Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openshift origin vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-35941
Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12, a malicious client is able to construct credentials with permanent validity in some specific scenarios. This is caused by the som...
Envoyproxy Envoy
9.8
CVSSv3
CVE-2020-10018
WebKitGTK up to and including 2.26.4 and WPE WebKit up to and including 2.26.4 (which are the versions right prior to 2.28.0) contains a memory corruption issue (use-after-free) that may lead to arbitrary code execution. This issue has been fixed in 2.28.0 with improved memory ha...
Webkitgtk Webkitgtk
Wpewebkit Wpe Webkit
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Opensuse Leap 15.1
9.8
CVSSv3
CVE-2013-2060
The download_from_url function in OpenShift Origin allows remote malicious users to execute arbitrary commands via shell metacharacters in the URL of a request to download a cart.
Redhat Openshift 1.0
9.8
CVSSv3
CVE-2013-2095
rubygem-openshift-origin-controller: API can be used to create applications via cartridge_cache.rb URI.prase() to perform command injection
Openshift-origin-controller Project Openshift-origin-controller -
9.8
CVSSv3
CVE-2019-3822
libcurl versions from 7.36.0 to prior to 7.64.0 are vulnerable to a stack-based buffer overflow. The function creating an outgoing NTLM type-3 header (`lib/vauth/ntlm.c:Curl_auth_create_ntlm_type3_message()`), generates the request HTTP header contents based on previously receive...
Haxx Libcurl
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Debian Debian Linux 9.0
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Active Iq Unified Manager
Netapp Clustered Data Ontap
Siemens Sinema Remote Connect Client
Oracle Http Server 12.2.1.3.0
Oracle Enterprise Manager Ops Center 12.3.3
Oracle Secure Global Desktop 5.4
Oracle Communications Operations Monitor 3.4
Oracle Communications Operations Monitor 4.0
Oracle Enterprise Manager Ops Center 12.4.0
Oracle Services Tools Bundle 19.2
Oracle Mysql Server
Redhat Enterprise Linux 8.0
3 Github repositories
9.8
CVSSv3
CVE-2018-20060
urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme). This can allow for credentials in the Authorization header to be exposed to unintended hosts or transmitted i...
Python Urllib3
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
8.8
CVSSv3
CVE-2019-8720
A vulnerability was found in WebKit. The flaw is triggered when processing maliciously crafted web content that may lead to arbitrary code execution. Improved memory handling addresses the multiple memory corruption issues.
Webkitgtk Webkitgtk
Wpewebkit Wpe Webkit
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux For Scientific Computing 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux For Power Little Endian 7.0
Redhat Enterprise Linux For Power Big Endian 7.0
Redhat Enterprise Linux For Ibm Z Systems 7.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux Server Update Services For Sap Solutions 8.4
Redhat Enterprise Linux For Power Little Endian 8.0
Redhat Enterprise Linux For Ibm Z Systems Eus 8.4
Redhat Enterprise Linux For Ibm Z Systems 8.0
Redhat Enterprise Linux For Power Little Endian Eus 8.4
Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 8.4
Redhat Codeready Linux Builder 8.0
Redhat Codeready Linux Builder Eus 8.4
Redhat Codeready Linux Builder For Power Little Endian Eus 8.4
8.8
CVSSv3
CVE-2022-26709
A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execution.
Apple Macos
Apple Iphone Os
Apple Watchos
Apple Tvos
Apple Ipados
Apple Safari
8.8
CVSSv3
CVE-2022-26710
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, tvOS 15.5, watchOS 8.6. Processing maliciously crafted web content may lead to arbitrary code execution.
Apple Macos
Apple Iphone Os
Apple Watchos
Apple Tvos
Apple Ipados
8.8
CVSSv3
CVE-2022-26716
A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execution.
Apple Macos
Apple Iphone Os
Apple Watchos
Apple Tvos
Apple Ipados
Apple Safari
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »