Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat virtualization 4.0 vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2018-5848
In the function wmi_set_ie(), the length validation code does not handle unsigned integer overflow properly. As a result, a large value of the 'ie_len' argument can cause a buffer overflow in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Androi...
Google Android -
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Virtualization Host 4.0
Debian Debian Linux 8.0
7.8
CVSSv3
CVE-2018-10675
The do_get_mempolicy function in mm/mempolicy.c in the Linux kernel prior to 4.12.9 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted system calls.
Linux Linux Kernel
Redhat Enterprise Linux Server Aus 7.2
Redhat Enterprise Linux Server Tus 7.2
Redhat Enterprise Linux Server Aus 6.6
Redhat Enterprise Linux Server Aus 6.5
Redhat Enterprise Linux Server Aus 6.4
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Server Tus 7.3
Redhat Enterprise Linux Server Aus 7.3
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Eus 7.3
Redhat Enterprise Linux Server Eus 7.4
Redhat Virtualization Host 4.0
Redhat Enterprise Linux Server Tus 7.4
Redhat Enterprise Linux Server Eus 7.5
Redhat Enterprise Linux Server Eus 6.7
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Server Eus 7.6
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux Server Tus 6.6
7.5
CVSSv3
CVE-2023-44487
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Ietf Http 2.0
Nghttp2 Nghttp2
Netty Netty
Envoyproxy Envoy 1.27.0
Envoyproxy Envoy 1.26.4
Envoyproxy Envoy 1.25.9
Envoyproxy Envoy 1.24.10
Eclipse Jetty
Caddyserver Caddy
Golang Http2
Golang Go
Golang Networking
F5 Big-ip Analytics
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Local Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Global Traffic Manager
F5 Big-ip Fraud Protection Service
F5 Big-ip Domain Name System
F5 Big-ip Application Security Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Advanced Firewall Manager
34 Github repositories
2 Articles
7.5
CVSSv3
CVE-2022-27191
The golang.org/x/crypto/ssh package prior to 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an malicious user to crash a server in certain circumstances involving AddHostKey.
Golang Ssh
Fedoraproject Fedora 34
Fedoraproject Extra Packages For Enterprise Linux 8.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Redhat Advanced Cluster Management For Kubernetes 2.0
1 Github repository
7.5
CVSSv3
CVE-2020-27827
A flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets can cause memory to be lost when allocating data to handle specific optional TLVs, potentially causing a denial of service. The highest threat from this vulnerability is to system availability.
Lldpd Project Lldpd
Openvswitch Openvswitch
Redhat Enterprise Linux 7.0
Redhat Virtualization 4.0
Redhat Openstack 10
Redhat Enterprise Linux 8.0
Redhat Openshift Container Platform 4.0
Redhat Openstack 13
Fedoraproject Fedora 33
Siemens Simatic Hmi Unified Comfort Panels Firmware
Siemens Simatic Net Cp 1243-1 Firmware -
Siemens Simatic Net Cp 1243-8 Irc Firmware -
Siemens Simatic Net Cp 1542sp-1 Firmware -
Siemens Simatic Net Cp 1542sp-1 Irc Firmware -
Siemens Simatic Net Cp 1543-1 Firmware -
Siemens Simatic Net Cp 1543sp-1 Firmware -
Siemens Simatic Net Cp 1545-1 Firmware -
Siemens Tim 1531 Irc Firmware
Siemens Sinumerik One Firmware
7.5
CVSSv3
CVE-2019-11479
Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. A remote attacker could use this to cause a denial of service. This has been fixe...
Linux Linux Kernel
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Access Policy Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Link Controller
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Webaccelerator
F5 Big-ip Application Security Manager
F5 Big-ip Local Traffic Manager
F5 Big-ip Fraud Protection Service
F5 Big-ip Global Traffic Manager
F5 Big-ip Analytics
F5 Big-ip Edge Gateway
F5 Big-ip Domain Name System
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 14.04
Redhat Enterprise Linux 7.0
F5 Enterprise Manager 3.1.1
F5 Traffix Signaling Delivery Controller
4 Github repositories
1 Article
7.5
CVSSv3
CVE-2019-3804
It was found that cockpit before version 184 used glib's base64 decode functionality incorrectly resulting in a denial of service attack. An unauthenticated attacker could send a specially crafted request with an invalid base64-encoded cookie which could cause the web servic...
Cockpit-project Cockpit
Fedoraproject Fedora -
Redhat Virtualization 4.0
7.5
CVSSv3
CVE-2018-16881
A denial of service vulnerability was found in rsyslog in the imptcp module. An attacker could send a specially crafted message to the imptcp socket, which would cause rsyslog to crash. Versions prior to 8.27.0 are vulnerable.
Rsyslog Rsyslog
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux For Scientific Computing 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux For Power Little Endian 7.0
Redhat Enterprise Linux For Power Big Endian 7.0
Redhat Enterprise Linux For Ibm Z Systems 7.0
Redhat Virtualization Manager 4.3
Redhat Virtualization Host 4.0
Redhat Virtualization 4.0
Debian Debian Linux 9.0
7.5
CVSSv3
CVE-2018-17958
Qemu has a Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c because an incorrect integer data type is used.
Qemu Qemu
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Redhat Virtualization 4.0
Redhat Virtualization Manager 4.3
7.5
CVSSv3
CVE-2017-7539
An assertion-failure flaw was found in Qemu prior to 2.10.1, in the Network Block Device (NBD) server's initial connection negotiation, where the I/O coroutine was undefined. This could crash the qemu-nbd server if a client sent unexpected data during connection negotiation....
Qemu Qemu
Redhat Openstack 7.0
Redhat Openstack 6.0
Redhat Virtualization 4.0
Redhat Openstack 10
Redhat Openstack 9
Redhat Openstack 8
Redhat Openstack 11
Redhat Virtualization 3.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »