Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openshift vulnerabilities and exploits
(subscribe to this query)
991
VMScore
CVE-2016-0792
Multiple unspecified API endpoints in Jenkins prior to 1.650 and LTS prior to 1.642.2 allow remote authenticated users to execute arbitrary code via serialized data in an XML file, related to XStream and groovy.util.Expando.
Jenkins Jenkins
Redhat Openshift 3.1
2 EDB exploits
2 Metasploit modules
4 Github repositories
935
VMScore
CVE-2019-8506
A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.
Apple Icloud
Apple Itunes
Apple Safari
Apple Iphone Os
Apple Tvos
Apple Watchos
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Workstation 7.0
1 EDB exploit
1 Article
935
VMScore
CVE-2019-8672
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafte...
Apple Icloud
Apple Itunes
Apple Safari
Apple Iphone Os
Apple Mac Os X
Apple Tvos
Apple Watchos
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Workstation 7.0
1 EDB exploit
935
VMScore
CVE-2019-8689
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafte...
Apple Icloud
Apple Itunes
Apple Safari
Apple Iphone Os
Apple Mac Os X
Apple Tvos
Apple Watchos
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Workstation 7.0
1 EDB exploit
935
VMScore
CVE-2019-8518
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code executio...
Apple Icloud
Apple Itunes
Apple Safari
Apple Iphone Os
Apple Tvos
Apple Watchos
1 EDB exploit
935
VMScore
CVE-2016-9587
Ansible prior to 2.1.4, 2.2.1 is vulnerable to an improper input validation in Ansible's handling of data sent from client systems. An attacker with control over a client system being managed by Ansible and the ability to send facts back to the Ansible server could use this ...
Redhat Ansible
Ansible Ansible
Redhat Openstack 11
1 EDB exploit
1 Github repository
1 Article
894
VMScore
CVE-2019-7609
Kibana versions prior to 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the Timelion visualizer. An attacker with access to the Timelion application could send a request that will attempt to execute javascript code. This could possibly lead to an attacker executing ...
Elastic Kibana
Redhat Openshift Container Platform 3.11
Redhat Openshift Container Platform 4.1
15 Github repositories
894
VMScore
CVE-2018-1000861
A code execution vulnerability exists in the Stapler web framework used by Jenkins 2.153 and previous versions, LTS 2.138.3 and previous versions in stapler/core/src/main/java/org/kohsuke/stapler/MetaClass.java that allows malicious users to invoke some methods on Java objects by...
Jenkins Jenkins
Redhat Openshift Container Platform 3.11
13 Github repositories
892
VMScore
CVE-2022-1292
The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the ...
Openssl Openssl
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Santricity Smi-s Provider -
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Clustered Data Ontap -
Netapp Smi-s Provider -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Solidfire \\& Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Solidfire\\, Enterprise Sds \\& Hci Storage Node -
Netapp Snapmanager -
Netapp A700s Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
7 Github repositories
1 Article
890
VMScore
CVE-2022-2068
In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not dis...
Openssl Openssl
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Siemens Sinec Ins 1.0
Siemens Sinec Ins
Netapp Santricity Smi-s Provider -
Netapp Element Software -
Netapp Ontap Select Deploy Administration Utility -
Netapp Smi-s Provider -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Snapmanager -
Netapp Ontap Antivirus Connector -
Netapp Bootstrap Os -
Netapp H615c Firmware -
Netapp H610s Firmware -
Netapp H610c Firmware -
Netapp H410c Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
1 Github repository
1 Article
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654
CVE-2024-2757
authentication bypass
CVE-2024-3194
CVE-2024-33640
CVE-2024-21111
dos
insecure direct object reference
CVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »