Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat enterprise linux server 7 vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2010-1871
JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, does not properly sanitize inputs for JBoss Expression Language (EL) expressions, which allows remote malicious users to execute arbitrary code via a crafted URL. NOTE: this is o...
Redhat Jboss Enterprise Application Platform 4.3.0
1 EDB exploit
3 Github repositories
6.4
CVSSv2
CVE-2019-20444
HttpObjectDecoder.java in Netty prior to 4.1.44 allows an HTTP header that lacks a colon, which might be interpreted as a separate header with an incorrect syntax, or might be interpreted as an "invalid fold."
Netty Netty
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 33
Canonical Ubuntu Linux 18.04
Redhat Jboss Amq Clients 2
Redhat Jboss Enterprise Application Platform 7.2
Redhat Jboss Enterprise Application Platform 7.3
6.4
CVSSv2
CVE-2019-20445
HttpObjectDecoder.java in Netty prior to 4.1.44 allows a Content-Length header to be accompanied by a second Content-Length header, or by a Transfer-Encoding header.
Netty Netty
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 33
Canonical Ubuntu Linux 18.04
Redhat Jboss Amq Clients 2
Redhat Jboss Enterprise Application Platform 7.2
Redhat Jboss Enterprise Application Platform 7.3
Apache Spark 2.4.7
Apache Spark 2.4.8
6.4
CVSSv2
CVE-2017-2666
It exists in Undertow that the code that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manip...
Redhat Undertow -
Redhat Jboss Enterprise Application Platform 7.0.0
Redhat Jboss Enterprise Application Platform 7.1.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
6
CVSSv2
CVE-2021-4104
JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. The attacker can provide TopicBindingName and TopicConnectionFactoryBindingName configurations causing JMSAppender to perform JNDI requests t...
Apache Log4j 1.2
Fedoraproject Fedora 35
Redhat Jboss Operations Network 3.0
Redhat Jboss A-mq 6.0.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Jboss Enterprise Application Platform 6.0.0
Redhat Jboss Enterprise Application Platform 7.0
Redhat Jboss Fuse 6.0.0
Redhat Jboss Fuse Service Works 6.0
Redhat Jboss Web Server 3.0
Redhat Jboss Data Virtualization 6.0.0
Redhat Enterprise Linux 8.0
Redhat Single Sign-on 7.0
Redhat Software Collections -
Redhat Jboss Fuse 7.0.0
Redhat Process Automation 7.0
Redhat Jboss Data Grid 7.0.0
Redhat Openshift Application Runtimes -
Redhat Codeready Studio 12.0
Redhat Integration Camel K -
Redhat Openshift Container Platform 4.6
20 Github repositories
6
CVSSv2
CVE-2019-0217
In Apache HTTP Server 2.4 release 2.4.38 and prior, a race condition in mod_auth_digest when running in a threaded server could allow a user with valid credentials to authenticate using another username, bypassing configured access control restrictions.
Apache Http Server
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux -
Opensuse Leap 42.3
Opensuse Leap 15.0
Netapp Clustered Data Ontap -
Netapp Oncommand Unified Manager -
Oracle Retail Xstore Point Of Service 7.1
Oracle Retail Xstore Point Of Service 7.0
Oracle Http Server 12.2.1.3.0
1 Github repository
5.8
CVSSv2
CVE-2020-2593
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with ne...
Oracle Jdk 1.7.0
Oracle Jdk 1.8.0
Oracle Jdk 11.0.5
Oracle Jdk 13.0.1
Oracle Jre 1.7.0
Oracle Jre 1.8.0
Oracle Jre 11.0.5
Oracle Jre 13.0.1
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Eus 7.7
Redhat Enterprise Linux Eus 8.1
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Aus 7.7
Redhat Enterprise Linux Server Tus 7.7
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Workstation 7.0
Oracle Openjdk 7
Oracle Openjdk 8
Oracle Openjdk 11
5.4
CVSSv2
CVE-2017-13084
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Station-To-Station-Link (STSL) Transient Key (STK) during the PeerKey handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.
Freebsd Freebsd 11
Freebsd Freebsd 11.1
Redhat Enterprise Linux Desktop 7
Freebsd Freebsd
Canonical Ubuntu Linux 17.04
Canonical Ubuntu Linux 16.04
Freebsd Freebsd 10
Freebsd Freebsd 10.4
Opensuse Leap 42.3
Opensuse Leap 42.2
Debian Debian Linux 9.0
Debian Debian Linux 8.0
Canonical Ubuntu Linux 14.04
Redhat Enterprise Linux Server 7
W1.fi Hostapd 2.3
W1.fi Hostapd 2.2
W1.fi Hostapd 0.6.9
W1.fi Hostapd 0.6.8
W1.fi Hostapd 0.4.10
W1.fi Hostapd 0.4.9
W1.fi Hostapd 0.4.8
W1.fi Hostapd 0.2.6
1 Article
5.1
CVSSv2
CVE-2016-5385
PHP up to and including 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote malicious users to redirec...
Oracle Enterprise Manager Ops Center 12.2.2
Oracle Enterprise Manager Ops Center 12.3.2
Oracle Communications User Data Repository 10.0.1
Oracle Linux 6
Oracle Linux 7
Oracle Communications User Data Repository 12.0.0
Oracle Communications User Data Repository 10.0.0
Fedoraproject Fedora 24
Fedoraproject Fedora 23
Hp Storeever Msl6480 Tape Library Firmware
Hp System Management Homepage
Php Php
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Debian Debian Linux 8.0
Opensuse Leap 42.1
Drupal Drupal
1 Github repository
1 Article
5.1
CVSSv2
CVE-2016-5388
Apache Tomcat 7.x up to and including 7.0.70 and 8.x up to and including 8.5.4, when the CGI Servlet is enabled, follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which mi...
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Server Aus 7.2
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server Tus 7.2
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Hpc Node 7.0
Redhat Enterprise Linux Server Eus 7.2
Redhat Enterprise Linux Hpc Node Eus 7.2
Hp System Management Homepage
Redhat Enterprise Linux Hpc Node 6.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Oracle Linux 6
Oracle Linux 7
Apache Tomcat
1 Article
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49333
CVE-2024-33901
CVE-2024-36001
CVE-2024-2835
firewall
XPath injection
authentication bypass
CVE-2024-22120
CVE-2024-32002
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »