Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat enterprise linux 3.0 vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2013-1943
The KVM subsystem in the Linux kernel prior to 3.0 does not check whether kernel addresses are specified during allocation of memory slots for use in a guest's physical address space, which allows local users to gain privileges or obtain sensitive information from kernel mem...
Linux Linux Kernel
Redhat Enterprise Linux 5.0
Redhat Enterprise Linux Eus 6.3
Redhat Enterprise Linux Eus 6.2
Canonical Ubuntu Linux 10.04
7.5
CVSSv3
CVE-2023-44487
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Ietf Http 2.0
Nghttp2 Nghttp2
Netty Netty
Envoyproxy Envoy 1.27.0
Envoyproxy Envoy 1.26.4
Envoyproxy Envoy 1.25.9
Envoyproxy Envoy 1.24.10
Eclipse Jetty
Caddyserver Caddy
Golang Http2
Golang Go
Golang Networking
F5 Big-ip Analytics
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Local Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Global Traffic Manager
F5 Big-ip Fraud Protection Service
F5 Big-ip Domain Name System
F5 Big-ip Application Security Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Advanced Firewall Manager
34 Github repositories
2 Articles
7.5
CVSSv3
CVE-2022-1708
A vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyone with access to the Kube API. The ExecSync request runs commands in a container and logs the output of the command. This output is then read by CRI-O after command execution, and ...
Kubernetes Cri-o
Kubernetes Cri-o 1.24.0
Fedoraproject Fedora 36
Redhat Enterprise Linux 7.0
Redhat Openshift Container Platform 3.11
Redhat Enterprise Linux 8.0
Redhat Openshift Container Platform 4.0
Redhat Enterprise Linux 9.0
Redhat Openshift Container Platform 4.10
Redhat Openshift Container Platform 4.9
7.5
CVSSv3
CVE-2022-27649
A flaw was found in Podman, where containers were started incorrectly with non-empty default permissions. A vulnerability was found in Moby (Docker Engine), where containers were started incorrectly with non-empty inheritable Linux process capabilities. This flaw allows an attack...
Podman Project Podman
Redhat Enterprise Linux 8.0
Redhat Developer Tools 1.0
Redhat Openshift Container Platform 4.0
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux Server Update Services For Sap Solutions 8.4
Redhat Enterprise Linux For Power Little Endian 8.0
Redhat Enterprise Linux For Ibm Z Systems Eus 8.4
Redhat Enterprise Linux For Ibm Z Systems 8.0
Redhat Enterprise Linux For Power Little Endian Eus 8.4
Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 8.4
Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 8.6
Redhat Enterprise Linux Server Update Services For Sap Solutions 8.6
Redhat Enterprise Linux For Ibm Z Systems 8.6
Redhat Enterprise Linux For Ibm Z Systems Eus 8.6
Redhat Enterprise Linux Server Aus 8.6
Redhat Enterprise Linux Server Tus 8.6
Redhat Enterprise Linux Eus 8.6
Redhat Enterprise Linux 8.6
Fedoraproject Fedora 34
7.5
CVSSv3
CVE-2022-27650
A flaw was found in crun where containers were incorrectly started with non-empty default permissions. A vulnerability was found in Moby (Docker Engine) where containers were started incorrectly with non-empty inheritable Linux process capabilities. This flaw allows an attacker w...
Crun Project Crun
Fedoraproject Fedora 34
Redhat Enterprise Linux 8.0
Redhat Openshift Container Platform 4.0
7.5
CVSSv3
CVE-2021-41819
CGI::Cookie.parse in Ruby up to and including 2.6.8 mishandles security prefixes in cookie names. This also affects the CGI gem up to and including 0.3.0 for Ruby.
Ruby-lang Ruby
Ruby-lang Cgi 0.3.0
Ruby-lang Cgi 0.2.0
Ruby-lang Cgi 0.1.0
Redhat Enterprise Linux 8.0
Redhat Software Collections -
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Suse Linux Enterprise 12.0
Suse Linux Enterprise 15.0
Suse Linux Enterprise 11.0
Opensuse Factory -
Opensuse Leap 15.2
Fedoraproject Fedora 34
Fedoraproject Fedora 35
7.5
CVSSv3
CVE-2021-41817
Date.parse in the date gem up to and including 3.2.0 for Ruby allows ReDoS (regular expression Denial of Service) via a long string. The fixed versions are 3.2.1, 3.1.2, 3.0.2, and 2.0.1.
Ruby-lang Date
Ruby-lang Date 3.2.0
Ruby-lang Ruby
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Redhat Software Collections -
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Suse Linux Enterprise 12.0
Suse Linux Enterprise 15.0
Opensuse Factory -
Opensuse Leap 15.2
7.5
CVSSv3
CVE-2021-4104
JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. The attacker can provide TopicBindingName and TopicConnectionFactoryBindingName configurations causing JMSAppender to perform JNDI requests t...
Apache Log4j 1.2
Fedoraproject Fedora 35
Redhat Jboss Operations Network 3.0
Redhat Jboss A-mq 6.0.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Jboss Enterprise Application Platform 6.0.0
Redhat Jboss Enterprise Application Platform 7.0
Redhat Jboss Fuse 6.0.0
Redhat Jboss Fuse Service Works 6.0
Redhat Jboss Web Server 3.0
Redhat Jboss Data Virtualization 6.0.0
Redhat Enterprise Linux 8.0
Redhat Single Sign-on 7.0
Redhat Software Collections -
Redhat Jboss Fuse 7.0.0
Redhat Process Automation 7.0
Redhat Jboss Data Grid 7.0.0
Redhat Openshift Application Runtimes -
Redhat Codeready Studio 12.0
Redhat Integration Camel K -
Redhat Openshift Container Platform 4.6
20 Github repositories
7.5
CVSSv3
CVE-2020-0602
A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka 'ASP.NET Core Denial of Service Vulnerability'.
Microsoft Asp.net Core 2.1
Microsoft Asp.net Core 3.0
Microsoft Asp.net Core 3.1
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Eus 8.1
1 Article
7.5
CVSSv3
CVE-2019-0820
A denial of service vulnerability exists when .NET Framework and .NET Core improperly process RegEx strings, aka '.NET Framework and .NET Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0980, CVE-2019-0981.
Microsoft .net Core 1.0
Microsoft .net Core 1.1
Microsoft .net Core 2.1
Microsoft .net Core 2.2
Microsoft .net Framework 2.0
Microsoft .net Framework 3.0
Microsoft .net Framework 3.5
Microsoft .net Framework 3.5.1
Microsoft .net Framework 4.5.2
Microsoft .net Framework 4.6
Microsoft .net Framework 4.6.2
Microsoft .net Framework 4.7
Microsoft .net Framework 4.7.1
Microsoft .net Framework 4.7.2
Microsoft .net Framework 4.6.1
Microsoft .net Framework 4.8
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Eus 8.1
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Tus 8.4
4 Github repositories
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
CVE-2024-34558
CVE-2024-32674
CVE-2024-34351
XPath injection
CVE-2023-45866
CVE-2024-25528
CVE-2024-25517
path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »