Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-19334
In all versions of libyang prior to 1.0-r5, a stack-based buffer overflow exists in the way libyang parses YANG files with a leaf of type "identityref". An application that uses libyang to parse untrusted YANG files may be vulnerable to this flaw, which would allow an m...
Cesnet Libyang 1.0
Cesnet Libyang 0.16
Cesnet Libyang 0.13
Cesnet Libyang 0.12
Cesnet Libyang 0.11
Cesnet Libyang 0.14
Cesnet Libyang 0.15
Redhat Enterprise Linux 8.0
Fedoraproject Fedora 31
9.8
CVSSv3
CVE-2019-14910
A vulnerability was found in keycloak 7.x, when keycloak is configured with LDAP user federation and StartTLS is used instead of SSL/TLS from the LDAP server (ldaps), in this case user authentication succeeds even if invalid password has entered.
Redhat Keycloak 7.0.0
Redhat Keycloak 7.0.1
9.8
CVSSv3
CVE-2013-4486
Zanata 3.0.0 up to and including 3.1.2 has RCE due to EL interpolation in logging
Redhat Zanata
9.8
CVSSv3
CVE-2011-2717
The DHCPv6 client (dhcp6c) as used in the dhcpv6 project through 2011-07-25 allows remote DHCP servers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message.
Linux Dhcp6c
Redhat Enterprise Linux 4.0
Redhat Enterprise Linux 5.0
9.8
CVSSv3
CVE-2019-14896
A heap-based buffer overflow vulnerability was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. A remote attacker could cause a denial of service (system crash) or, possibly execute arbitrary code, when the lbs_ibss_join_existing function is called a...
Linux Linux Kernel
Redhat Enterprise Linux 6.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 16.04
Debian Debian Linux 8.0
9.8
CVSSv3
CVE-2019-14842
Structured reply is a feature of the newstyle NBD protocol allowing the server to send a reply in chunks. A bounds check which was supposed to test for chunk offsets smaller than the beginning of the request did not work because of signed/unsigned confusion. If one of these chunk...
Redhat Libnbd
9.8
CVSSv3
CVE-2014-3585
redhat-upgrade-tool: Does not check GPG signatures when upgrading versions
Redhat Redhat-upgrade-tool -
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
9.8
CVSSv3
CVE-2014-3700
eDeploy through at least 2014-10-14 has remote code execution due to eval() of untrusted data
Redhat Edeploy
Redhat Jboss Enterprise Web Server 1.0.0
9.8
CVSSv3
CVE-2012-3460
cumin: At installation postgresql database user created without password
Redhat Enterprise Mrg 2.0
9.8
CVSSv3
CVE-2019-19012
An integer overflow in the search_in_range function in regexec.c in Oniguruma 6.x prior to 6.9.4_rc2 leads to an out-of-bounds read, in which the offset of this read is under the control of an attacker. (This only affects the 32-bit compiled version). Remote attackers can cause a...
Oniguruma Project Oniguruma 6.9.4
Oniguruma Project Oniguruma
Debian Debian Linux 8.0
Fedoraproject Fedora 30
Redhat Enterprise Linux 8.0
Fedoraproject Fedora 31
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
IMAP
CVE-2024-4367
server-side request forgery
information disclosure
CVE-2024-34342
CVE-2024-4281
CVE-2024-3507
CVE-2024-25560
CVE-2024-34574
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »