Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
selinux vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2020-10731
A flaw was found in the nova_libvirt container provided by the Red Hat OpenStack Platform 16, where it does not have SELinux enabled. This flaw causes sVirt, an important isolation mechanism, to be disabled for all running virtual machines.
Redhat Openstack Platform 15.0
Redhat Openstack Platform 16.0
Redhat Openstack Platform 16.1
1 Article
2.1
CVSSv2
CVE-2020-27056
In SELinux policies of mls, there is a missing permission check. This could lead to local information disclosure of package metadata with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-1...
Google Android 11.0
7.5
CVSSv2
CVE-2022-23132
During Zabbix installation from RPM, DAC_OVERRIDE SELinux capability is in use to access PID files in [/var/run/zabbix] folder. In this case, Zabbix Proxy or Server processes can bypass file read, write and execute permissions check on the file system level
Zabbix Zabbix 6.0.0
Zabbix Zabbix
Fedoraproject Fedora 34
Fedoraproject Fedora 35
6.5
CVSSv2
CVE-2012-3462
A flaw was found in SSSD version 1.9.0. The SSSD's access-provider logic causes the result of the HBAC rule processing to be ignored in the event that the access-provider is also handling the setup of the user's SELinux user context.
Fedoraproject Sssd 1.9.0
4.4
CVSSv2
CVE-2009-1184
The selinux_ip_postroute_iptables_compat function in security/selinux/hooks.c in the SELinux subsystem in the Linux kernel prior to 2.6.27.22, and 2.6.28.x prior to 2.6.28.10, when compat_net is enabled, omits calls to avc_has_perm for the (1) node and (2) port, which allows loca...
Linux Linux Kernel 2.6.27.12
Linux Linux Kernel 2.6.20.6
Linux Linux Kernel 2.6.25.4
Linux Linux Kernel 2.6.25.11
Linux Linux Kernel 2.6.28
Linux Linux Kernel 2.6.20.9
Linux Linux Kernel 2.6.26
Linux Linux Kernel 2.6.18
Linux Linux Kernel 2.6.11
Linux Linux Kernel 2.6.25.9
Linux Linux Kernel 2.6.23.4
Linux Linux Kernel 2.6.22.15
Linux Linux Kernel 2.6.16.16
Linux Linux Kernel 2.6.18.7
Linux Linux Kernel 2.6.17.12
Linux Linux Kernel 2.6.16.39
Linux Linux Kernel 2.6.27.3
Linux Linux Kernel 2.6.21
Linux Linux Kernel 2.6.16.9
Linux Linux Kernel 2.6.17.9
Linux Linux Kernel 2.6.11.2
Linux Linux Kernel 2.6.27.1
4.6
CVSSv2
CVE-2018-9488
In the SELinux permissions of crash_dump.te, there is a permissions bypass due to a missing restriction. This could lead to a local escalation of privilege, with System privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.0 Andr...
Google Android 8.1
Google Android 9.0
Google Android 8.0
1 EDB exploit
2.1
CVSSv2
CVE-2022-31622
MariaDB Server prior to 10.7 is vulnerable to Denial of Service. In extra/mariabackup/ds_compress.cc, when an error occurs (pthread_create returns a nonzero value) while executing the method create_worker_threads, the held lock is not released correctly, which allows local users ...
Mariadb Mariadb
2.1
CVSSv2
CVE-2022-31623
MariaDB Server prior to 10.7 is vulnerable to Denial of Service. In extra/mariabackup/ds_compress.cc, when an error occurs (i.e., going to the err label) while executing the method create_worker_threads, the held lock thd->ctrl_mutex is not released correctly, which allows loc...
Mariadb Mariadb
NA
CVE-2024-35904
In the Linux kernel, the following vulnerability has been resolved: selinux: avoid dereference of garbage after mount failure In case kern_mount() fails and returns an error pointer return in the error branch instead of continuing and dereferencing the error pointer. While on it ...
NA
CVE-2022-20340
In SELinux policy, there is a possible way of inferring which websites are being opened in the browser due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitatio...
Google Android 13.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »