Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat fedora - vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2007-4134
Directory traversal vulnerability in extract.c in star prior to 1.5a84 allows user-assisted remote malicious users to overwrite arbitrary files via certain //.. (slash slash dot dot) sequences in directory symlinks in a TAR archive.
Redhat Fedora 7
NA
CVE-2022-3675
Fedora CoreOS supports setting a GRUB bootloader password using a Butane config. When this feature is enabled, GRUB requires a password to access the GRUB command-line, modify kernel command-line arguments, or boot non-default OSTree deployments. Recent Fedora CoreOS releases hav...
Redhat Fedora Coreos
5.8
CVSSv2
CVE-2007-2874
Buffer overflow in the wpa_printf function in the debugging code in wpa_supplicant in the Fedora NetworkManager package prior to 0.6.5-3.fc7 allows user-assisted remote malicious users to execute arbitrary code via malformed frames on a WPA2 network. NOTE: some of these details a...
Redhat Fedora Core
NA
CVE-2023-6918
A flaw was found in the libssh implements abstract layer for message digest (MD) operations implemented by different supported crypto backends. The return values from these were not properly checked, which could cause low-memory situations failures, NULL dereferences, crashes, or...
Libssh Libssh
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Fedoraproject Fedora 38
Fedoraproject Fedora 39
NA
CVE-2023-51764
Postfix up to and including 3.8.5 allows SMTP smuggling unless configured with smtpd_data_restrictions=reject_unauth_pipelining and smtpd_discard_ehlo_keywords=chunking (or certain other options that exist in recent versions). Remote attackers can use a published exploitation tec...
Postfix Postfix
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
5 Github repositories
NA
CVE-2022-1632
An Improper Certificate Validation attack was found in Openshift. A re-encrypt Route with destinationCACertificate explicitly set to the default serviceCA skips internal Service TLS certificate validation. This flaw allows an malicious user to exploit an invalid certificate, resu...
Redhat Openshift Container Platform 4.0
Redhat Ansible Automation Platform 2.0
Fedoraproject Fedora 34
Fedoraproject Fedora 35
5
CVSSv2
CVE-2019-10222
A flaw was found in the Ceph RGW configuration with Beast as the front end handling client requests. An unauthenticated attacker could crash the Ceph RGW server by sending valid HTTP headers and terminating the connection, resulting in a remote denial of service for Ceph RGW clie...
Ceph Ceph -
Redhat Ceph Storage 3.0
Redhat Ceph Storage 3.3
Fedoraproject Fedora 30
Fedoraproject Fedora 31
1 Github repository
9
CVSSv2
CVE-2008-0892
The replication monitor CGI script (repl-monitor-cgi.pl) in Red Hat Administration Server, as used by Red Hat Directory Server 8.0 EL4 and EL5, allows remote malicious users to execute arbitrary commands.
Redhat Directory Server 7.1
Redhat Directory Server 8
Redhat Fedora Directory Server
5
CVSSv2
CVE-2020-1695
A flaw was found in all resteasy 3.x.x versions before 3.12.0.Final and all resteasy 4.x.x versions before 4.6.0.Final, where an improper input validation results in returning an illegal header that integrates into the server's response. This flaw may result in an injection,...
Redhat Resteasy
Fedoraproject Fedora 32
Fedoraproject Fedora 33
1 Github repository
4.3
CVSSv2
CVE-2020-25658
It was found that python-rsa is vulnerable to Bleichenbacher timing attacks. An attacker can use this flaw via the RSA decryption API to decrypt parts of the cipher text encrypted with RSA.
Python-rsa Project Python-rsa
Redhat Openstack Platform 16.0
Redhat Openstack Platform 13.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »