Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat vulnerabilities and exploits
(subscribe to this query)
6.7
CVSSv3
CVE-2024-0193
A use-after-free flaw was found in the netfilter subsystem of the Linux kernel. If the catchall element is garbage-collected when the pipapo set is removed, the element can be deactivated twice. This can cause a use-after-free issue on an NFT_CHAIN object or NFT_OBJECT object, al...
Linux Linux Kernel -
Redhat Enterprise Linux 9.0
5.3
CVSSv3
CVE-2023-6693
A stack based buffer overflow was found in the virtio-net device of QEMU. This issue occurs when flushing TX in the virtio_net_flush_tx function if guest features VIRTIO_NET_F_HASH_REPORT, VIRTIO_F_VERSION_1 and VIRTIO_NET_F_MRG_RXBUF are enabled. This could allow a malicious use...
Qemu Qemu
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Fedoraproject Fedora 39
7.5
CVSSv3
CVE-2023-3171
A flaw was found in EAP-7 during deserialization of certain classes, which permits instantiation of HashMap and HashTable with no checks on resources consumed. This issue could allow an malicious user to submit malicious requests using these classes, which could eventually exhaus...
Redhat Jboss Enterprise Application Platform 7.4
Redhat Jboss Enterprise Application Platform -
5.5
CVSSv3
CVE-2023-4641
A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails in cleaning the buffer used to store the first entry. This may allow an attacker with enough access to retrieve ...
Shadow-maint Shadow-utils
Redhat Enterprise Linux 8.0
Redhat Codeready Linux Builder 8.0
Redhat Enterprise Linux 9.0
Redhat Enterprise Linux For Arm 64 9.0
Redhat Enterprise Linux For Arm 64 8.0
Redhat Codeready Linux Builder For Ibm Z Systems 9.0 S390x
Redhat Codeready Linux Builder For Arm64 9.0 Aarch64
Redhat Enterprise Linux For Power Little Endian 8.0 Ppc64le
Redhat Enterprise Linux For Ibm Z Systems 8.0 S390x
Redhat Codeready Linux Builder For Power Little Endian 9.0 Ppc64le
Redhat Codeready Linux Builder 9.0
Redhat Enterprise Linux For Power Little Endian 9.0 Ppc64le
Redhat Enterprise Linux For Ibm Z Systems 9.0 S390x
Redhat Codeready Linux Builder For Ibm Z Systems 8.0 S390x
Redhat Codeready Linux Builder For Arm64 8.0 Aarch64
Redhat Codeready Linux Builder For Power Little Endian 8.0 Ppc64le
7
CVSSv3
CVE-2023-51767
OpenSSH up to and including 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat...
Openbsd Openssh
Fedoraproject Fedora 39
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
5.3
CVSSv3
CVE-2023-51765
sendmail up to and including 8.17.2 allows SMTP smuggling in certain configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because sendmai...
Sendmail Sendmail
Freebsd Freebsd
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
3 Github repositories
5.3
CVSSv3
CVE-2023-51764
Postfix up to and including 3.8.5 allows SMTP smuggling unless configured with smtpd_data_restrictions=reject_unauth_pipelining and smtpd_discard_ehlo_keywords=chunking (or certain other options that exist in recent versions). Remote attackers can use a published exploitation tec...
Postfix Postfix
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
5 Github repositories
7
CVSSv3
CVE-2023-6546
A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOC_SETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsm_dlci ...
Linux Linux Kernel 6.5
Linux Linux Kernel
Fedoraproject Fedora 39
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
1 Github repository
8.1
CVSSv3
CVE-2023-2585
Keycloak's device authorization grant does not correctly validate the device code and client ID. An attacker client could abuse the missing validation to spoof a client consent request and trick an authorization admin into granting consent to a malicious OAuth client or poss...
Redhat Single Sign-on 7.6
Redhat Openshift Container Platform 4.11
Redhat Openshift Container Platform 4.12
Redhat Openshift Container Platform For Ibm Z 4.9
Redhat Openshift Container Platform For Ibm Z 4.10
Redhat Openshift Container Platform For Linuxone 4.9
Redhat Openshift Container Platform For Linuxone 4.10
Redhat Openshift Container Platform For Power 4.9
Redhat Openshift Container Platform For Power 4.10
Redhat Single Sign-on -
5.3
CVSSv3
CVE-2023-6918
A flaw was found in the libssh implements abstract layer for message digest (MD) operations implemented by different supported crypto backends. The return values from these were not properly checked, which could cause low-memory situations failures, NULL dereferences, crashes, or...
Libssh Libssh
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Fedoraproject Fedora 38
Fedoraproject Fedora 39
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27975
CVE-2024-2961
CVE-2024-20380
XML injection
HTML injection
CVE-2024-29204
CVE-2023-51795
memory leak
CVE-2024-3470
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »