Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
patch vulnerabilities and exploits
(subscribe to this query)
516
VMScore
CVE-2010-4651
Directory traversal vulnerability in util.c in GNU patch 2.6.1 and previous versions allows user-assisted remote malicious users to create or overwrite arbitrary files via a filename that is specified with a .. (dot dot) or full pathname, a related issue to CVE-2010-1679.
Gnu Gnu Patch
Gnu Gnu Patch 2.6
Gnu Gnu Patch 2.5
Gnu Gnu Patch 2.5.9
Gnu Gnu Patch 2.5.4
725
VMScore
CVE-2007-0257
Unspecified vulnerability in the expand_stack function in grsecurity PaX allows local users to gain privileges via unspecified vectors. NOTE: the grsecurity developer has disputed this issue, stating that "the function they claim the vulnerability to be in is a trivial funct...
Grsecurity Grsecurity Kernel Patch 2.0.1
Grsecurity Grsecurity Kernel Patch 2.1.5
Grsecurity Grsecurity Kernel Patch 2.1.1
Grsecurity Grsecurity Kernel Patch 2.1.7
Grsecurity Grsecurity Kernel Patch 2.1.8
Grsecurity Grsecurity Kernel Patch 2.1.2
Grsecurity Grsecurity Kernel Patch 1.9.4
Grsecurity Grsecurity Kernel Patch 2.1.4
Grsecurity Grsecurity Kernel Patch 2.1.3
Grsecurity Grsecurity Kernel Patch 2.1.0
Grsecurity Grsecurity Kernel Patch 2.0.2
Grsecurity Grsecurity Kernel Patch 2.1.6
1 EDB exploit
641
VMScore
CVE-2006-0228
The RBAC functionality in grsecurity prior to 2.1.8 does not properly handle when the admin role creates a service and then exits the shell without unauthenticating, which causes the service to be restarted with the admin role still active.
Grsecurity Grsecurity Kernel Patch 2.1.1
Grsecurity Grsecurity Kernel Patch 2.1.2
Grsecurity Grsecurity Kernel Patch 2.0.1
Grsecurity Grsecurity Kernel Patch 2.0.2
Grsecurity Grsecurity Kernel Patch 2.1.0
Grsecurity Grsecurity Kernel Patch 2.1.7
Grsecurity Grsecurity Kernel Patch 2.1.3
Grsecurity Grsecurity Kernel Patch 2.1.4
Grsecurity Grsecurity Kernel Patch 2.1.5
Grsecurity Grsecurity Kernel Patch 2.1.6
668
VMScore
CVE-2004-1942
The Solaris 9 patches 113579-02 through 113579-05, and 114342-02 through 114342-05, prevent ypserv and ypxfrd from properly restricting access to secure NIS maps, which allows local users to use ypcat or ypmatch to extract the contents of a secure map such as passwd.adjunct.bynam...
Sun Patch Manager 113579-04
Sun Patch Manager 113579-05
Sun Patch Manager 113579-02
Sun Patch Manager 113579-03
Sun Patch Manager 114342-02
Sun Patch Manager 114342-03
Sun Patch Manager 114342-04
Sun Patch Manager 114342-05
409
VMScore
CVE-2008-1940
The RBAC functionality in grsecurity prior to 2.1.11-2.6.24.5 and 2.1.11-2.4.36.2 does not enforce user_transition_deny and user_transition_allow rules for the (1) sys_setfsuid and (2) sys_setfsgid calls, which allows local users to bypass restrictions for those calls.
Grsecurity Grsecurity Kernel Patch 2.6.24.4
Grsecurity Grsecurity Kernel Patch 2.4.33
Grsecurity Grsecurity Kernel Patch 2.4.33.2
Grsecurity Grsecurity Kernel Patch 2.4.33.3
Grsecurity Grsecurity Kernel Patch 2.4.33.4
Grsecurity Grsecurity Kernel Patch 2.4.34
Grsecurity Grsecurity Kernel Patch 2.6.18
445
VMScore
CVE-2020-8268
Prototype pollution vulnerability in json8-merge-patch npm package < 1.0.3 may allow malicious users to inject or modify methods and properties of the global object constructor.
Json8-merge-patch Project Json8-merge-patch
668
VMScore
CVE-2021-41833
Zoho ManageEngine Patch Connect Plus prior to 90099 is vulnerable to unauthenticated remote code execution.
Zohocorp Manageengine Patch Connect Plus
Zohocorp Manageengine Patch Connect Plus 9.0.0
516
VMScore
CVE-2019-13636
In GNU patch up to and including 2.7.6, the following of symlinks is mishandled in certain cases other than input files. This affects inp.c and util.c.
Gnu Patch
1 Github repository
828
VMScore
CVE-2018-20969
do_ed_script in pch.c in GNU patch up to and including 2.7.6 does not block strings beginning with a ! character. NOTE: this is the same commit as for CVE-2019-13638, but the ! syntax is specific to ed, and is unrelated to a shell metacharacter.
Gnu Patch
1 Github repository
383
VMScore
CVE-2016-10713
An issue exists in GNU patch prior to 2.7.6. Out-of-bounds access within pch_write_line() in pch.c can possibly lead to DoS via a crafted input file.
Gnu Patch
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-34377
CVE-2024-20859
CVE-2023-49606
inject
arbitrary
CVE-2024-33788
CVE-2024-30973
IDOR
CVE-2024-33907
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »