.8 does not properly handle when the admin role creates a service and then exits the shell without unauthenticating, which causes the service to be restarted with the admin role still active.
Grsecurity Grsecurity Kernel Patch 2.1.1
Grsecurity Grsecurity Kernel Patch 2.1.2
Grsecurity Grsecurity Kernel Patch 2.0.1
Grsecurity Grsecurity Kernel Patch 2.0.2
Grsecurity Grsecurity Kernel Patch 2.1.0
Grsecurity Grsecurity Kernel Patch 2.1.7
Grsecurity Grsecurity Kernel Patch 2.1.3
Grsecurity Grsecurity Kernel Patch 2.1.4
Grsecurity Grsecurity Kernel Patch 2.1.5
Grsecurity Grsecurity Kernel Patch 2.1.6
NA
CVE-2004-1942
The Solaris 9 patches 113579-02 through 113579-05, and 114342-02 through 114342-05, prevent ypserv and ypxfrd from properly restricting access to secure NIS maps, which allows local users to use ypcat or ypmatch to extract the contents of a secure map such as passwd.adjunct.bynam...
Sun Patch Manager 113579-04
Sun Patch Manager 113579-05
Sun Patch Manager 113579-02
Sun Patch Manager 113579-03
Sun Patch Manager 114342-02
Sun Patch Manager 114342-03
Sun Patch Manager 114342-04
Sun Patch Manager 114342-05
NA
CVE-2008-1940
The RBAC functionality in grsecurity prior to 2.1.11-2.6.24.5 and 2.1.11-2.4.36.2 does not enforce user_transition_deny and user_transition_allow rules for the (1) sys_setfsuid and (2) sys_setfsgid calls, which allows local users to bypass restrictions for those calls.
Grsecurity Grsecurity Kernel Patch 2.6.24.4
Grsecurity Grsecurity Kernel Patch 2.4.33
Grsecurity Grsecurity Kernel Patch 2.4.33.2
Grsecurity Grsecurity Kernel Patch 2.4.33.3
Grsecurity Grsecurity Kernel Patch 2.4.33.4
Grsecurity Grsecurity Kernel Patch 2.4.34
Grsecurity Grsecurity Kernel Patch 2.6.18
7.5
CVSSv3
CVE-2020-8268
Prototype pollution vulnerability in json8-merge-patch npm package < 1.0.3 may allow malicious users to inject or modify methods and properties of the global object constructor.
Json8-merge-patch Project Json8-merge-patch
9.8
CVSSv3
CVE-2021-41833
Zoho ManageEngine Patch Connect Plus prior to 90099 is vulnerable to unauthenticated remote code execution.
Zohocorp Manageengine Patch Connect Plus
Zohocorp Manageengine Patch Connect Plus 9.0.0
5.5
CVSSv3
CVE-2019-20633
GNU patch up to and including 2.7.6 contains a free(p_line[p_end]) Double Free vulnerability in the function another_hunk in pch.c that can cause a denial of service via a crafted patch file. NOTE: this issue exists because of an incomplete fix for CVE-2018-6952.
Gnu Patch
1 Github repository
7.5
CVSSv3
CVE-2018-6952
A double free exists in the another_hunk function in pch.c in GNU patch up to and including 2.7.6.
Gnu Patch
1 Github repository
5.5
CVSSv3
CVE-2016-10713
An issue exists in GNU patch prior to 2.7.6. Out-of-bounds access within pch_write_line() in pch.c can possibly lead to DoS via a crafted input file.
Gnu Patch
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »