Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openshift container platform vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2023-29409
Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA keys transmitted during handshakes is restricted to <= 8192 bits. Based on a survey of publicly trusted RSA keys, there are c...
Golang Go 1.21.0
Golang Go
1 Github repository
3.3
CVSSv3
CVE-2023-4016
Under some circumstances, this weakness allows a user who has access to run the “ps” utility on a machine, the ability to write almost unlimited amounts of unfiltered data into the process heap.
Procps Project Procps
Fedoraproject Fedora 38
7.8
CVSSv3
CVE-2023-4004
A use-after-free flaw was found in the Linux kernel's netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a NFT_SET_EXT_KEY_END. This issue could allow a local user to crash the system or potentially escalate their privileges on the ...
Linux Linux Kernel
Fedoraproject Fedora 38
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Netapp H300s -
Netapp H500s -
Netapp H700s -
Netapp H410s -
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
5.3
CVSSv3
CVE-2023-3817
Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long delays. Where the key or parameters that...
Openssl Openssl 1.0.2a
Openssl Openssl 1.0.2e
Openssl Openssl 1.0.2j
Openssl Openssl 1.0.2b
Openssl Openssl 1.0.2g
Openssl Openssl 1.0.2h
Openssl Openssl 1.0.2c
Openssl Openssl 1.0.2
Openssl Openssl 1.0.2f
Openssl Openssl 1.0.2i
Openssl Openssl 1.0.2d
Openssl Openssl 1.0.2k
Openssl Openssl 1.0.2l
Openssl Openssl 1.0.2m
Openssl Openssl 1.0.2zb
Openssl Openssl 1.0.2n
Openssl Openssl 1.0.2o
Openssl Openssl 1.0.2p
Openssl Openssl 1.0.2q
Openssl Openssl 1.0.2r
Openssl Openssl 1.0.2s
Openssl Openssl 1.0.2t
1 Github repository
4.4
CVSSv3
CVE-2023-3772
A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer in xfrm_update_ae_params(), leading to a possible kernel crash and denia...
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux For Real Time 8.0
Redhat Enterprise Linux For Real Time For Nfv 8.0
Redhat Enterprise Linux 9.0
Fedoraproject Fedora -
Linux Linux Kernel -
Debian Debian Linux 10.0
Debian Debian Linux 12.0
5.5
CVSSv3
CVE-2023-20593
An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an malicious user to potentially access sensitive information.
Xen Xen 4.15.0
Xen Xen 4.17.0
Xen Xen 4.16.0
Xen Xen 4.14.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Amd Ryzen 3 3100 Firmware -
Amd Ryzen 3 3300x Firmware -
Amd Ryzen 5 3500 Firmware -
Amd Ryzen 5 3500x Firmware -
Amd Ryzen 5 3600 Firmware -
Amd Ryzen 5 3600x Firmware -
Amd Ryzen 5 3600xt Firmware -
Amd Ryzen 7 3700x Firmware -
Amd Ryzen 7 3800x Firmware -
Amd Ryzen 7 3800xt Firmware -
Amd Ryzen 9 3900 Firmware -
Amd Ryzen 9 3900x Firmware -
Amd Ryzen 9 3900xt Firmware -
Amd Ryzen 9 3950x Firmware -
Amd Ryzen 9 Pro 3900 Firmware -
2 Github repositories
1 Article
7.8
CVSSv3
CVE-2023-3812
An out-of-bounds memory access flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user generates a malicious (too big) networking packet when napi frags is enabled. This flaw allows a local user to crash or potentially escalate their privilege...
Linux Linux Kernel
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
7.1
CVSSv3
CVE-2023-3567
A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel. This issue may allow an attacker with local user access to cause a system crash or leak internal kernel information.
Linux Linux Kernel 6.2.0
Linux Linux Kernel
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 22.04
5.3
CVSSv3
CVE-2023-33951
A race condition vulnerability was found in the vmwgfx driver in the Linux kernel. The flaw exists within the handling of GEM objects. The issue results from improper locking when performing operations on an object. This flaw allows a local privileged user to disclose information...
Linux Linux Kernel
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux For Real Time 8.0
Redhat Enterprise Linux For Real Time For Nfv 8.0
Redhat Enterprise Linux 9.0
6.7
CVSSv3
CVE-2023-33952
A double-free vulnerability was found in handling vmw_buffer_object objects in the vmwgfx driver in the Linux kernel. This issue occurs due to the lack of validating the existence of an object prior to performing further free operations on the object, which may allow a local priv...
Linux Linux Kernel
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux For Real Time 8.0
Redhat Enterprise Linux For Real Time For Nfv 8.0
Redhat Enterprise Linux 9.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »