Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat vulnerabilities and exploits
(subscribe to this query)
7.7
CVSSv2
CVE-2015-3456
The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and previous versions and KVM, allows local guest users to cause a denial of service (out-of-bounds write and guest crash) or possibly execute arbitrary code via the (1) FD_CMD_READ_ID, (2) FD_CMD_DRIVE_SPECIFICATION_...
Qemu Qemu
Redhat Openstack 4.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Openstack 5.0
Redhat Openstack 7.0
Redhat Enterprise Virtualization 3.0
Redhat Enterprise Linux 5
Xen Xen 4.5.0
Redhat Openstack 6.0
1 EDB exploit
5 Github repositories
3 Articles
6.4
CVSSv2
CVE-2019-14859
A flaw was found in all python-ecdsa versions prior to 0.13.3, where it did not correctly verify whether signatures used DER encoding. Without this verification, a malformed signature could be accepted, making the signature malleable. Without proper verification, an attacker coul...
Python-ecdsa Project Python-ecdsa
Redhat Ceph Storage 3.0
Redhat Ceph Storage 2.0
Redhat Openstack 10
Redhat Openstack 14
Redhat Openstack 13
Redhat Openstack 15
Redhat Virtualization 4.0
4
CVSSv2
CVE-2012-4556
The token processing system (pki-tps) in Red Hat Certificate System (RHCS) prior to 8.1.3 allows remote malicious users to cause a denial of service (Apache httpd web server child process restart) via certain unspecified empty search fields in a user certificate search query.
Redhat Certificate System
Redhat Certificate System 7.2
Redhat Certificate System 8.0
Redhat Certificate System 7.1
Redhat Certificate System 7.3
Redhat Certificate System 8.1
4.4
CVSSv2
CVE-2017-7536
In Hibernate Validator 5.2.x prior to 5.2.5 final, 5.3.x, and 5.4.x, it was found that when the security manager's reflective permissions, which allows it to access the private members of the class, are granted to Hibernate Validator, a potential privilege escalation can occ...
Redhat Hibernate Validator
Redhat Satellite 6.4
Redhat Satellite Capsule 6.4
Redhat Jboss Enterprise Application Platform 6.0.0
Redhat Jboss Enterprise Application Platform 6.4.0
Redhat Jboss Enterprise Application Platform 7.0
Redhat Jboss Enterprise Application Platform 7.1
Redhat Virtualization 4.0
Redhat Virtualization Host 4.0
2 Github repositories
7.5
CVSSv2
CVE-2008-1767
Buffer overflow in pattern.c in libxslt prior to 1.1.24 allows context-dependent malicious users to cause a denial of service (crash) and possibly execute arbitrary code via an XSL style sheet file with a long XSLT "transformation match" condition that triggers a large ...
Redhat Enterprise Linux Desktop 4
Redhat Enterprise Linux 3.0
Redhat Enterprise Linux 2.1
Redhat Enterprise Linux 5.0
Redhat Linux Advanced Workstation 2.1
Redhat Enterprise Linux Desktop Workstation 5
Redhat Desktop 3
Redhat Enterprise Linux Desktop 5
Redhat Enterprise Linux 4.0
1 EDB exploit
9
CVSSv2
CVE-2016-6330
The server in Red Hat JBoss Operations Network (JON), when SSL authentication is not configured for JON server / agent communication, allows remote malicious users to execute arbitrary code via a crafted HTTP request, related to message deserialization. NOTE: this vulnerability e...
Redhat Jboss Operations Network 3.0
Redhat Jboss Operations Network 3.3.4
Redhat Jboss Operations Network 3.3.5
Redhat Jboss Operations Network 3.1
Redhat Jboss Operations Network 3.3.2
Redhat Jboss Operations Network 3.2.0
Redhat Jboss Operations Network 3.2.2
Redhat Jboss Operations Network 3.0.1
Redhat Jboss Operations Network 3.2.3
Redhat Jboss Operations Network 3.1.2
Redhat Jboss Operations Network 3.3.1
Redhat Jboss Operations Network 3.2.1
Redhat Jboss Operations Network 3.1.1
Redhat Jboss Operations Network 3.3.6
Redhat Jboss Operations Network 3.1.4
Redhat Jboss Operations Network 3.3.3
NA
CVE-2022-4492
The undertow client is not checking the server identity presented by the server certificate in https connections. This is a compulsory step (at least it should be performed by default) in https and in http/2. I would add it to any TLS client protocol.
Redhat Jboss Enterprise Application Platform 7.0.0
Redhat Single Sign-on 7.0
Redhat Jboss Fuse 7.0.0
Redhat Build Of Quarkus -
Redhat Integration Service Registry -
Redhat Integration Camel K -
Redhat Undertow 2.7.0
Redhat Integration Camel For Spring Boot -
Redhat Migration Toolkit For Applications 6.0
Redhat Migration Toolkit For Runtimes -
2.1
CVSSv2
CVE-2021-3620
A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is to confidentiality.
Redhat Virtualization Host 4.0
Redhat Virtualization 4.0
Redhat Enterprise Linux 8.0
Redhat Openstack 16.1
Redhat Enterprise Linux For Power Little Endian 8.0
Redhat Virtualization For Ibm Power Little Endian 4.0
Redhat Openstack 1
Redhat Ansible Automation Platform Early Access 2.0
Redhat Ansible Engine
Redhat Virtualization Manager 4.4
6.8
CVSSv2
CVE-2012-4540
Off-by-one error in the invoke function in IcedTeaScriptablePluginObject.cc in IcedTea-Web 1.1.x prior to 1.1.7, 1.2.x prior to 1.2.2, 1.3.x prior to 1.3.1, and 1.4.x prior to 1.4.1 allows remote malicious users to obtain sensitive information, cause a denial of service (crash), ...
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Redhat Icedtea-web 1.2.1
Redhat Icedtea-web 1.1.4
Redhat Icedtea-web 1.1.1
Redhat Icedtea-web 1.1.2
Redhat Icedtea-web 1.2
Redhat Icedtea-web 1.1.6
Redhat Icedtea-web 1.3
Redhat Icedtea-web 1.1
Redhat Icedtea-web 1.1.5
Redhat Icedtea-web 1.1.3
5
CVSSv2
CVE-2013-0199
The default LDAP ACIs in FreeIPA 3.0 prior to 3.1.2 do not restrict access to the (1) ipaNTTrustAuthIncoming and (2) ipaNTTrustAuthOutgoing attributes, which allow remote malicious users to obtain the Cross-Realm Kerberos Trust key via unspecified vectors.
Redhat Freeipa 3.0.2
Redhat Freeipa 3.1.1
Redhat Freeipa 3.0.1
Redhat Freeipa 3.0.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2018-25103
CVE-2024-36279
CVE-2024-38457
elevation of privilege
CVE-2024-27801
CVE-2024-30103
NULL pointer dereference
CVE-2024-6057
XML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
7
8
9
10
NEXT »