Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
Systemd ProjectSystemd

17 matches found

CVE
CVEadded 2021/07/20 7:15 p.m.441 views

CVE-2021-33910

basic/unit-name.c in systemd prior to 246.15, 247.8, 248.5, and 249.1 has a Memory Allocation with an Excessive Size Value (involving strdupa and alloca for a pathname controlled by a local attacker) that results in an operating system crash.

5.5CVSS5.8AI score0.00094EPSS
CVE
CVEadded 2020/01/21 6:15 a.m.407 views

CVE-2019-20386

An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the udevadm trigger command, a memory leak may occur.

5.1CVSS5.1AI score0.00082EPSS
CVE
CVEadded 2019/03/21 4:1 p.m.404 views

CVE-2019-6454

An issue was discovered in sd-bus in systemd 239. bus_process_object() in libsystemd/sd-bus/bus-objects.c allocates a variable-length stack buffer for temporarily storing the object path of incoming D-Bus messages. An unprivileged local user can exploit this by sending a specially crafted message t...

5.5CVSS5.5AI score0.00154EPSS
CVE
CVEadded 2022/08/23 8:15 p.m.375 views

CVE-2021-3997

A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial of service at boot time when too many nested directories are created in /tmp.

5.5CVSS5.4AI score0.00038EPSS
CVE
CVEadded 2023/01/11 3:15 p.m.315 views

CVE-2022-4415

A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.

5.5CVSS5.4AI score0.00023EPSS
CVE
CVEadded 2018/02/16 9:29 p.m.251 views

CVE-2018-1049

In systemd prior to 234 a race condition exists between .mount and .automount units such that automount requests from kernel may not be serviced by systemd resulting in kernel holding the mountpoint and any processes that try to use said mount will hang. A race condition like this may lead to denia...

5.9CVSS5.5AI score0.00764EPSS
CVE
CVEadded 2023/12/23 1:15 p.m.240 views

CVE-2023-7008

A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles (or the upstream DNS resolver) to manipulate records.

5.9CVSS6.1AI score0.00304EPSS
CVE
CVEadded 2023/06/13 5:15 p.m.177 views

CVE-2023-31437

An issue was discovered in systemd 253. An attacker can modify a sealed log file such that, in some views, not all existing and sealed log messages are displayed. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."

5.3CVSS5.3AI score0.00128EPSS
CVE
CVEadded 2022/11/08 10:15 p.m.172 views

CVE-2022-3821

An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.

5.5CVSS5.8AI score0.00016EPSS
CVE
CVEadded 2023/06/13 5:15 p.m.149 views

CVE-2023-31439

An issue was discovered in systemd 253. An attacker can modify the contents of past events in a sealed log file and then adjust the file such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security v...

5.3CVSS5.2AI score0.00094EPSS
CVE
CVEadded 2022/11/23 11:15 p.m.94 views

CVE-2022-45873

systemd 250 and 251 allows local users to achieve a systemd-coredump deadlock by triggering a crash that has a long backtrace. This occurs in parse_elf_object in shared/elf-util.c. The exploitation methodology is to crash a binary calling the same function recursively, and put it in a deeply nested...

5.5CVSS5AI score0.0003EPSS
CVE
CVEadded 2013/10/28 10:55 p.m.90 views

CVE-2013-4392

systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.

5CVSS6.6AI score0.00067EPSS
CVE
CVEadded 2016/10/13 2:59 p.m.72 views

CVE-2016-7796

The manager_dispatch_notify_fd function in systemd allows local users to cause a denial of service (system hang) via a zero-length message received over a notify socket, which causes an error to be returned and the notification handler to be disabled.

5.5CVSS5.2AI score0.00385EPSS
CVE
CVEadded 2016/10/13 2:59 p.m.65 views

CVE-2016-7795

The manager_invoke_notify_message function in systemd 231 and earlier allows local users to cause a denial of service (assertion failure and PID 1 hang) via a zero-length message received over a notify socket.

5.5CVSS5.2AI score0.0016EPSS
CVE
CVEadded 2013/10/28 10:55 p.m.54 views

CVE-2013-4394

The SetX11Keyboard function in systemd, when PolicyKit Local Authority (PKLA) is used to change the group permissions on the X Keyboard Extension (XKB) layouts description, allows local users in the group to modify the Xorg X11 Server configuration file and possibly gain privileges via vectors invo...

5.9CVSS6.3AI score0.00109EPSS
CVE
CVEadded 2020/03/11 3:15 p.m.48 views

CVE-2012-1101

systemd 37-1 does not properly handle non-existent services, which causes a denial of service (failure of login procedure).

5.5CVSS5.5AI score0.00153EPSS
CVE
CVEadded 2023/06/13 5:15 p.m.37 views

CVE-2023-31438

An issue was discovered in systemd 253. An attacker can truncate a sealed log file and then resume log sealing such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."

5.3CVSS5.3AI score0.001EPSS