Filtered by vendor Redhat
Subscribe
Total
5605 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-3537 | 6 Debian, Fedoraproject, Netapp and 3 more | 20 Debian Linux, Fedora, Active Iq Unified Manager and 17 more | 2024-02-28 | 4.3 MEDIUM | 5.9 MEDIUM |
A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference. If an untrusted XML document was parsed in recovery mode and post-validated, the flaw could be used to crash the application. The highest threat from this vulnerability is to system availability. | |||||
CVE-2021-3592 | 4 Debian, Fedoraproject, Libslirp Project and 1 more | 4 Debian Linux, Fedora, Libslirp and 1 more | 2024-02-28 | 2.1 LOW | 3.8 LOW |
An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the bootp_input() function and could occur while processing a udp packet that is smaller than the size of the 'bootp_t' structure. A malicious guest could use this flaw to leak 10 bytes of uninitialized heap memory from the host. The highest threat from this vulnerability is to data confidentiality. This flaw affects libslirp versions prior to 4.6.0. | |||||
CVE-2020-10742 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-02-28 | 3.6 LOW | 6.0 MEDIUM |
A flaw was found in the Linux kernel. An index buffer overflow during Direct IO write leading to the NFS client to crash. In some cases, a reach out of the index after one memory allocation by kmalloc will cause a kernel panic. The highest threat from this vulnerability is to data confidentiality and system availability. | |||||
CVE-2020-27832 | 1 Redhat | 1 Quay | 2024-02-28 | 6.0 MEDIUM | 9.0 CRITICAL |
A flaw was found in Red Hat Quay, where it has a persistent Cross-site Scripting (XSS) vulnerability when displaying a repository's notification. This flaw allows an attacker to trick a user into performing a malicious action to impersonate the target user. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. | |||||
CVE-2020-27839 | 1 Redhat | 1 Ceph | 2024-02-28 | 3.5 LOW | 5.4 MEDIUM |
A flaw was found in ceph-dashboard. The JSON Web Token (JWT) used for user authentication is stored by the frontend application in the browser’s localStorage which is potentially vulnerable to attackers via XSS attacks. The highest threat from this vulnerability is to data confidentiality and integrity. | |||||
CVE-2021-30470 | 3 Fedoraproject, Podofo Project, Redhat | 3 Fedora, Podofo, Enterprise Linux | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
A flaw was found in PoDoFo 0.9.7. An uncontrolled recursive call among PdfTokenizer::ReadArray(), PdfTokenizer::GetNextVariant() and PdfTokenizer::ReadDataType() functions can lead to a stack overflow. | |||||
CVE-2020-36330 | 5 Apple, Debian, Netapp and 2 more | 6 Ipados, Iphone Os, Debian Linux and 3 more | 2024-02-28 | 6.4 MEDIUM | 9.1 CRITICAL |
A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function ChunkVerifyAndAssign. The highest threat from this vulnerability is to data confidentiality and to the service availability. | |||||
CVE-2020-1702 | 2 Containers-image Project, Redhat | 2 Containers-image, Enterprise Linux | 2024-02-28 | 4.3 MEDIUM | 3.3 LOW |
A malicious container image can consume an unbounded amount of memory when being pulled to a container runtime host, such as Red Hat Enterprise Linux using podman, or OpenShift Container Platform. An attacker can use this flaw to trick a user, with privileges to pull container images, into crashing the process responsible for pulling the image. This flaw affects containers-image versions before 5.2.0. | |||||
CVE-2018-10866 | 1 Redhat | 1 Certification | 2024-02-28 | 6.4 MEDIUM | 9.1 CRITICAL |
It was discovered that the /configuration view of redhat-certification 7 does not perform an authorization check and it allows an unauthenticated user to remove a "system" file, that is an xml file with host related information, not belonging to him. | |||||
CVE-2021-31918 | 1 Redhat | 1 Openstack | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
A flaw was found in tripleo-ansible version as shipped in Red Hat Openstack 16.1. The Ansible log file is readable to all users during stack update and creation. The highest threat from this vulnerability is to data confidentiality. | |||||
CVE-2020-14329 | 1 Redhat | 1 Ansible Tower | 2024-02-28 | 2.1 LOW | 3.3 LOW |
A data exposure flaw was found in Ansible Tower in versions before 3.7.2, where sensitive data can be exposed from the /api/v2/labels/ endpoint. This flaw allows users from other organizations in the system to retrieve any label from the organization and also disclose organization names. The highest threat from this vulnerability is to confidentiality. | |||||
CVE-2020-14327 | 1 Redhat | 1 Ansible Tower | 2024-02-28 | 2.1 LOW | 5.5 MEDIUM |
A Server-side request forgery (SSRF) flaw was found in Ansible Tower in versions before 3.6.5 and before 3.7.2. Functionality on the Tower server is abused by supplying a URL that could lead to the server processing it. This flaw leads to the connection to internal services or the exposure of additional internal services by abusing the test feature of lookup credentials to forge HTTP/HTTPS requests from the server and retrieving the results of the response. | |||||
CVE-2021-3527 | 3 Debian, Qemu, Redhat | 3 Debian Linux, Qemu, Enterprise Linux | 2024-02-28 | 2.1 LOW | 5.5 MEDIUM |
A flaw was found in the USB redirector device (usb-redir) of QEMU. Small USB packets are combined into a single, large transfer request, to reduce the overhead and improve performance. The combined size of the bulk transfer is used to dynamically allocate a variable length array (VLA) on the stack without proper validation. Since the total size is not bounded, a malicious guest could use this flaw to influence the array length and cause the QEMU process to perform an excessive allocation on the stack, resulting in a denial of service. | |||||
CVE-2021-3504 | 3 Debian, Fedoraproject, Redhat | 4 Debian Linux, Fedora, Enterprise Linux and 1 more | 2024-02-28 | 5.8 MEDIUM | 5.4 MEDIUM |
A flaw was found in the hivex library in versions before 1.3.20. It is caused due to a lack of bounds check within the hivex_open function. An attacker could input a specially crafted Windows Registry (hive) file which would cause hivex to read memory beyond its normal bounds or cause the program to crash. The highest threat from this vulnerability is to system availability. | |||||
CVE-2021-20197 | 4 Broadcom, Gnu, Netapp and 1 more | 6 Brocade Fabric Operating System Firmware, Binutils, Cloud Backup and 3 more | 2024-02-28 | 3.3 LOW | 6.3 MEDIUM |
There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar, objcopy, strip, ranlib. When these utilities are run as a privileged user (presumably as part of a script updating binaries across different users), an unprivileged user can trick these utilities into getting ownership of arbitrary files through a symlink. | |||||
CVE-2021-20236 | 3 Fedoraproject, Redhat, Zeromq | 4 Fedora, Ceph Storage, Enterprise Linux and 1 more | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
A flaw was found in the ZeroMQ server in versions before 4.3.3. This flaw allows a malicious client to cause a stack buffer overflow on the server by sending crafted topic subscription requests and then unsubscribing. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. | |||||
CVE-2021-32027 | 2 Postgresql, Redhat | 4 Postgresql, Enterprise Linux, Jboss Enterprise Application Platform and 1 more | 2024-02-28 | 6.5 MEDIUM | 8.8 HIGH |
A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before 9.6.22. While modifying certain SQL array values, missing bounds checks let authenticated database users write arbitrary bytes to a wide area of server memory. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | |||||
CVE-2018-10868 | 1 Redhat | 1 Certification | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
redhat-certification 7 does not properly restrict the number of recursive definitions of entities in XML documents, allowing an unauthenticated user to run a "Billion Laugh Attack" by replying to XMLRPC methods when getting the status of an host. | |||||
CVE-2021-3570 | 4 Debian, Fedoraproject, Linuxptp Project and 1 more | 7 Debian Linux, Fedora, Linuxptp and 4 more | 2024-02-28 | 8.0 HIGH | 8.8 HIGH |
A flaw was found in the ptp4l program of the linuxptp package. A missing length check when forwarding a PTP message between ports allows a remote attacker to cause an information leak, crash, or potentially remote code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. This flaw affects linuxptp versions before 3.1.1, before 2.0.1, before 1.9.3, before 1.8.1, before 1.7.1, before 1.6.1 and before 1.5.1. | |||||
CVE-2021-3636 | 1 Redhat | 1 Openshift | 2024-02-28 | 4.1 MEDIUM | 4.6 MEDIUM |
It was found in OpenShift, before version 4.8, that the generated certificate for the in-cluster Service CA, incorrectly included additional certificates. The Service CA is automatically mounted into all pods, allowing them to safely connect to trusted in-cluster services that present certificates signed by the trusted Service CA. The incorrect inclusion of additional CAs in this certificate would allow an attacker that compromises any of the additional CAs to masquerade as a trusted in-cluster service. |