Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
shadow project shadow vulnerabilities and exploits
(subscribe to this query)
890
VMScore
CVE-2012-5390
The standard universe shadow (condor_shadow.std) component in Condor 7.7.3 up to and including 7.7.6, 7.8.0 prior to 7.8.5, and 7.9.0 does no properly check privileges, which allows remote malicious users to gain privileges via a crafted standard universe job.
Condor Project Condor 7.9.0
Condor Project Condor 7.8.0
Condor Project Condor 7.8.2
Condor Project Condor 7.8.4
Condor Project Condor 7.8.1
Condor Project Condor 7.8.3
Condor Project Condor 7.7.3
Condor Project Condor 7.7.4
Condor Project Condor 7.7.5
Condor Project Condor 7.7.6
668
VMScore
CVE-2017-12424
In shadow prior to 4.5, the newusers tool could be made to manipulate internal data structures in ways unintended by the authors. Malformed input may lead to crashes (with a buffer overflow or other memory corruption) or other unspecified behaviors. This crosses a privilege bound...
Shadow Project Shadow
Debian Debian Linux 9.0
668
VMScore
CVE-2005-4534
The shadow database feature (syncshadowdb) in Bugzilla 2.9 up to and including 2.16.10 allows local users to overwrite arbitrary files via a symlink attack on temporary files.
Mozilla Bugzilla 2.12
Mozilla Bugzilla 2.14
Mozilla Bugzilla 2.16.1
Mozilla Bugzilla 2.16.10
Mozilla Bugzilla 2.16.8
Mozilla Bugzilla 2.16.9
Mozilla Bugzilla 2.14.3
Mozilla Bugzilla 2.14.4
Mozilla Bugzilla 2.16.4
Mozilla Bugzilla 2.16.5
Mozilla Bugzilla 2.14.1
Mozilla Bugzilla 2.14.2
Mozilla Bugzilla 2.16.2
Mozilla Bugzilla 2.16.3
Mozilla Bugzilla 2.9
Mozilla Bugzilla 2.10
Mozilla Bugzilla 2.14.5
Mozilla Bugzilla 2.16
Mozilla Bugzilla 2.16.6
Mozilla Bugzilla 2.16.7
642
VMScore
CVE-2005-4890
There is a possible tty hijacking in shadow 4.x prior to 4.1.5 and sudo 1.x prior to 1.7.4 via "su - user -c program". The user session can be escaped to the parent session by using the TIOCSTI ioctl to push characters into the input buffer to be read by the next proces...
Debian Shadow
Sudo Project Sudo
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Redhat Enterprise Linux 5
Redhat Enterprise Linux 4
Redhat Enterprise Linux 6.0
2 Github repositories
642
VMScore
CVE-2014-0160
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 prior to 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote malicious users to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrat...
Openssl Openssl
Filezilla-project Filezilla Server
Siemens Application Processing Engine Firmware 2.0
Siemens Cp 1543-1 Firmware 1.1
Siemens Simatic S7-1500 Firmware 1.5
Siemens Simatic S7-1500t Firmware 1.5
Siemens Elan-8.2
Siemens Wincc Open Architecture 3.12
Intellian V100 Firmware 1.20
Intellian V100 Firmware 1.21
Intellian V100 Firmware 1.24
Intellian V60 Firmware 1.15
Intellian V60 Firmware 1.25
Mitel Micollab 6.0
Mitel Micollab 7.0
Mitel Micollab 7.1
Mitel Micollab 7.2
Mitel Micollab 7.3.0.104
Mitel Micollab 7.3
Mitel Mivoice 1.1.3.3
Mitel Mivoice 1.2.0.11
Mitel Mivoice 1.3.2.2
4 EDB exploits
2 Nmap scripts
308 Github repositories
4 Articles
641
VMScore
CVE-2016-3960
Integer overflow in the x86 shadow pagetable code in Xen allows local guest OS users to cause a denial of service (host crash) or possibly gain privileges by shadowing a superpage mapping.
Xen Xen -
Fedoraproject Fedora 24
Fedoraproject Fedora 23
Fedoraproject Fedora 22
Oracle Vm Server 3.4
Oracle Vm Server 3.3
Oracle Vm Server 3.2
615
VMScore
CVE-2019-19882
shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing -...
Shadow Project Shadow 4.8
447
VMScore
CVE-2018-7169
An issue exists in shadow 4.5. newgidmap (in shadow-utils) is setuid and allows an unprivileged user to be placed in a user namespace where setgroups(2) is permitted. This allows an malicious user to remove themselves from a supplementary group, which may allow access to certain ...
Shadow Project Shadow 4.5
445
VMScore
CVE-2021-45043
HD-Network Real-time Monitoring System 2.0 allows ../ directory traversal to read /etc/shadow via the /language/lang s_Language parameter.
Hd-network Real-time Monitoring System Project Hd-network Real-time Monitoring System 2.0
1 Github repository
409
VMScore
CVE-2016-6252
Integer overflow in shadow 4.2.1 allows local users to gain privileges via crafted input to newuidmap.
Shadow Project Shadow 4.2.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »