Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

redhat virtualization host 4.0 vulnerabilities and exploits

(subscribe to this query)

6.5
CVSSv3
CVE-2018-1114
It was found that URLResource.getLastModified() in Undertow closes the file descriptors only when they are finalized which can cause file descriptors to exhaust. This leads to a file handler leak....
Redhat Undertow -Redhat Virtualization Host 4.0Redhat Virtualization 4.2Redhat Virtualization 4.0
6.5
CVSSv3
CVE-2018-14660
A flaw was found in glusterfs server through versions 4.1.4 and 3.1.2 which allowed repeated usage of GF_META_LOCK_KEY xattr. A remote, authenticated attacker could use this flaw to create multiple locks for single inode by using setxattr repetitively resulting in memory...
Gluster GlusterfsRedhat Virtualization Host 4.0Redhat Enterprise Linux Server 6.0Redhat Enterprise Linux Server 7.0Redhat Virtualization 4.0Redhat Virtualization Host 4.0Debian Debian Linux 9.0
8.1
CVSSv3
CVE-2018-1088
A privilege escalation flaw was found in gluster 3.x snapshot scheduler. Any gluster client allowed to mount gluster volumes could also mount shared gluster storage volume and escalate privileges by scheduling malicious cronjob via symlink....
Redhat Enterprise Linux Server 6.0Redhat Gluster StorageRedhat Virtualization Host 4.0Redhat Virtualization 4.0Redhat Enterprise Linux Server 7.0Opensuse Leap 15.1Debian Debian Linux 9.0
7.8
CVSSv3
CVE-2018-10874
In ansible it was found that inventory variables are loaded from current working directory when running ad-hoc command which are under attacker's control, allowing to run arbitrary code as a result....
Redhat Ansible Engine 2.0Redhat Openstack 12Redhat Virtualization 4.0Redhat Ansible Engine 2.4Redhat Ansible Engine 2.5Redhat Ansible Engine 2.6Redhat Openstack 10Redhat Openstack 13Redhat Virtualization Host 4.0
5.5
CVSSv3
CVE-2021-3620
A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is to confidentiality....
Redhat Ansible Automation Platform Early Access 2.0Redhat Ansible EngineRedhat Openstack 1Redhat Openstack 16.1Redhat Virtualization 4.0Redhat Virtualization For Ibm Power Little Endian 4.0Redhat Virtualization Host 4.0Redhat Virtualization Manager 4.4Redhat Enterprise Linux 8.0Redhat Enterprise Linux For Power Little Endian 8.0
6.5
CVSSv3
CVE-2018-14652
The Gluster file system through versions 3.12 and 4.1.4 is vulnerable to a buffer overflow in the 'features/index' translator via the code handling the 'GF_XATTR_CLRLK_CMD' xattr in the 'pl_getxattr' function. A remote authenticated attacker could...
Redhat Gluster StorageDebian Debian Linux 8.0Debian Debian Linux 9.0Redhat Enterprise Virtualization Host 4.0Redhat Enterprise Linux Server 6.0Redhat Enterprise Linux Server 7.0Redhat Enterprise Linux Virtualization 4.0
7.8
CVSSv3
CVE-2021-3578
A flaw was found in mbsync before v1.3.6 and v1.4.2, where an unchecked pointer cast allows a malicious or compromised server to write an arbitrary integer value past the end of a heap-allocated structure by issuing an unexpected APPENDUID response. This could be plausibly...
Mbsync Project MysyncMbsync Project Mysync 1.4.0Mbsync Project Mysync 1.4.1Redhat Openshift Container Platform 4.7Redhat Virtualization 4.0Redhat Virtualization Host 4.0Redhat Enterprise Linux 7.0Fedoraproject Fedora 33Fedoraproject Fedora 34
5.5
CVSSv3
CVE-2018-10322
The xfs_dinode_verify function in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service (xfs_ilock_attr_map_shared invalid pointer dereference) via a crafted xfs image....
Linux Linux KernelRedhat Enterprise Linux Desktop 7.0Redhat Enterprise Linux Server 7.0Redhat Enterprise Linux Workstation 7.0Redhat Virtualization Host 4.0
7.8
CVSSv3
CVE-2018-5848
In the function wmi_set_ie(), the length validation code does not handle unsigned integer overflow properly. As a result, a large value of the 'ie_len' argument can cause a buffer overflow in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD...
Google Android -Redhat Enterprise Linux Desktop 7.0Redhat Enterprise Linux Server 7.0Redhat Enterprise Linux Workstation 7.0Redhat Virtualization Host 4.0Debian Debian Linux 8.0
8.8
CVSSv3
CVE-2018-10858
A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server could use this flaw to cause arbitrary code execution on a samba client. Samba versions before 4.6.16, 4.7.9 and 4.8.4 are vulnerable....
Debian Debian Linux 9.0Canonical Ubuntu Linux 14.04Canonical Ubuntu Linux 18.04Canonical Ubuntu Linux 16.04Samba SambaRedhat Enterprise Linux Desktop 7.0Redhat Enterprise Linux Server 7.0Redhat Virtualization 4.0Redhat Enterprise Linux Workstation 7.0Redhat Virtualization Host 4.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-29214CVE-2022-29432CVE-2022-1388LFICVE-2022-1813SSRFCVE-2022-20821CVE-2021-41834XML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook