This repo records all the vulnerabilities of linux software I have reproduced in my local workspace.
If the vulnerability has both CVE-ID and EDB-ID, CVE-ID is preferred as its directory name. All the vulnerable source code packages are stored in source-packages
| Image Name | username | password |
|---|---|---|
| Ubuntu 8.10 | exploit | exploit |
| Ubuntu 10.04LTS | exploit | exploit |
| CentOS 6.5 | core | core |
| CentOS 5.5 | core | core |
| Ubuntu 11.04 | dzm77 | dzm77 |
| Ubuntu 12.04 | ubuntu | ubuntu |
| Fedora | fedora | fedora |
| OpenSUSE | core | core |
| Ubuntu 14.04_core | core | core |
| Kali | root | kali |
For details of vulnerabilities(in which virtual machine, what is the reproduction workspace, etc.), please refer to virtualmachine.csv
If you encounter problems with keyword "Failed to lock files", you could try to delete any .lck or .lock files or folders in the directory of the problematic VM.
- CVE-2001-0144
- CVE-2001-0550
- CVE-2002-0656
- CVE-2002-1496
- CVE-2002-1896
- CVE-2003-0577 (Fail to reproduce)
- CVE-2004-0238
- CVE-2004-0270
- CVE-2004-0557
- CVE-2004-0597
- CVE-2004-0990
- CVE-2004-1120
- CVE-2004-1255
- CVE-2004-1256 (Fail to reproduce)
- CVE-2004-1257
- CVE-2004-1258 (Fail to reproduce)
- CVE-2004-1259 (Fail to reproduce)
- CVE-2004-1260 (Fail to reproduce)
- CVE-2004-1261
- CVE-2004-1262
- CVE-2004-1265
- CVE-2004-1266 (Fail to reproduce)
- CVE-2004-1271
- CVE-2004-1272 (Fail to reproduce)
- CVE-2004-1275
- CVE-2004-1278
- CVE-2004-1279
- CVE-2004-1283 (Fail to reproduce)
- CVE-2004-1287
- CVE-2004-1288
- CVE-2004-1289
- CVE-2004-1290
- CVE-2004-1292
- CVE-2004-1293
- CVE-2004-1297
- CVE-2004-1298
- CVE-2004-1299
- CVE-2004-1455 (Fail to reproduce)
- CVE-2004-2093
- CVE-2004-2167
- CVE-2005-0101
- CVE-2005-0199
- CVE-2005-1275
- CVE-2005-3120
- CVE-2005-3252
- CVE-2005-3862
- CVE-2005-4667
- CVE-2005-4807
- CVE-2006-0539
- CVE-2006-1148
- CVE-2006-1542
- CVE-2006-2025
- CVE-2006-2362
- CVE-2006-2465
- CVE-2006-2656
- CVE-2006-2971
- CVE-2006-3082
- CVE-2006-3124
- CVE-2006-3581
- CVE-2006-3582
- CVE-2006-3746
- CVE-2006-4018
- CVE-2006-4089
- CVE-2006-4144
- CVE-2006-4182
- CVE-2006-4812
- CVE-2006-5276
- CVE-2006-5295
- CVE-2006-5465
- CVE-2006-5815
- CVE-2006-6563
- CVE-2007-0368
- CVE-2007-1001
- CVE-2007-1286
- CVE-2007-1371
- CVE-2007-1383
- CVE-2007-1465
- CVE-2007-1777
- CVE-2007-1825
- CVE-2007-2052
- CVE-2007-2446
- CVE-2007-2683
- CVE-2007-2872
- CVE-2007-3473
- CVE-2007-3947
- CVE-2007-4060
- CVE-2007-4965
- CVE-2007-5301
- CVE-2007-5759
- CVE-2007-6015
- CVE-2007-6454
- CVE-2007-6697
- CVE-2007-6731
- CVE-2008-1721
- CVE-2008-1767
- CVE-2008-1801
- CVE-2008-1802
- CVE-2008-1887
- CVE-2008-2292 (Fail to reproduce)
- CVE-2008-2315
- CVE-2008-2316 (Fail to reproduce)
- CVE-2008-2950
- CVE-2008-3142
- CVE-2008-3143
- CVE-2008-3144 (Fail to reproduce)
- CVE-2008-4864
- CVE-2008-5031
- CVE-2008-5314
- CVE-2008-5904
- CVE-2009-1759
- CVE-2009-1886
- CVE-2009-2285
- CVE-2009-2286
- CVE-2009-2950
- CVE-2009-3050
- CVE-2009-3586
- CVE-2009-4134
- CVE-2009-4880
- CVE-2009-4881
- CVE-2009-5018
- CVE-2010-1147
- CVE-2010-1159
- CVE-2010-1449
- CVE-2010-1450
- CVE-2010-1634
- CVE-2010-1866
- CVE-2010-2089
- CVE-2010-2481
- CVE-2010-2482
- CVE-2010-2810
- CVE-2010-2891
- CVE-2010-2959
- CVE-2010-4221
- CVE-2010-4259
- CVE-2010-4409
- CVE-2011-0420
- CVE-2011-0708
- CVE-2011-0761
- CVE-2011-1071
- CVE-2011-1092
- CVE-2011-1137
- CVE-2011-1938
- CVE-2011-5033
- CVE-2012-0809
- CVE-2012-2386
- CVE-2012-3480
- CVE-2012-4409
- CVE-2012-4412
- CVE-2012-4424
- CVE-2012-5612
- CVE-2012-5667
- CVE-2012-5867
- CVE-2013-0221
- CVE-2013-0222
- CVE-2013-0223
- CVE-2013-0722
- CVE-2013-2028
- CVE-2013-2131
- CVE-2013-3724
- CVE-2013-4123
- CVE-2013-4243
- CVE-2013-4473
- CVE-2013-4474
- CVE-2013-4788
- CVE-2013-7226
- CVE-2013-7446
- CVE-2014-0226
- CVE-2014-0749
- CVE-2014-1912
- CVE-2014-2851
- CVE-2014-4616
- CVE-2014-6277
- CVE-2014-7185
- CVE-2014-8322
- CVE-2014-8768
- CVE-2014-9295
- CVE-2015-0235
- CVE-2015-0252
- CVE-2015-1265
- CVE-2015-3205
- CVE-2015-3890
- CVE-2015-5895
- CVE-2015-7547
- CVE-2015-7805
- CVE-2015-8396
- CVE-2015-8617
- CVE-2015-8668
- CVE-2016-0728
- CVE-2016-10092
- CVE-2016-10093
- CVE-2016-10094
- CVE-2016-10095
- CVE-2016-10251
- CVE-2016-10268
- CVE-2016-10269
- CVE-2016-10270
- CVE-2016-10271
- CVE-2016-10272
- CVE-2016-2233
- CVE-2016-2563
- CVE-2016-4557
- CVE-2016-5636
- CVE-2016-6187
- CVE-2016-6516
- CVE-2016-6832 (Fail to reproduce)
- CVE-2016-7393 (Fail to reproduce)
- CVE-2016-7445
- CVE-2016-7477 (Fail to reproduce)
- CVE-2016-8655
- CVE-2016-8676
- CVE-2016-8678
- CVE-2016-8883
- CVE-2016-8887
- CVE-2016-9560
- CVE-2016-9819
- CVE-2016-9820
- CVE-2016-9821
- CVE-2017-10688
- CVE-2017-11403
- CVE-2017-12858
- CVE-2017-12936
- CVE-2017-12937
- CVE-2017-14103
- CVE-2017-14638
- CVE-2017-14639
- CVE-2017-14640
- CVE-2017-14641
- CVE-2017-14642
- CVE-2017-14643
- CVE-2017-14644
- CVE-2017-14645
- CVE-2017-14646
- CVE-2017-15020
- CVE-2017-15938
- CVE-2017-15939
- CVE-2017-5502
- CVE-2017-5852
- CVE-2017-5853
- CVE-2017-5854
- CVE-2017-5855
- CVE-2017-5886
- CVE-2017-5974
- CVE-2017-5975
- CVE-2017-5976
- CVE-2017-5977
- CVE-2017-5978
- CVE-2017-5980
- CVE-2017-6840
- CVE-2017-6842
- CVE-2017-6843
- CVE-2017-6847
- CVE-2017-6848
- CVE-2017-6850
- CVE-2017-6852
- CVE-2017-7184
- CVE-2017-7308
- CVE-2017-7378
- CVE-2017-7379
- CVE-2017-7380
- CVE-2017-7381
- CVE-2017-7382
- CVE-2017-7383
- CVE-2017-7533
- CVE-2017-7596
- CVE-2017-7597
- CVE-2017-7598
- CVE-2017-7599
- CVE-2017-7600
- CVE-2017-7601
- CVE-2017-7602
- CVE-2017-7606
- CVE-2017-8890
- CVE-2017-9038
- CVE-2017-9147
- CVE-2017-9154
- CVE-2017-9160
- CVE-2017-9162
- CVE-2017-9163
- CVE-2017-9164
- CVE-2017-9165
- CVE-2017-9166
- CVE-2017-9167
- CVE-2017-9168
- CVE-2017-9169
- CVE-2017-9170
- CVE-2017-9171
- CVE-2017-9172
- CVE-2017-9173
- CVE-2017-9174
- CVE-2017-9177
- CVE-2017-9180
- CVE-2017-9182
- CVE-2017-9183
- CVE-2017-9184
- CVE-2017-9186
- CVE-2017-9189
- CVE-2017-9190
- CVE-2017-9191
- CVE-2017-9192
- CVE-2017-9193
- CVE-2017-9194
- CVE-2017-9195
- CVE-2017-9196
- CVE-2017-9204
- CVE-2017-9205
- CVE-2017-9206
- CVE-2017-9207
- CVE-2018-9138
- EDB-10334
- EDB-10617
- EDB-10634
- EDB-11644
- EDB-14083
- EDB-14452
- EDB-14904
- EDB-15054
- EDB-15062
- EDB-15705
- EDB-1574
- EDB-1578
- EDB-16855
- EDB-17611
- EDB-17806
- EDB-19987
- EDB-20479
- EDB-23523
- EDB-24981
- EDB-24984
- EDB-24995
- EDB-25011
- EDB-25018
- EDB-25030
- EDB-25411
- EDB-26915
- EDB-2857
- EDB-28679
- EDB-2928
- EDB-30142
- EDB-30648
- EDB-31761
- EDB-31761
- EDB-31915
- EDB-33251
- EDB-3330
- EDB-3333
- EDB-33949
- EDB-34164
- EDB-35450
- EDB-36024
- EDB-36229
- EDB-36388
- EDB-36881
- EDB-369
- EDB-37051
- EDB-3730
- EDB-374
- EDB-37546
- EDB-37743
- EDB-37777
- EDB-37975
- EDB-37987
- EDB-37988
- EDB-38597
- EDB-38616
- EDB-38617
- EDB-38681
- EDB-38685
- EDB-38857
- EDB-39285
- EDB-39406
- EDB-39502
- EDB-39673
- EDB-39692
- EDB-39733
- EDB-39734
- EDB-39747
- EDB-39764
- EDB-39800
- EDB-39810
- EDB-39842
- EDB-39875
- EDB-40023
- EDB-40025
- EDB-5424
- EDB-652
- EDB-8205
- EDB-890
- EDB-9264
-
Gentoo-Bug-70090
-
Sourceware-Bug-21877
-
Sourceware-Bug-21878
-
Sourceware-Bug-21880
-
Some vulnerabilities without CVE ID listed in Gentoo Security Blog
Please refer to Traditional Mitigation Repository to check security mitigations and how to enable/disable them.