Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
r 3 enterprise vulnerabilities and exploits
(subscribe to this query)
NA
CVE_2022_40684
Official Writeup - Simple CTF 2.0 Created: April 23, 2024 7:50 PM Today I completed an other room on TryHackMe with a simple file-upload vulnerability which I built. I have tried for dancing around this whole CTF machine and getting a lot of walls of challenges in the end it co...
1 Github repository
9.8
CVSSv3
CVE-2023-24540
Not all valid JavaScript whitespace characters are considered to be whitespace. Templates containing whitespace characters outside of the character set "\t\n\f\r\u0020\u2028\u2029" in JavaScript contexts that also contain actions may not be properly sanitized during exe...
Golang Go
3 Github repositories
5.5
CVSSv3
CVE-2022-1263
A NULL pointer dereference issue was found in KVM when releasing a vCPU with dirty ring support enabled. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of service.
Linux Linux Kernel 5.18
Linux Linux Kernel
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
5.5
CVSSv3
CVE-2022-2153
A flaw was found in the Linux kernel’s KVM when attempting to set a SynIC IRQ. This issue makes it possible for a misbehaving VMM to write to SYNIC/STIMER MSRs, causing a NULL pointer dereference. This flaw allows an unprivileged local attacker on the host to issue specific...
Linux Linux Kernel
Fedoraproject Fedora 36
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Debian Debian Linux 10.0
5.5
CVSSv3
CVE-2022-1016
A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_chain, which can cause a use-after-free. This issue needs to handle 'return' with proper preconditions, as it can lead to a kernel information leak problem caused by a local, unprivileged atta...
Linux Linux Kernel
Linux Linux Kernel 3.13
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
2 Github repositories
7.8
CVSSv3
CVE-2022-1158
A flaw was found in KVM. When updating a guest's page table entry, vm_pgoff was improperly used as the offset to get the page's pfn. As vaddr and vm_pgoff are controllable by user-mode processes, this flaw allows unprivileged local users on the host to write outside the...
Linux Linux Kernel
Fedoraproject Fedora 36
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
7.8
CVSSv3
CVE-2022-30594
The Linux kernel prior to 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows malicious users to bypass intended restrictions on setting the PT_SUSPEND_SECCOMP flag.
Linux Linux Kernel
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Netapp Solidfire \\& Hci Management Node -
Netapp Hci Compute Node -
Netapp Solidfire\\, Enterprise Sds \\& Hci Storage Node -
Netapp 8300 Firmware -
Netapp 8700 Firmware -
Netapp A400 Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
7.1
CVSSv3
CVE-2022-1353
A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a leak of internal kernel information.
Linux Linux Kernel
Linux Linux Kernel 5.17
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Redhat Enterprise Linux 8.0
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410c Firmware -
7.8
CVSSv3
CVE-2022-28893
The SUNRPC subsystem in the Linux kernel up to and including 5.17.2 can call xs_xprt_free before ensuring that sockets are in the intended state.
Linux Linux Kernel
Netapp Solidfire \\& Hci Management Node -
Netapp Solidfire\\, Enterprise Sds \\& Hci Storage Node -
Netapp Hci Compute Node Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
Debian Debian Linux 11.0
5.9
CVSSv3
CVE-2021-23336
The package python/cpython from 0 and prior to 3.6.13, from 3.7.0 and prior to 3.7.10, from 3.8.0 and prior to 3.8.8, from 3.9.0 and prior to 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a vector called parameter cloaki...
Python Python
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Debian Debian Linux 9.0
Netapp Cloud Backup -
Netapp Snapcenter -
Netapp Ontap Select Deploy Administration Utility -
Netapp Inventory Collect Tool -
Djangoproject Django
Oracle Zfs Storage Appliance 8.8
Oracle Enterprise Manager Ops Center 12.4.0.0
Oracle Communications Offline Mediation Controller 12.0.0.3.0
Oracle Communications Pricing Design Center 12.0.0.3.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »