Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat openshift container platform vulnerabilities and exploits
(subscribe to this query)
10
CVSSv3
CVE-2019-7609
Kibana versions prior to 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the Timelion visualizer. An attacker with access to the Timelion application could send a request that will attempt to execute javascript code. This could possibly lead to an attacker executing ...
Elastic Kibana
Redhat Openshift Container Platform 3.11
Redhat Openshift Container Platform 4.1
15 Github repositories
10
CVSSv3
CVE-2018-14721
FasterXML jackson-databind 2.x prior to 2.9.7 might allow remote malicious users to conduct server-side request forgery (SSRF) attacks by leveraging failure to block the axis2-jaxws class from polymorphic deserialization.
Fasterxml Jackson-databind 2.7.0
Fasterxml Jackson-databind
Fasterxml Jackson-databind 2.8.0
Fasterxml Jackson-databind 2.9.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Oracle Primavera Unifier 16.2
Oracle Banking Platform 2.5.0
Oracle Primavera Unifier 16.1
Oracle Jdeveloper 12.1.3.0.0
Oracle Retail Merchandising System 16.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Primavera Unifier
Oracle Communications Billing And Revenue Management 7.5
Oracle Communications Billing And Revenue Management 12.0
Oracle Financial Services Analytical Applications Infrastructure 8.0.2
Oracle Financial Services Analytical Applications Infrastructure 8.0.3
Oracle Financial Services Analytical Applications Infrastructure 8.0.4
Oracle Financial Services Analytical Applications Infrastructure 8.0.5
Oracle Financial Services Analytical Applications Infrastructure 8.0.6
Oracle Financial Services Analytical Applications Infrastructure 8.0.7
Oracle Banking Platform 2.6.0
9.9
CVSSv3
CVE-2019-1003029
A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.53 and previous versions in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java, src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SecureGroovyScript.java th...
Jenkins Script Security
Redhat Openshift Container Platform 3.11
5 Github repositories
9.9
CVSSv3
CVE-2019-1003030
A sandbox bypass vulnerability exists in Jenkins Pipeline: Groovy Plugin 2.63 and previous versions in pom.xml, src/main/java/org/jenkinsci/plugins/workflow/cps/CpsGroovyShell.java that allows attackers able to control pipeline scripts to execute arbitrary code on the Jenkins mas...
Jenkins Pipeline\\ Groovy
Redhat Openshift Container Platform 3.11
1 Github repository
9.9
CVSSv3
CVE-2019-1003031
A sandbox bypass vulnerability exists in Jenkins Matrix Project Plugin 1.13 and previous versions in pom.xml, src/main/java/hudson/matrix/FilterScript.java that allows attackers with Job/Configure permission to execute arbitrary code on the Jenkins master JVM.
Jenkins Matrix Project
Redhat Openshift Container Platform 3.11
9.9
CVSSv3
CVE-2019-1003034
A sandbox bypass vulnerability exists in Jenkins Job DSL Plugin 1.71 and previous versions in job-dsl-core/src/main/groovy/javaposse/jobdsl/dsl/AbstractDslScriptLoader.groovy, job-dsl-plugin/build.gradle, job-dsl-plugin/src/main/groovy/javaposse/jobdsl/plugin/JobDslWhitelist.groo...
Jenkins Job Dsl
Redhat Openshift Container Platform 3.11
9.8
CVSSv3
CVE-2023-3961
A path traversal vulnerability was identified in Samba when processing client pipe names connecting to Unix domain sockets within a private directory. Samba typically uses this mechanism to connect SMB clients to remote procedure call (RPC) services like SAMR LSA or SPOOLSS, whic...
Samba Samba
Redhat Enterprise Linux 8.0
Redhat Storage 3.0
Redhat Enterprise Linux Eus 9.0
Fedoraproject Fedora 39
9.8
CVSSv3
CVE-2023-5178
A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe/TCP subsystem in the Linux kernel. This issue may allow a malicious user to cause a use-after-free and double-free problem, which may permit remote c...
Linux Linux Kernel 6.6
Linux Linux Kernel
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Netapp Solidfire \\& Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Solidfire \\& Hci Storage Node -
1 Github repository
9.8
CVSSv3
CVE-2020-27836
A flaw was found in cluster-ingress-operator. A change to how the router-default service allows only certain IP source ranges could allow an malicious user to access resources that would otherwise be restricted to specified IP ranges. The highest threat from this vulnerability is...
Redhat Openshift Container Platform 4.6
9.8
CVSSv3
CVE-2022-25315
In Expat (aka libexpat) prior to 2.4.5, there is an integer overflow in storeRawNames.
Libexpat Project Libexpat
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Oracle Http Server 12.2.1.3.0
Oracle Http Server 12.2.1.4.0
Oracle Zfs Storage Appliance Kit 8.8
Siemens Sinema Remote Connect Server
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »