Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat fedora - vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2021-3575
A heap-based buffer overflow was found in openjpeg in color.c:379:42 in sycc420_to_rgb when decompressing a crafted .j2k file. An attacker could use this to execute arbitrary code with the permissions of the application compiled against openjpeg.
Uclouvain Openjpeg
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 8.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
2.1
CVSSv2
CVE-2020-12458
An information-disclosure flaw was found in Grafana up to and including 6.7.3. The database directory /var/lib/grafana and database file /var/lib/grafana/grafana.db are world readable. This can result in exposure of sensitive information (e.g., cleartext or encrypted datasource p...
Grafana Grafana
Redhat Ceph Storage 3.0
Redhat Enterprise Linux 8.0
Redhat Ceph Storage 4.0
Fedoraproject Fedora 31
Fedoraproject Fedora 32
NA
CVE-2023-5981
A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding.
Gnu Gnutls 1.5.0
Redhat Linux 8.0
Redhat Linux 9.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
4
CVSSv2
CVE-2022-0996
A vulnerability was found in the 389 Directory Server that allows expired passwords to access the database to cause improper authentication.
Redhat 389 Directory Server 1.4.0.0
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Redhat Enterprise Linux 8.0
1 Github repository
4.9
CVSSv2
CVE-2021-20208
A flaw was found in cifs-utils in versions prior to 6.13. A user when mounting a krb5 CIFS file system from within a container can use Kerberos credentials of the host. The highest threat from this vulnerability is to data confidentiality and integrity.
Samba Cifs-utils
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
4.9
CVSSv2
CVE-2022-27651
A flaw was found in buildah where containers were incorrectly started with non-empty default permissions. A bug was found in Moby (Docker Engine) where containers were incorrectly started with non-empty inheritable Linux process capabilities, enabling an attacker with access to p...
Buildah Project Buildah
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
7.5
CVSSv2
CVE-2014-8089
SQL injection vulnerability in Zend Framework prior to 1.12.9, 2.2.x prior to 2.2.8, and 2.3.x prior to 2.3.3, when using the sqlsrv PHP extension, allows remote malicious users to execute arbitrary SQL commands via a null byte.
Zend Zend Framework
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 7.0
Fedoraproject Fedora 19
Fedoraproject Fedora 20
Fedoraproject Fedora 21
NA
CVE-2022-3560
A flaw was found in pesign. The pesign package provides a systemd service used to start the pesign daemon. This service unit runs a script to set ACLs for /etc/pki/pesign and /run/pesign directories to grant access privileges to users in the 'pesign' group. However, the...
Pesign Project Pesign
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
NA
CVE-2021-3997
A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial of service at boot time when too many nested directories are created in /tmp.
Systemd Project Systemd
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
NA
CVE-2023-40548
A buffer overflow was found in Shim in the 32-bit system. The overflow happens due to an addition operation involving a user-controlled value parsed from the PE binary being used by Shim. This value is further used for memory allocation operations, leading to a heap-based buffer ...
Redhat Shim
Redhat Shim 15.8
Fedoraproject Fedora 39
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »