Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openshift container platform vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2017-12652
libpng prior to 1.6.32 does not properly check the length of chunks against the user limit.
Libpng Libpng
Netapp Active Iq Unified Manager -
668
VMScore
CVE-2018-11307
An issue exists in FasterXML jackson-databind 2.0.0 up to and including 2.9.5. Use of Jackson default typing along with a gadget class from iBatis allows exfiltration of content. Fixed in 2.7.9.4, 2.8.11.2, and 2.9.6.
Fasterxml Jackson-databind
Redhat Openshift Container Platform 3.11
Redhat Openshift Container Platform 4.1
Oracle Retail Customer Management And Segmentation Foundation 17.0
Oracle Clusterware 12.1.0.2.0
Oracle Global Lifecycle Management Opatch
Oracle Utilities Advanced Spatial And Operational Analytics 2.7.0.1
Oracle Communications Instant Messaging Server 10.0.1.2.0
668
VMScore
CVE-2019-8457
SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables.
Sqlite Sqlite
Canonical Ubuntu Linux 16.04
Opensuse Leap 42.3
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 19.04
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Canonical Ubuntu Linux 14.04
3 Github repositories
668
VMScore
CVE-2019-12450
file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 up to and including 2.61.1 does not properly restrict file permissions while a copy operation is in progress. Instead, default permissions are used.
Gnome Glib
Debian Debian Linux 8.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Eus 8.1
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux Server Aus 8.6
Redhat Enterprise Linux Server Tus 8.6
Redhat Enterprise Linux Eus 8.6
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Opensuse Leap 15.0
Fedoraproject Fedora 30
668
VMScore
CVE-2019-5953
Buffer overflow in GNU Wget 1.20.1 and previous versions allows remote malicious users to cause a denial-of-service (DoS) or may execute an arbitrary code via unspecified vectors.
Gnu Wget
668
VMScore
CVE-2019-3899
It was found that default configuration of Heketi does not require any authentication potentially exposing the management interface to misuse. This isue only affects heketi as shipped with Openshift Container Platform 3.11.
Redhat Openshift Container Platform 3.11
Heketi Project Heketi -
668
VMScore
CVE-2019-11068
libxslt up to and including 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL that is not actually invalid and is subsequently loaded.
Xmlsoft Libxslt
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Debian Debian Linux 8.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Oracle Jdk 8.0
Netapp Cloud Backup -
Netapp Element Software -
Netapp Steelstore Cloud Integrated Storage -
Netapp Snapmanager -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp E-series Santricity Web Services Proxy -
Netapp E-series Santricity Storage Manager -
Netapp E-series Santricity Unified Manager -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Active Iq Unified Manager -
1 Github repository
668
VMScore
CVE-2019-1003040
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.55 and previous versions allows malicious users to invoke arbitrary constructors in sandboxed scripts.
Jenkins Script Security
Redhat Openshift Container Platform 3.11
668
VMScore
CVE-2019-1003041
A sandbox bypass vulnerability in Jenkins Pipeline: Groovy Plugin 2.64 and previous versions allows malicious users to invoke arbitrary constructors in sandboxed scripts.
Jenkins Pipeline\\ Groovy
Redhat Openshift Container Platform 3.11
668
VMScore
CVE-2019-9169
In the GNU C Library (aka glibc or libc6) up to and including 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.
Gnu Glibc
Netapp Steelstore Cloud Integrated Storage -
Netapp Ontap Select Deploy Administration Utility -
Netapp Cloud Backup
Mcafee Web Gateway
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 16.04
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »