Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat enterprise linux as 4 vulnerabilities and exploits
(subscribe to this query)
6.6
CVSSv3
CVE-2024-0607
A flaw was found in the Netfilter subsystem in the Linux kernel. The issue is in the nft_byteorder_eval() function, where the code iterates through a loop and writes to the `dst` array. On each iteration, 8 bytes are written, but `dst` is an array of u32, so each element only has...
Linux Linux Kernel 6.7
Linux Linux Kernel
Fedoraproject Fedora 39
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
5.9
CVSSv3
CVE-2023-48795
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH prior to 9.6 and other products, allows remote malicious users to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may conseque...
Openbsd Openssh
Putty Putty
Filezilla-project Filezilla Client
Microsoft Powershell
Panic Transmit 5
Panic Nova
Roumenpetrov Pkixssh
Winscp Winscp
Bitvise Ssh Client
Bitvise Ssh Server
Lancom-systems Lcos
Lancom-systems Lcos Fx -
Lancom-systems Lcos Lx -
Lancom-systems Lcos Sx 5.20
Lancom-systems Lcos Sx 4.20
Lancom-systems Lanconfig -
Vandyke Securecrt
Libssh Libssh
Net-ssh Net-ssh 7.2.0
Ssh2 Project Ssh2
Proftpd Proftpd
Freebsd Freebsd
8 Github repositories
1 Article
7.5
CVSSv3
CVE-2023-44487
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Ietf Http 2.0
Nghttp2 Nghttp2
Netty Netty
Envoyproxy Envoy 1.27.0
Envoyproxy Envoy 1.26.4
Envoyproxy Envoy 1.25.9
Envoyproxy Envoy 1.24.10
Eclipse Jetty
Caddyserver Caddy
Golang Http2
Golang Go
Golang Networking
F5 Big-ip Analytics
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Local Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Global Traffic Manager
F5 Big-ip Fraud Protection Service
F5 Big-ip Domain Name System
F5 Big-ip Application Security Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Advanced Firewall Manager
34 Github repositories
2 Articles
5.9
CVSSv3
CVE-2023-4806
A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the _nss_*_gethostbyname2_r and _nss_*_getcanonname_r hoo...
Gnu Glibc 2.33
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Redhat Enterprise Linux Eus 8.8
Redhat Enterprise Linux Server Aus 9.2
Redhat Enterprise Linux Eus 9.2
Redhat Enterprise Linux For Power Little Endian 9.2 Ppc64le
Redhat Enterprise Linux For Power Little Endian Eus 9.2 Ppc64le
Redhat Enterprise Linux For Ibm Z Systems S390x 9.2
Redhat Enterprise Linux For Ibm Z Systems Eus S390x 9.2
Redhat Enterprise Linux Tus 8.8
Redhat Codeready Linux Builder For Arm64 Eus 9.2 Aarch64
Redhat Codeready Linux Builder For Ibm Z Systems Eus 9.2 S390x
Redhat Codeready Linux Builder Eus For Power Little Endian 9.0 Ppc64le
Redhat Codeready Linux Builder For Ibm Z Systems 9.0 S390x
Redhat Codeready Linux Builder For Arm64 9.0 Aarch64
Redhat Codeready Linux Builder Eus For Power Little Endian Eus 9.2 Ppc64le
Redhat Codeready Linux Builder Eus 9.2
Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 9.2 Ppc64le
Redhat Enterprise Linux For Arm 64 Eus 9.2 Aarch64
Redhat Enterprise Linux For Arm 64 9.0 Aarch64
6.5
CVSSv3
CVE-2022-40982
Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Redhat Enterprise Linux 7.0
Xen Xen -
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Intel Microcode
Intel Xeon E-2314 Firmware -
Intel Xeon E-2324g Firmware -
Intel Xeon E-2334 Firmware -
Intel Xeon E-2374g Firmware -
Intel Xeon E-2336 Firmware -
Intel Xeon E-2356g Firmware -
Intel Xeon E-2386g Firmware -
Intel Xeon E-2378 Firmware -
Intel Xeon E-2378g Firmware -
Intel Xeon E-2388g Firmware -
Intel Xeon W-1350 Firmware -
Intel Xeon W-1350p Firmware -
Intel Xeon W-1370 Firmware -
Intel Xeon W-1370p Firmware -
Intel Xeon W-1390t Firmware -
Intel Xeon W-1390 Firmware -
2 Github repositories
2 Articles
4.4
CVSSv3
CVE-2023-3772
A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer in xfrm_update_ae_params(), leading to a possible kernel crash and denia...
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux For Real Time 8.0
Redhat Enterprise Linux For Real Time For Nfv 8.0
Redhat Enterprise Linux 9.0
Fedoraproject Fedora -
Linux Linux Kernel -
Debian Debian Linux 10.0
Debian Debian Linux 12.0
4.4
CVSSv3
CVE-2023-3212
A NULL pointer dereference issue was found in the gfs2 file system in the Linux kernel. It occurs on corrupt gfs2 file systems when the evict code tries to reference the journal descriptor structure after it has been freed and set to NULL. A privileged local user could use this f...
Linux Linux Kernel
Linux Linux Kernel 6.4
Fedoraproject Fedora 38
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
5.3
CVSSv3
CVE-2021-4189
A flaw was found in Python, specifically in the FTP (File Transfer Protocol) client library in PASV (passive) mode. The issue is how the FTP client trusts the host from the PASV response by default. This flaw allows an malicious user to set up a malicious FTP server that can tric...
Python Python
Python Python 3.10.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Redhat Enterprise Linux 8.0
Redhat Software Collections -
Netapp Ontap Select Deploy Administration Utility -
6.5
CVSSv3
CVE-2021-4209
A NULL pointer dereference flaw was found in GnuTLS. As Nettle's hash update functions internally call memcpy, providing zero-length input may cause undefined behavior. This flaw leads to a denial of service after authentication in rare circumstances.
Gnu Gnutls
Redhat Enterprise Linux 8.0
Netapp Solidfire \\& Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Hci Bootstrap Os -
6.5
CVSSv3
CVE-2021-3733
There's a flaw in urllib's AbstractBasicAuthHandler class. An attacker who controls a malicious HTTP server that an HTTP client (such as web browser) connects to, could trigger a Regular Expression Denial of Service (ReDOS) during an authentication request with a specia...
Python Python
Python Python 3.10.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux Server Update Services For Sap Solutions 8.4
Redhat Enterprise Linux For Power Little Endian 8.0
Redhat Enterprise Linux For Ibm Z Systems Eus 8.4
Redhat Enterprise Linux For Ibm Z Systems 8.0
Redhat Enterprise Linux For Power Little Endian Eus 8.4
Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 8.4
Redhat Codeready Linux Builder For Ibm Z Systems 8.0
Redhat Codeready Linux Builder For Power Little Endian 8.0
Redhat Codeready Linux Builder 8.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Extra Packages For Enterprise Linux 7.0
Netapp Ontap Select Deploy Administration Utility -
Netapp Hci Compute Node Firmware -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »