Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
systemd vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2022-0543
It exists, that redis, a persistent key-value database, due to a packaging issue, is prone to a (Debian-specific) Lua sandbox escape, which could result in remote code execution.
Redis Redis -
1 Metasploit module
10 Github repositories
10
CVSSv2
CVE-2022-22704
The zabbix-agent2 package prior to 5.4.9-r1 for Alpine Linux sometimes allows privilege escalation to root because the design incorrectly expected that systemd would (in effect) determine part of the configuration.
Zabbix Zabbix-agent2
Zabbix Zabbix-agent2 5.4.9
10
CVSSv2
CVE-2019-14514
An issue exists in Microvirt MEmu all versions before 7.0.2. A guest Android operating system inside the MEmu emulator contains a /system/bin/systemd binary that is run with root privileges on startup (this is unrelated to Red Hat's systemd init program, and is a closed-sour...
Microvirt Memu
1 Github repository
10
CVSSv2
CVE-2017-1000082
systemd v233 and previous versions fails to safely parse usernames starting with a numeric digit (e.g. "0day"), running the service in question with root privileges rather than the user intended.
Systemd Project Systemd
2 Github repositories
9.3
CVSSv2
CVE-2017-0143
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote malicious users to execute arbitrary code v...
Microsoft Server Message Block 1.0
4 EDB exploits
1 Nmap script
39 Github repositories
5 Articles
7.5
CVSSv2
CVE-2021-40084
opensysusers up to and including 0.6 does not safely use eval on files in sysusers.d that may contain shell metacharacters. For example, it allows command execution via a crafted GECOS field whereas systemd-sysusers (a program with the same specification) does not do that.
Artixlinux Opensysusers
7.5
CVSSv2
CVE-2018-21029
systemd 239 through 245 accepts any certificate signed by a trusted certificate authority for DNS Over TLS. Server Name Indication (SNI) is not sent, and there is no hostname validation with the GnuTLS backend. NOTE: This has been disputed by the developer as not a vulnerability ...
Systemd Project Systemd
Fedoraproject Fedora 31
7.5
CVSSv2
CVE-2015-7510
Stack-based buffer overflow in the getpwnam and getgrnam functions of the NSS module nss-mymachines in systemd.
Systemd Project Systemd 223
7.5
CVSSv2
CVE-2013-4391
Integer overflow in the valid_user_field function in journal/journald-native.c in systemd allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a large journal data field, which triggers a heap-based buffer overflow.
Systemd Project Systemd
Debian Debian Linux 7.0
7.2
CVSSv2
CVE-2022-21944
A UNIX Symbolic Link (Symlink) Following vulnerability in the systemd service file for watchman of openSUSE Backports SLE-15-SP3, Factory allows local malicious users to escalate to root. This issue affects: openSUSE Backports SLE-15-SP3 watchman versions before 4.9.0. openSUSE F...
Opensuse Factory Watchman
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »