CVE history

Thats the list of vulnerabilities that I discovered the past 25+ years. It only contains issues that were allowed to be published. Some of the discoveries even predate the now de-facto standard of assigning CVEs and are therefore only referenced by advisory IDs. For some issues I did not even bother to ask MITRE for CVE assignment, as I did the discovery just for fun and CVE assignment was not a requirement in any company process.

(Selected issues) contain clickable URLs for reference.

• SuSE-SA:2001:022 (xinetd)

• SuSE-SA:2001:033 lpd

• SuSE-SA:2002:030 ipppd LPE

• SuSE-SA:2002:034 Heimdal Kerberos

• SuSE-SA:2002:041 Mailtools

• SuSE-SA:2002:047 openldap

• CVE-2000-0703 (suidperl LPE)

• CVE-2000-1095 (modprobe LPE)

• CVE-2001-0559 SuSE-SA:2001:17 crontab LPE

• CVE-2002-0043 (SuSE-SA:2002:002 sudo LPE)

• CVE-2002-0048 (SuSE-SA:2002:004 rsync RCE)

• CVE-2002-1364 SuSE-SA:2002:043 traceroute LPE

• CVE-2002-0824 (pppd LPE)

• CVE-2008-2936 postfix LPE

• CVE-2008-5517 gitweb RCE

• CVE-2009-1185 udev LPE

• CVE-2009-1186 udev crash

• CVE-2010-NONE (android jailbreak Exploid)

• CVE-2010-0746 DevKit

• CVE-2010-1937 sblim-sfcb

• CVE-2010-2054 sblim-sfcb

• CVE-2010-0436 kdm

• CVE-2010-3435 pam_env

• CVE-2010-4661 udisks

• CVE-2011-0727 gdm

• CVE-2011-0996 ISC dhcp

• CVE-2011-2709 gssapi getenv()

• CVE-2011-0997 (dhcp RCE)

• CVE-2011-0465 (xorg-x11 RCE)

• CVE-2011-NONE (android jailbreak RageAgainstTheCage)

• CVE-2011-NONE (android jailbreak Zimperlich)

• CVE-2011-1149 (android jailbreak KillingInTheNameOf)

• CVE-2011-1823 (android jailbreak GingerBreak)

• CVE-2011-1946 libgnomesu

• CVE-2011-4122 openpam

• CVE-2011-2697 cups foomatic perl script

• CVE-2011-2964 cups foomatic C binary

• CVE-2012-0871 systemd

• CVE-2012-2095 wicd

• CVE-2012-2320 connman netlink

• CVE-2012-2321 connman hostname

• CVE-2012-2322 connman dhcpv6 DoS

• CVE-2012-2669 hyper-v daemon

• CVE-2012-3409 ecryptfs mount.ecryptfs_private

• CVE-2012-4406 openstack pickle deserialization

• CVE-2012-3524 libdbus autolaunch LPE

• CVE-2012-4425 spice-gtk/libgio

• CVE-2013-0292 dbus-glib pam_fprintd LPE

• CVE-2013-1858 (kernel CLONE_NEWUSER|CLONE_FS LPE)

• CVE-2013-4288 polkit

• CVE-2013-4311 libvirt polkit usage

• CVE-2013-4324 spice-gtk: use of insecure polkit libgobject-1 API

• CVE-2013-4325 hplip: use of insecure polkit DBUS API

• CVE-2013-4326 rtkit: use of insecure polkit DBUS API

• CVE-2013-4327 systemd: use of insecure polkit DBUS API

• CVE-2013-4400 libvirtd: virt-login-shell

• CVE-2014-1236 graphviz stack overflow in chkNum()

• CVE-2014-2583 pam_timestamp

• CVE-2014-2707 (cups-browsed RCE)

• CVE-2014-2830 cifskey sprintf()

• CVE-2014-5033 KAuth polkit LPE

• CVE-2014-6270 squid snmp

• CVE-2014-7141 squid icmp

• CVE-2014-7142 squid icmp

• CVE-2014-3675 shim

• CVE-2014-3676 shim RCE

• CVE-2014-3677 shim

• CVE-2014-9114 blkid

• CVE-2014-9297 (ntp)

• CVE-2014-9750 (ntp)

• CVE-2014-9751 (ntp)

• CVE-2015-1815 (setroubleshootd LPE)

• CVE-2015-2704 realmd \r

• CVE-2015-8612 (blueman LPE)

• CVE-2016-1866 salt minion RCE

• CVE-2016-4989 setroubleshootd#2 LPE

• CVE-2016-6251 shadow getlogin

• CVE-2016-6252 shadow int wrap

• CVE-2016-8659 bubblewrap PR_SET_DUMPABLE LPE

• CVE-2017-5180 firejail symlink LPE

• CVE-2017-5940 firejail incomplete symlink fix LPE

• CVE-2016-10156 (systemd LPE)

• CVE-2017-7572 backintime

• CVE-2017-8422 (KDE KAuth LPE)

• CVE-2017-8849 (KDE smb4k LPE)

• CVE-2021-29133 haserl

• CVE-2021-NONE BananaPi ffmpeg bugdoor LPE

• CVE-2021-NONE (Armbian 80-update-htop-and-offload-tx LPE)

• CVE-2021-NONE Tinkerboard gpio LPE

• CVE-2023-NONE (Manjaro Linux pamac LPE)

• CVE-2024-NONE (MX Linux udevil LPE)