Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat linux 4.1 vulnerabilities and exploits
(subscribe to this query)
4.4
CVSSv2
CVE-2019-19921
runc up to and including 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom image...
Linuxfoundation Runc 1.0.0
Linuxfoundation Runc
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.1
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Redhat Openshift Container Platform 4.1
Redhat Openshift Container Platform 4.2
4.3
CVSSv2
CVE-2019-10214
The containers/image library used by the container tools Podman, Buildah, and Skopeo in Red Hat Enterprise Linux version 8 and CRI-O in OpenShift Container Platform, does not enforce TLS connections to the container registry authorization service. An attacker could use this vulne...
Buildah Project Buildah -
Libpod Project Libpod -
Redhat Openshift Container Platform 4.1
Skopeo Project Skopeo -
Redhat Enterprise Linux 8.0
Opensuse Leap 15.1
4.9
CVSSv2
CVE-2018-12207
Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access.
Intel Core I3-10110u Firmware -
Intel Core I3-10110y Firmware -
Intel Core I3-1005g1 Firmware -
Intel Core I3-9300t Firmware -
Intel Core I3-9300 Firmware -
Intel Core I3-9100 Firmware -
Intel Core I3-9100t Firmware -
Intel Core I3-9350k Firmware -
Intel Core I3-9320 Firmware -
Intel Core I3-8145u Firmware -
Intel Core I3-8300 Firmware -
Intel Core I3-8100t Firmware -
Intel Core I3-8300t Firmware -
Intel Core I3-8109u Firmware -
Intel Core I3-8130u Firmware -
Intel Core I3-8100 Firmware -
Intel Core I3-8350k Firmware -
Intel Core I3-7100 Firmware -
Intel Core I3-7350k Firmware -
Intel Core I3-7300t Firmware -
Intel Core I3-7167u Firmware -
Intel Core I3-7300 Firmware -
3 Github repositories
2 Articles
9
CVSSv2
CVE-2019-14287
In Sudo prior to 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER=...
Sudo Project Sudo
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.0
Opensuse Leap 15.1
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 14.04
Netapp Element Software Management Node -
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux Server Aus 7.2
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server Tus 7.2
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Aus 6.6
60 Github repositories
1 Article
5
CVSSv2
CVE-2019-16884
runc up to and including 1.0.0-rc8, as used in Docker up to and including 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfs_linux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc directory.
Linuxfoundation Runc
Linuxfoundation Runc 1.0.0
Docker Docker
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Opensuse Leap 15.0
Opensuse Leap 15.1
Redhat Enterprise Linux 8.0
Redhat Openshift Container Platform 4.1
Redhat Openshift Container Platform 4.2
Redhat Enterprise Linux Eus 8.1
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux Server Aus 8.4
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
1 Github repository
7.5
CVSSv2
CVE-2019-14813
A flaw was found in ghostscript, versions 9.x prior to 9.50, in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then h...
Artifex Ghostscript
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux Server 7.0
Redhat Openshift Container Platform 3.11
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Server Eus 7.7
Redhat Enterprise Linux Server Aus 7.7
Redhat Enterprise Linux Server Tus 7.7
Redhat Openshift Container Platform 4.1
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Opensuse Leap 15.0
Opensuse Leap 15.1
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
1 Github repository
3.6
CVSSv2
CVE-2019-15718
In systemd 240, bus_open_system_watch_bind_with_description in shared/bus-util.c (as used by systemd-resolved to connect to the system D-Bus instance), calls sd_bus_set_trusted, which disables access controls for incoming D-Bus messages. An unprivileged user can exploit this by e...
Systemd Project Systemd 240
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Redhat Enterprise Linux 8.0
Redhat Openshift Container Platform 4.1
Redhat Enterprise Linux Eus 8.1
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux Server Update Services For Sap Solutions 8.2
Redhat Enterprise Linux Server Update Services For Sap Solutions 8.4
Redhat Enterprise Linux Server Update Services For Sap Solutions 8.1
Redhat Enterprise Linux For Power Little Endian Eus 8.2
Redhat Enterprise Linux For Ibm Z Systems Eus 8.2
Redhat Enterprise Linux For Ibm Z Systems Eus 8.1
Redhat Enterprise Linux For Power Little Endian Eus 8.1
Redhat Enterprise Linux For Power Little Endian 8.0
Redhat Enterprise Linux For Ibm Z Systems Eus 8.4
6.8
CVSSv2
CVE-2019-14811
A flaw was found in, ghostscript versions before 9.50, in the .pdf_hook_DSC_Creator procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then h...
Artifex Ghostscript
Redhat Openshift Container Platform 3.11
Redhat Openshift Container Platform 4.1
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Opensuse Leap 15.0
Opensuse Leap 15.1
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
1 Github repository
6.8
CVSSv2
CVE-2019-14817
A flaw was found in, ghostscript versions before 9.50, in the .pdfexectoken and other procedures where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and the...
Artifex Ghostscript
Redhat Openshift Container Platform 3.11
Redhat Openshift Container Platform 4.1
Opensuse Leap 15.0
Opensuse Leap 15.1
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
7.8
CVSSv2
CVE-2019-9514
Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer...
Apple Swiftnio
Apache Traffic Server
Debian Debian Linux 10.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Debian Debian Linux 9.0
Synology Skynas -
Synology Diskstation Manager 6.2
Synology Vs960hd Firmware -
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 15.0
Opensuse Leap 15.1
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Software Collections 1.0
Redhat Openshift Container Platform 3.9
Redhat Openshift Container Platform 3.11
Redhat Openshift Container Platform 3.10
Redhat Jboss Core Services 1.0
Redhat Enterprise Linux 8.0
1 Article
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »