Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
patch vulnerabilities and exploits
(subscribe to this query)
516
VMScore
CVE-2010-4651
Directory traversal vulnerability in util.c in GNU patch 2.6.1 and previous versions allows user-assisted remote malicious users to create or overwrite arbitrary files via a filename that is specified with a .. (dot dot) or full pathname, a related issue to CVE-2010-1679.
Gnu Gnu Patch
Gnu Gnu Patch 2.6
Gnu Gnu Patch 2.5
Gnu Gnu Patch 2.5.9
Gnu Gnu Patch 2.5.4
725
VMScore
CVE-2007-0257
Unspecified vulnerability in the expand_stack function in grsecurity PaX allows local users to gain privileges via unspecified vectors. NOTE: the grsecurity developer has disputed this issue, stating that "the function they claim the vulnerability to be in is a trivial funct...
Grsecurity Grsecurity Kernel Patch 2.0.1
Grsecurity Grsecurity Kernel Patch 2.1.5
Grsecurity Grsecurity Kernel Patch 2.1.1
Grsecurity Grsecurity Kernel Patch 2.1.7
Grsecurity Grsecurity Kernel Patch 2.1.8
Grsecurity Grsecurity Kernel Patch 2.1.2
Grsecurity Grsecurity Kernel Patch 1.9.4
Grsecurity Grsecurity Kernel Patch 2.1.4
Grsecurity Grsecurity Kernel Patch 2.1.3
Grsecurity Grsecurity Kernel Patch 2.1.0
Grsecurity Grsecurity Kernel Patch 2.0.2
Grsecurity Grsecurity Kernel Patch 2.1.6
1 EDB exploit
641
VMScore
CVE-2006-0228
The RBAC functionality in grsecurity prior to 2.1.8 does not properly handle when the admin role creates a service and then exits the shell without unauthenticating, which causes the service to be restarted with the admin role still active.
Grsecurity Grsecurity Kernel Patch 2.1.1
Grsecurity Grsecurity Kernel Patch 2.1.2
Grsecurity Grsecurity Kernel Patch 2.0.1
Grsecurity Grsecurity Kernel Patch 2.0.2
Grsecurity Grsecurity Kernel Patch 2.1.0
Grsecurity Grsecurity Kernel Patch 2.1.7
Grsecurity Grsecurity Kernel Patch 2.1.3
Grsecurity Grsecurity Kernel Patch 2.1.4
Grsecurity Grsecurity Kernel Patch 2.1.5
Grsecurity Grsecurity Kernel Patch 2.1.6
668
VMScore
CVE-2004-1942
The Solaris 9 patches 113579-02 through 113579-05, and 114342-02 through 114342-05, prevent ypserv and ypxfrd from properly restricting access to secure NIS maps, which allows local users to use ypcat or ypmatch to extract the contents of a secure map such as passwd.adjunct.bynam...
Sun Patch Manager 113579-04
Sun Patch Manager 113579-05
Sun Patch Manager 113579-02
Sun Patch Manager 113579-03
Sun Patch Manager 114342-02
Sun Patch Manager 114342-03
Sun Patch Manager 114342-04
Sun Patch Manager 114342-05
409
VMScore
CVE-2008-1940
The RBAC functionality in grsecurity prior to 2.1.11-2.6.24.5 and 2.1.11-2.4.36.2 does not enforce user_transition_deny and user_transition_allow rules for the (1) sys_setfsuid and (2) sys_setfsgid calls, which allows local users to bypass restrictions for those calls.
Grsecurity Grsecurity Kernel Patch 2.6.24.4
Grsecurity Grsecurity Kernel Patch 2.4.33
Grsecurity Grsecurity Kernel Patch 2.4.33.2
Grsecurity Grsecurity Kernel Patch 2.4.33.3
Grsecurity Grsecurity Kernel Patch 2.4.33.4
Grsecurity Grsecurity Kernel Patch 2.4.34
Grsecurity Grsecurity Kernel Patch 2.6.18
445
VMScore
CVE-2020-8268
Prototype pollution vulnerability in json8-merge-patch npm package < 1.0.3 may allow malicious users to inject or modify methods and properties of the global object constructor.
Json8-merge-patch Project Json8-merge-patch
668
VMScore
CVE-2021-41833
Zoho ManageEngine Patch Connect Plus prior to 90099 is vulnerable to unauthenticated remote code execution.
Zohocorp Manageengine Patch Connect Plus
Zohocorp Manageengine Patch Connect Plus 9.0.0
828
VMScore
CVE-2018-20969
do_ed_script in pch.c in GNU patch up to and including 2.7.6 does not block strings beginning with a ! character. NOTE: this is the same commit as for CVE-2019-13638, but the ! syntax is specific to ed, and is unrelated to a shell metacharacter.
Gnu Patch
1 Github repository
383
VMScore
CVE-2019-20633
GNU patch up to and including 2.7.6 contains a free(p_line[p_end]) Double Free vulnerability in the function another_hunk in pch.c that can cause a denial of service via a crafted patch file. NOTE: this issue exists because of an incomplete fix for CVE-2018-6952.
Gnu Patch
1 Github repository
383
VMScore
CVE-2016-10713
An issue exists in GNU patch prior to 2.7.6. Out-of-bounds access within pch_write_line() in pch.c can possibly lead to DoS via a crafted input file.
Gnu Patch
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »