Vulmon Recent Vulnerabilities Trends About Contact

privilege vulnerabilities and exploits

(subscribe to this query)

10
CVSSv2
CVE-2019-7304
Canonical snapd before version 2.37.1 incorrectly performed socket owner validation, allowing an attacker to run arbitrary commands as root. This issue affects: Canonical snapd versions prior to 2.37.1....
CanonicalSnapdUbuntu Linux
7.2
CVSSv2
CVE-2019-0211
In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent...
ApacheHttp ServerCanonicalUbuntu LinuxDebianDebian LinuxFedoraprojectFedoraOpensuseLeap
7.5
CVSSv2
CVE-2018-11792
In Apache Impala before 3.0.1, ALTER TABLE/VIEW RENAME required ALTER on the old table. This may pose a potential security risk, such as having ALTER on a table and ALL on a particular database allows a user to move the table to a database with ALL, which will automatically...
ApacheImpala
5
CVSSv2
CVE-2018-1125
procps-ng before version 3.3.15 is vulnerable to a stack buffer overflow in pgrep. This vulnerability is mitigated by FORTIFY, as it involves strncat() to a stack-allocated string. When pgrep is compiled with FORTIFY (as on Red Hat Enterprise Linux and Fedora), the impact is...
Procps-ng ProjectProcps-ngCanonicalUbuntu LinuxDebianDebian Linux
4.3
CVSSv2
CVE-2018-1121
procps-ng, procps is vulnerable to a process hiding through race condition. Since the kernel's proc_pid_readdir() returns PID entries in ascending numeric order, a process occupying a high PID can use inotify events to determine when the process list is being scanned, and...
Procps ProjectProcps
4.4
CVSSv2
CVE-2018-1122
procps-ng before version 3.3.15 is vulnerable to a local privilege escalation in top. If a user runs top with HOME unset in an attacker-controlled directory, the attacker could achieve privilege escalation by exploiting one of several vulnerabilities in the config_file()...
Procps-ng ProjectProcps-ngCanonicalUbuntu LinuxDebianDebian Linux
5
CVSSv2
CVE-2018-1123
procps-ng before version 3.3.15 is vulnerable to a denial of service in ps via mmap buffer overflow. Inbuilt protection in ps maps a guard page at the end of the overflowed buffer, ensuring that the impact of this flaw is limited to a crash (temporary denial of service)....
Procps-ng ProjectProcps-ngCanonicalUbuntu LinuxDebianDebian Linux
4.6
CVSSv2
CVE-2018-1124
procps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in file2strvec function. This allows a privilege escalation for a local attacker who can create entries in procfs by starting processes, which could result in crashes or...
CanonicalUbuntu LinuxDebianDebian LinuxRedhatEnterprise LinuxEnterprise Linux DesktopEnterprise Linux ServerEnterprise Linux Workstation
7.5
CVSSv2
CVE-2018-1126
procps-ng before version 3.3.15 is vulnerable to an incorrect integer size in proc/alloc.* leading to truncation/integer overflow issues. This flaw is related to CVE-2018-1124....
CanonicalUbuntu LinuxDebianDebian LinuxRedhatEnterprise LinuxEnterprise Linux DesktopEnterprise Linux ServerEnterprise Linux Server AusEnterprise Linux Server TusEnterprise Linux Workstation
4.4
CVSSv2
CVE-2020-4352
IBM MQ on HPE NonStop 8.0.4 and 8.1.0 is vulnerable to a privilege escalation attack when running in restricted mode. IBM X-Force ID: 178427....
IbmMq For Hpe Nonstop
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-15469CVE-2020-5902CVE-2020-14947cameraCVE-2020-2203NULL pointer dereferenceCVE-2020-6089logic flawprestashopCVE-2020-15523