Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat openshift container platform 4.1 vulnerabilities and exploits
(subscribe to this query)
8.2
CVSSv3
CVE-2020-10712
A flaw was found in OpenShift Container Platform version 4.1 and later. Sensitive information was found to be logged by the image registry operator allowing an attacker able to gain access to those logs, to read and write to the storage backing the internal image registry. The hi...
Redhat Openshift Container Platform
7.8
CVSSv3
CVE-2023-4911
A buffer overflow exists in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local malicious user to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID perm...
Gnu Glibc
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Redhat Virtualization Host 4.0
Redhat Virtualization 4.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Server Aus 8.6
Redhat Enterprise Linux Server Tus 8.6
Redhat Enterprise Linux Eus 8.6
Redhat Codeready Linux Builder For Power Little Endian Eus 8.6
Redhat Codeready Linux Builder Eus 8.6
Redhat Enterprise Linux 9.0
Redhat Codeready Linux Builder For Ibm Z Systems Eus 8.6
Redhat Codeready Linux Builder For Arm64 Eus 8.6
Redhat Enterprise Linux For Arm 64 Eus 8.6 Aarch64
Redhat Enterprise Linux For Ibm Z Systems Eus S390x 8.6
Redhat Enterprise Linux For Power Big Endian Eus 8.6 Ppc64le
25 Github repositories
1 Article
7.8
CVSSv3
CVE-2023-3899
A vulnerability was found in subscription-manager that allows local privilege escalation due to inadequate authorization. The D-Bus interface com.redhat.RHSM1 exposes a significant number of methods to all users that could change the state of the registration. By using the com.re...
Redhat Subscription-manager
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux For Scientific Computing 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux For Power Little Endian 7.0
Redhat Enterprise Linux For Power Big Endian 7.0
Redhat Enterprise Linux For Ibm Z Systems 7.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux For Power Little Endian 8.0
Redhat Enterprise Linux For Ibm Z Systems 8.0
Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 8.1
Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 8.2
Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 8.4
Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 8.6
Redhat Enterprise Linux For Ibm Z Systems Eus 8.6
7.8
CVSSv3
CVE-2021-4034
A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle ...
Polkit Project Polkit
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux For Scientific Computing 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux For Power Little Endian 7.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux For Power Big Endian 7.0
Redhat Enterprise Linux For Ibm Z Systems 7.0
Redhat Enterprise Linux Server Aus 7.3
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Server Aus 7.7
Redhat Enterprise Linux Server Tus 7.7
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux Server Update Services For Sap Solutions 8.2
282 Github repositories
1 Article
7.8
CVSSv3
CVE-2019-14811
A flaw was found in, ghostscript versions before 9.50, in the .pdf_hook_DSC_Creator procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then h...
Artifex Ghostscript
Redhat Openshift Container Platform 3.11
Redhat Openshift Container Platform 4.1
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Opensuse Leap 15.0
Opensuse Leap 15.1
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
1 Github repository
7.8
CVSSv3
CVE-2019-14817
A flaw was found in, ghostscript versions before 9.50, in the .pdfexectoken and other procedures where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and the...
Artifex Ghostscript
Redhat Openshift Container Platform 3.11
Redhat Openshift Container Platform 4.1
Opensuse Leap 15.0
Opensuse Leap 15.1
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
7.5
CVSSv3
CVE-2023-44487
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Ietf Http 2.0
Nghttp2 Nghttp2
Netty Netty
Envoyproxy Envoy 1.27.0
Envoyproxy Envoy 1.26.4
Envoyproxy Envoy 1.25.9
Envoyproxy Envoy 1.24.10
Eclipse Jetty
Caddyserver Caddy
Golang Http2
Golang Go
Golang Networking
F5 Big-ip Analytics
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Local Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Global Traffic Manager
F5 Big-ip Fraud Protection Service
F5 Big-ip Domain Name System
F5 Big-ip Application Security Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Advanced Firewall Manager
35 Github repositories
2 Articles
7.5
CVSSv3
CVE-2022-27191
The golang.org/x/crypto/ssh package prior to 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an malicious user to crash a server in certain circumstances involving AddHostKey.
Golang Ssh
Fedoraproject Fedora 34
Fedoraproject Extra Packages For Enterprise Linux 8.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Redhat Advanced Cluster Management For Kubernetes 2.0
1 Github repository
7.5
CVSSv3
CVE-2020-8945
The proglottis Go wrapper prior to 0.1.1 for the GPGME library has a use-after-free, as demonstrated by use for container image pulls by Docker or CRI-O. This leads to a crash or potential code execution during GPG signature verification.
Gpgme Project Gpgme
Redhat Openshift Container Platform 3.11
Redhat Openshift Container Platform 4.1
Redhat Openshift Container Platform 4.2
Redhat Openshift Container Platform 4.3
Redhat Openshift Container Platform 4.4
Redhat Openshift Container Platform 4.5
Redhat Openshift Container Platform For Ibm Z 4.1
Redhat Openshift Container Platform For Ibm Z 4.2
Redhat Openshift Container Platform For Linuxone 4.1
Redhat Openshift Container Platform For Linuxone 4.2
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux For Power Little Endian 7.0
Redhat Enterprise Linux For Ibm Z Systems 7.0
7.5
CVSSv3
CVE-2019-16884
runc up to and including 1.0.0-rc8, as used in Docker up to and including 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfs_linux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc directory.
Linuxfoundation Runc
Linuxfoundation Runc 1.0.0
Docker Docker
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Opensuse Leap 15.0
Opensuse Leap 15.1
Redhat Enterprise Linux 8.0
Redhat Openshift Container Platform 4.1
Redhat Openshift Container Platform 4.2
Redhat Enterprise Linux Eus 8.1
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux Server Aus 8.4
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »