Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat openstack 8 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2017-7539
An assertion-failure flaw was found in Qemu prior to 2.10.1, in the Network Block Device (NBD) server's initial connection negotiation, where the I/O coroutine was undefined. This could crash the qemu-nbd server if a client sent unexpected data during connection negotiation....
Qemu Qemu
Redhat Openstack 7.0
Redhat Openstack 6.0
Redhat Virtualization 4.0
Redhat Openstack 10
Redhat Openstack 9
Redhat Openstack 8
Redhat Openstack 11
Redhat Virtualization 3.0
6.5
CVSSv3
CVE-2020-10756
An out-of-bounds read vulnerability was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in the icmp6_send_echoreply() routine while replying to an ICMP echo request, also known as ping. This flaw allows a malicious guest to leak the contents of...
Libslirp Project Libslirp
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Redhat Openstack 13
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.0
Opensuse Leap 15.1
6.5
CVSSv3
CVE-2019-14900
A flaw was found in Hibernate ORM in versions prior to 5.3.18, 5.4.18 and 5.5.0.Beta1. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an malic...
Hibernate Hibernate Orm
Redhat Decision Manager 7.0
Redhat Openstack 10
Redhat Single Sign-on -
Redhat Jboss Data Grid 7.0.0
Redhat Jboss Middleware Text-only Advisories -
Redhat Openstack 14
Redhat Openstack 13
Redhat Jboss Enterprise Application Platform -
Redhat Build Of Quarkus -
Redhat Fuse
Quarkus Quarkus
Redhat Jboss Enterprise Application Platform 7.3
Redhat Jboss Enterprise Application Platform 7.4
Redhat Jboss Enterprise Application Platform 7.2
1 Github repository
6.5
CVSSv3
CVE-2016-9921
Quick emulator (Qemu) built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to a divide by zero issue. It could occur while copying VGA data when cirrus graphics mode was set to be VGA. A privileged user inside guest could use this flaw to crash the Qemu process inst...
Qemu Qemu
Qemu Qemu 2.8.0
Debian Debian Linux 8.0
Redhat Openstack 7.0
Redhat Openstack 6.0
Redhat Openstack 10
Redhat Openstack 9
Redhat Openstack 8
Redhat Openstack 11
Redhat Virtualization 4.0
6.1
CVSSv3
CVE-2016-7103
Cross-site scripting (XSS) vulnerability in jQuery UI prior to 1.12.0 might allow remote malicious users to inject arbitrary web script or HTML via the closeText parameter of the dialog function.
Jqueryui Jquery Ui
Oracle Weblogic Server 12.1.3.0.0
Oracle Weblogic Server 10.3.6.0.0
Oracle Weblogic Server 12.2.1.3.0
Oracle Business Intelligence 12.2.1.3.0
Oracle Business Intelligence 12.2.1.4.0
Oracle Hospitality Cruise Fleet Management 9.0.11
Oracle Application Express
Oracle Primavera Unifier
Oracle Siebel Ui Framework
Oracle Oss Support Tools
Oracle Oss Support Tools 2.12.42
Fedoraproject Fedora 30
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Netapp Snapcenter -
Redhat Openstack 7.0
Redhat Openstack 9
Redhat Openstack 8
Juniper Junos 21.2
Debian Debian Linux 9.0
6
CVSSv3
CVE-2020-1711
An out-of-bounds heap buffer access flaw was found in the way the iSCSI Block driver in QEMU versions 2.12.0 prior to 4.2.1 handled a response coming from an iSCSI server while checking the status of a Logical Address Block (LBA) in an iscsi_co_block_status() routine. A remote us...
Qemu Qemu
Redhat Enterprise Linux 7.0
Redhat Openstack 10
Redhat Enterprise Linux 8.0
Redhat Openstack 13
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Opensuse Leap 15.1
6
CVSSv3
CVE-2016-7466
Memory leak in the usb_xhci_exit function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator), when the xhci uses msix, allows local guest OS administrators to cause a denial of service (memory consumption and possibly QEMU process crash) by repeatedly unplugging a USB device.
Qemu Qemu
Opensuse Leap 42.2
Redhat Openstack 7.0
Redhat Openstack 6.0
Redhat Openstack 10
Redhat Openstack 9
Redhat Openstack 8
Redhat Openstack 11
Redhat Virtualization 4.0
6
CVSSv3
CVE-2016-8669
The serial_update_parameters function in hw/char/serial.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (divide-by-zero error and QEMU process crash) via vectors involving a value of divider greater than baud base.
Qemu Qemu
Opensuse Leap 42.2
Redhat Openstack 7.0
Redhat Openstack 6.0
Redhat Openstack 10
Redhat Openstack 9
Redhat Openstack 8
Redhat Openstack 11
Redhat Virtualization 4.0
Debian Debian Linux 8.0
5.9
CVSSv3
CVE-2020-1758
A flaw was found in Keycloak in versions prior to 10.0.0, where it does not perform the TLS hostname verification while sending emails using the SMTP server. This flaw allows an malicious user to perform a man-in-the-middle (MITM) attack.
Redhat Keycloak
Redhat Openstack 10
5.5
CVSSv3
CVE-2018-18438
Qemu has integer overflows because IOReadHandler and its associated functions use a signed integer data type for a size value.
Qemu Qemu -
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 7.0
Redhat Openstack 9
Redhat Openstack 10
Redhat Openstack 12
Redhat Openstack 13
Redhat Openstack 8
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5274
CVE-2024-35388
CVE-2024-35396
elevation of privilege
CVE-2021-47544
file upload
CVE-2021-47545
memory leak
CVE-2024-4956
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »