Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat package manager - vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2002-2204
The default --checksig setting in RPM Package Manager 4.0.4 checks that a package's signature is valid without listing who signed it, which can allow remote malicious users to make it appear that a malicious package comes from a trusted source.
Redhat Redhat Package Manager 4.0.2-71
Redhat Redhat Package Manager 4.0.3
Redhat Redhat Package Manager 4.0.2-72
Redhat Redhat Package Manager 4.0.4
7.2
CVSSv2
CVE-2001-0923
RPM Package Manager 4.0.x up to and including 4.0.2.x allows an malicious user to execute arbitrary code via corrupted data in the RPM file when the file is queried.
Redhat Redhat Package Manager 4.0.2-71
Redhat Redhat Package Manager 4.0.2-72
4.3
CVSSv2
CVE-2017-3224
Open Shortest Path First (OSPF) protocol implementations may improperly determine Link State Advertisement (LSA) recency for LSAs with MaxSequenceNumber. According to RFC 2328 section 13.1, for two instances of the same LSA, recency is determined by first comparing sequence numbe...
Quagga Quagga -
Suse Opensuse -
Suse Suse Linux -
Redhat Package Manager -
4.3
CVSSv2
CVE-2019-5798
Lack of correct bounds checking in Skia in Google Chrome before 73.0.3683.75 allowed a remote malicious user to perform an out of bounds memory read via a crafted HTML page.
Google Chrome
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Opensuse Leap 42.3
Canonical Ubuntu Linux 18.04
Opensuse Leap 15.0
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 19.04
Suse Package Hub -
Redhat Enterprise Linux 8.0
Opensuse Backports Sle-15
Opensuse Leap 15.1
Canonical Ubuntu Linux 16.04
2.1
CVSSv2
CVE-2014-0200
The Red Hat Enterprise Virtualization Manager reports (rhevm-reports) package prior to 3.3.3-1 uses world-readable permissions on the datasource configuration file (js-jboss7-ds.xml), which allows local users to obtain sensitive information by reading the file.
Redhat Rhevm-reports 3.0
Redhat Rhevm-reports 3.1
Redhat Rhevm-reports
Redhat Rhevm-reports 3.3
Redhat Rhevm-reports 3.2
4
CVSSv2
CVE-2019-0757
A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated malicious user to modify a NuGet package's folder structure, aka 'NuGet Package Manager Tampering Vulnerability'.
Microsoft Visual Studio 2017 -
Microsoft Nuget 4.9.4
Microsoft Nuget 4.3.1
Microsoft Nuget 4.4.2
Microsoft Nuget 4.7.2
Microsoft Nuget 4.8.2
Microsoft Nuget 4.5.2
Microsoft Nuget 4.6.3
Mono-project Mono Framework 5.18.0.223
Mono-project Mono Framework 5.20.0
Microsoft .net Core Sdk 1.1
Microsoft .net Core Sdk 2.1.500
Microsoft .net Core Sdk 2.2.100
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Eus 8.1
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Tus 8.4
2 Articles
NA
CVE-2022-4285
An illegal memory access flaw was found in the binutils package. Parsing an ELF file containing corrupt symbol version information may result in a denial of service. This issue is the result of an incomplete fix for CVE-2020-16599.
Gnu Binutils
Fedoraproject Fedora 37
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
6.9
CVSSv2
CVE-2020-10757
A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way mremap handled DAX Huge Pages. This flaw allows a local attacker with access to a DAX enabled storage to escalate their privileges on the system.
Linux Linux Kernel
Opensuse Leap 15.1
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Mrg 2.0
Fedoraproject Fedora 31
Debian Debian Linux 8.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Netapp Cloud Backup -
Netapp Steelstore Cloud Integrated Storage -
Netapp Active Iq Unified Manager -
NA
CVE-2023-4001
An authentication bypass flaw was found in GRUB due to the way that GRUB uses the UUID of a device to search for the configuration file that contains the password hash for the GRUB password protection feature. An attacker capable of attaching an external drive such as a USB stick...
Gnu Grub2 -
Redhat Enterprise Linux 9.0
Fedoraproject Fedora 38
Fedoraproject Fedora 39
4.3
CVSSv2
CVE-2019-1559
If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 by...
Openssl Openssl
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 16.04
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Netapp Hyper Converged Infrastructure -
Netapp Cloud Backup -
Netapp Santricity Smi-s Provider -
Netapp Element Software -
Netapp Snapdrive -
Netapp Snapcenter -
Netapp Storage Automation Store -
Netapp Ontap Select Deploy -
Netapp Steelstore Cloud Integrated Storage -
Netapp Oncommand Unified Manager -
Netapp Oncommand Workflow Automation -
Netapp Storagegrid -
Netapp Storagegrid
Netapp Oncommand Insight -
Netapp Ontap Select Deploy Administration Utility -
Netapp Service Processor -
3 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
firewall
CVE-2024-35649
stored XSS
CVE-2022-28654
CVE-2020-35153
CVE-2024-27348
CVE-2022-28652
local users
CVE-2017-3506
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »