redhat vulnerabilities and exploits

4.3
CVSSv2
CVE-2014-0026

katello-headpin is vulnerable to CSRF in REST API...

5
CVSSv2
CVE-2013-1793

openstack-utils openstack-db has insecure password creation...

4.3
CVSSv2
CVE-2014-3656

JBoss KeyCloak: XSS in login-status-iframe.html...

7.5
CVSSv2
CVE-2019-19333

In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "bits". An application that uses libyang to parse untrusted YANG files may be vulnerable to this flaw, which would allow an...

2.1
CVSSv2
CVE-2013-0163

OpenShift haproxy cartridge: predictable /tmp in set-proxy connection hook which could facilitate DoS...

7.5
CVSSv2
CVE-2019-14910

A vulnerability was found in keycloak 7.x, when keycloak is configured with LDAP user federation and StartTLS is used instead of SSL/TLS from the LDAP server (ldaps), in this case user authentication succeeds even if invalid password has entered....

2.9
CVSSv2
CVE-2019-13456

CVE-2019-13456 WPA3 Dragonblood Vulnerability. Information leak in FreeRADIUS' EAP-pwd due to aborting when needing more than 10 iterations....

6.8
CVSSv2
CVE-2013-4486

Zanata 3.0.0 through 3.1.2 has RCE due to EL interpolation in logging...

3.3
CVSSv2
CVE-2013-4235

shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees...