Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openshift container platform vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2019-9169
In the GNU C Library (aka glibc or libc6) up to and including 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.
Gnu Glibc
Netapp Steelstore Cloud Integrated Storage -
Netapp Ontap Select Deploy Administration Utility -
Netapp Cloud Backup
Mcafee Web Gateway
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 16.04
7.5
CVSSv2
CVE-2019-3822
libcurl versions from 7.36.0 to prior to 7.64.0 are vulnerable to a stack-based buffer overflow. The function creating an outgoing NTLM type-3 header (`lib/vauth/ntlm.c:Curl_auth_create_ntlm_type3_message()`), generates the request HTTP header contents based on previously receive...
Haxx Libcurl
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Debian Debian Linux 9.0
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Active Iq Unified Manager
Netapp Clustered Data Ontap
Siemens Sinema Remote Connect Client
Oracle Http Server 12.2.1.3.0
Oracle Enterprise Manager Ops Center 12.3.3
Oracle Secure Global Desktop 5.4
Oracle Communications Operations Monitor 3.4
Oracle Communications Operations Monitor 4.0
Oracle Enterprise Manager Ops Center 12.4.0
Oracle Services Tools Bundle 19.2
Oracle Mysql Server
Redhat Enterprise Linux 8.0
3 Github repositories
7.5
CVSSv2
CVE-2018-19360
FasterXML jackson-databind 2.x prior to 2.9.8 might allow malicious users to have unspecified impact by leveraging failure to block the axis2-transport-jms class from polymorphic deserialization.
Fasterxml Jackson-databind
Debian Debian Linux 8.0
Oracle Primavera Unifier 16.2
Oracle Primavera P6 Enterprise Project Portfolio Management 16.2
Oracle Primavera P6 Enterprise Project Portfolio Management 15.1
Oracle Primavera Unifier 16.1
Oracle Primavera P6 Enterprise Project Portfolio Management 16.1
Oracle Primavera P6 Enterprise Project Portfolio Management 15.2
Oracle Webcenter Portal 12.2.1.3.0
Oracle Business Process Management Suite 12.1.3.0.0
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Primavera P6 Enterprise Project Portfolio Management
Oracle Primavera P6 Enterprise Project Portfolio Management 18.8
Oracle Primavera Unifier 18.8
Oracle Retail Workforce Management Software 1.60.9.0.0
Oracle Primavera Unifier
Redhat Openshift Container Platform 3.11
Redhat Jboss Bpm Suite 6.4.11
Redhat Jboss Brms 6.4.10
Redhat Automation Manager 7.3.1
Redhat Decision Manager 7.3.1
1 Github repository
7.5
CVSSv2
CVE-2018-19361
FasterXML jackson-databind 2.x prior to 2.9.8 might allow malicious users to have unspecified impact by leveraging failure to block the openjpa class from polymorphic deserialization.
Fasterxml Jackson-databind
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Oracle Primavera Unifier 16.2
Oracle Primavera P6 Enterprise Project Portfolio Management 16.2
Oracle Primavera P6 Enterprise Project Portfolio Management 15.1
Oracle Primavera Unifier 16.1
Oracle Primavera P6 Enterprise Project Portfolio Management 16.1
Oracle Primavera P6 Enterprise Project Portfolio Management 15.2
Oracle Webcenter Portal 12.2.1.3.0
Oracle Business Process Management Suite 12.1.3.0.0
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Primavera P6 Enterprise Project Portfolio Management
Oracle Primavera P6 Enterprise Project Portfolio Management 18.8
Oracle Primavera Unifier 18.8
Oracle Retail Workforce Management Software 1.60.9.0.0
Oracle Primavera Unifier
Redhat Openshift Container Platform 3.11
Redhat Jboss Bpm Suite 6.4.11
Redhat Jboss Brms 6.4.10
Redhat Automation Manager 7.3.1
Redhat Decision Manager 7.3.1
1 Github repository
7.5
CVSSv2
CVE-2018-19362
FasterXML jackson-databind 2.x prior to 2.9.8 might allow malicious users to have unspecified impact by leveraging failure to block the jboss-common-core class from polymorphic deserialization.
Fasterxml Jackson-databind
Debian Debian Linux 8.0
Oracle Primavera Unifier 16.2
Oracle Primavera P6 Enterprise Project Portfolio Management 16.2
Oracle Primavera P6 Enterprise Project Portfolio Management 15.1
Oracle Primavera Unifier 16.1
Oracle Primavera P6 Enterprise Project Portfolio Management 16.1
Oracle Primavera P6 Enterprise Project Portfolio Management 15.2
Oracle Webcenter Portal 12.2.1.3.0
Oracle Business Process Management Suite 12.1.3.0.0
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Primavera P6 Enterprise Project Portfolio Management
Oracle Primavera P6 Enterprise Project Portfolio Management 18.8
Oracle Primavera Unifier 18.8
Oracle Retail Workforce Management Software 1.60.9.0.0
Oracle Primavera Unifier
Redhat Openshift Container Platform 3.11
Redhat Jboss Bpm Suite 6.4.11
Redhat Jboss Brms 6.4.10
Redhat Automation Manager 7.3.1
Redhat Decision Manager 7.3.1
1 Github repository
7.5
CVSSv2
CVE-2018-14718
FasterXML jackson-databind 2.x prior to 2.9.7 might allow remote malicious users to execute arbitrary code by leveraging failure to block the slf4j-ext class from polymorphic deserialization.
Fasterxml Jackson-databind
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Oracle Primavera Unifier 16.2
Oracle Jd Edwards Enterpriseone Tools 9.2
Oracle Primavera P6 Enterprise Project Portfolio Management 16.2
Oracle Primavera P6 Enterprise Project Portfolio Management 15.1
Oracle Banking Platform 2.5.0
Oracle Primavera Unifier 16.1
Oracle Primavera P6 Enterprise Project Portfolio Management 16.1
Oracle Jdeveloper 12.1.3.0.0
Oracle Primavera P6 Enterprise Project Portfolio Management 15.2
Oracle Retail Merchandising System 16.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Business Process Management Suite 12.1.3.0.0
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Primavera P6 Enterprise Project Portfolio Management
Oracle Primavera P6 Enterprise Project Portfolio Management 18.8
Oracle Jd Edwards Enterpriseone Orchestrator 9.2
Oracle Communications Billing And Revenue Management 7.5
Oracle Communications Billing And Revenue Management 12.0
Oracle Financial Services Analytical Applications Infrastructure 8.0.2
7.5
CVSSv2
CVE-2018-14719
FasterXML jackson-databind 2.x prior to 2.9.7 might allow remote malicious users to execute arbitrary code by leveraging failure to block the blaze-ds-opt and blaze-ds-core classes from polymorphic deserialization.
Fasterxml Jackson-databind
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Oracle Primavera Unifier 16.2
Oracle Primavera P6 Enterprise Project Portfolio Management 16.2
Oracle Primavera P6 Enterprise Project Portfolio Management 15.1
Oracle Database Server 12.1.0.2
Oracle Banking Platform 2.5.0
Oracle Primavera Unifier 16.1
Oracle Database Server 11.2.0.4
Oracle Primavera P6 Enterprise Project Portfolio Management 16.1
Oracle Jdeveloper 12.1.3.0.0
Oracle Primavera P6 Enterprise Project Portfolio Management 15.2
Oracle Retail Merchandising System 16.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Database Server 12.2.0.1
Oracle Business Process Management Suite 12.1.3.0.0
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Primavera P6 Enterprise Project Portfolio Management
Oracle Primavera P6 Enterprise Project Portfolio Management 18.8
Oracle Database Server 18c
Oracle Communications Billing And Revenue Management 7.5
7.5
CVSSv2
CVE-2018-14720
FasterXML jackson-databind 2.x prior to 2.9.7 might allow malicious users to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization.
Fasterxml Jackson-databind 2.7.0
Fasterxml Jackson-databind
Fasterxml Jackson-databind 2.8.0
Fasterxml Jackson-databind 2.9.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Oracle Primavera Unifier 16.2
Oracle Banking Platform 2.5.0
Oracle Primavera Unifier 16.1
Oracle Jdeveloper 12.1.3.0.0
Oracle Retail Merchandising System 16.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Primavera Unifier
Oracle Communications Billing And Revenue Management 7.5
Oracle Communications Billing And Revenue Management 12.0
Oracle Financial Services Analytical Applications Infrastructure 8.0.2
Oracle Financial Services Analytical Applications Infrastructure 8.0.3
Oracle Financial Services Analytical Applications Infrastructure 8.0.4
Oracle Financial Services Analytical Applications Infrastructure 8.0.5
Oracle Financial Services Analytical Applications Infrastructure 8.0.6
Oracle Financial Services Analytical Applications Infrastructure 8.0.7
Oracle Banking Platform 2.6.0
7.5
CVSSv2
CVE-2018-14721
FasterXML jackson-databind 2.x prior to 2.9.7 might allow remote malicious users to conduct server-side request forgery (SSRF) attacks by leveraging failure to block the axis2-jaxws class from polymorphic deserialization.
Fasterxml Jackson-databind 2.7.0
Fasterxml Jackson-databind
Fasterxml Jackson-databind 2.8.0
Fasterxml Jackson-databind 2.9.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Oracle Primavera Unifier 16.2
Oracle Banking Platform 2.5.0
Oracle Primavera Unifier 16.1
Oracle Jdeveloper 12.1.3.0.0
Oracle Retail Merchandising System 16.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Primavera Unifier
Oracle Communications Billing And Revenue Management 7.5
Oracle Communications Billing And Revenue Management 12.0
Oracle Financial Services Analytical Applications Infrastructure 8.0.2
Oracle Financial Services Analytical Applications Infrastructure 8.0.3
Oracle Financial Services Analytical Applications Infrastructure 8.0.4
Oracle Financial Services Analytical Applications Infrastructure 8.0.5
Oracle Financial Services Analytical Applications Infrastructure 8.0.6
Oracle Financial Services Analytical Applications Infrastructure 8.0.7
Oracle Banking Platform 2.6.0
7.5
CVSSv2
CVE-2018-17246
Kibana versions prior to 6.4.3 and 5.6.13 contain an arbitrary file inclusion flaw in the Console plugin. An attacker with access to the Kibana Console API could send a request that will attempt to execute javascript code. This could possibly lead to an attacker executing arbitra...
Elastic Kibana
Redhat Openshift Container Platform 3.11
4 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519
open redirect
CVE-2024-21683
cache poisoning
CVE-2021-47524
CVE-2021-47521
CVE-2024-5229
CVE-2021-47560
local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »