Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
unix unix vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2022-23992
XCOM Data Transport for Windows, Linux, and UNIX 11.6 releases contain a vulnerability due to insufficient input validation that could potentially allow remote malicious users to execute arbitrary commands with elevated privileges.
Broadcom Xcom Data Transport 11.6
10
CVSSv2
CVE-2020-5902
In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages.
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Advanced Web Application Firewall
F5 Big-ip Analytics
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Security Manager
F5 Big-ip Ddos Hybrid Defender
F5 Big-ip Domain Name System
F5 Big-ip Fraud Protection Service
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Local Traffic Manager
F5 Big-ip Policy Enforcement Manager
F5 Ssl Orchestrator
1 Metasploit module
90 Github repositories
6 Articles
10
CVSSv2
CVE-2019-18780
An arbitrary command injection vulnerability in the Cluster Server component of Veritas InfoScale allows an unauthenticated remote malicious user to execute arbitrary commands as root or administrator. These Veritas products are affected: Access 7.4.2 and previous versions, Acces...
Veritas Access
Veritas Access Appliance
Veritas Flex Appliance
Veritas Infoscale
Veritas Cluster Server
Veritas Storage Foundation Ha
10
CVSSv2
CVE-2019-15846
Exim prior to 4.92.2 allows remote malicious users to execute arbitrary code as root via a trailing backslash.
Exim Exim
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
5 Github repositories
2 Articles
10
CVSSv2
CVE-2019-7304
Canonical snapd before version 2.37.1 incorrectly performed socket owner validation, allowing an malicious user to run arbitrary commands as root. This issue affects: Canonical snapd versions before 2.37.1.
Canonical Snapd
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
2 EDB exploits
8 Github repositories
1 Article
10
CVSSv2
CVE-2017-7494
Samba since version 3.5.0 and prior to 4.6.4, 4.5.10 and 4.4.14 is vulnerable to remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it.
Samba Samba
Debian Debian Linux 8.0
2 EDB exploits
2 Nmap scripts
129 Github repositories
3 Articles
10
CVSSv2
CVE-2017-9232
Juju prior to 1.25.12, 2.0.x prior to 2.0.4, and 2.1.x prior to 2.1.3 uses a UNIX domain socket without setting appropriate permissions, allowing privilege escalation by users on the system to root.
Canonical Juju 2.1.0
Canonical Juju 2.0.0
Canonical Juju
Canonical Juju 2.1.1
Canonical Juju 2.0.2
Canonical Juju 2.0.1
Canonical Juju 2.1.2
Canonical Juju 2.0.3
1 EDB exploit
10
CVSSv2
CVE-2017-6553
Buffer Overflow in Quest One Identity Privilege Manager for Unix prior to 6.0.0.061 allows remote malicious users to obtain full access to the policy server via an ACT_ALERT_EVENT request that causes memory corruption in the pmmasterd daemon.
Quest Privilege Manager For Unix
1 EDB exploit
10
CVSSv2
CVE-2016-10307
Trango ApexLynx 2.0, ApexOrion 2.0, GigaLynx 2.0, GigaOrion 2.0, and StrataLink 3.0 devices have a built-in, hidden root account, with a default password for which the MD5 hash value is public (but the cleartext value is perhaps not yet public). This account is accessible via SSH...
Gotrango Apex Lynx Firmware 2.0
Gotrango Apex Orion Firmware 2.0
Gotrango Giga Lynx Firmware 2.0
Gotrango Giga Orion Firmware 2.0
Gotrango Stratalink Firmware
10
CVSSv2
CVE-2016-10306
Trango Altum AC600 devices have a built-in, hidden root account, with a default password of abcd1234. This account is accessible via SSH and/or TELNET, and grants access to the underlying embedded UNIX OS on the device, allowing full control over it.
Trango A600 Firmware -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »