Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openshift vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2022-1245
A privilege escalation flaw was found in the token exchange feature of keycloak. Missing authorization allows a client application holding a valid access token to exchange tokens for any target client by passing the client_id of the target. This could allow a client to gain unaut...
Redhat Keycloak
668
VMScore
CVE-2022-31045
Istio is an open platform to connect, manage, and secure microservices. In affected versions ill-formed headers sent to Envoy in certain configurations can lead to unexpected memory access resulting in undefined behavior or crashing. Users are most likely at risk if they have an ...
Istio Istio 1.14.0
Istio Istio
668
VMScore
CVE-2022-26945
go-getter up to 1.5.11 and 2.0.2 allowed protocol switching, endless redirect, and configuration bypass via abuse of custom HTTP response header processing. Fixed in 1.6.1 and 2.1.0.
Hashicorp Go-getter 2.0.2
Hashicorp Go-getter
1 Github repository
668
VMScore
CVE-2022-30321
go-getter up to 1.5.11 and 2.0.2 allowed arbitrary host access via go-getter path traversal, symlink processing, and command injection flaws. Fixed in 1.6.1 and 2.1.0.
Hashicorp Go-getter 2.0.2
Hashicorp Go-getter
668
VMScore
CVE-2022-30322
go-getter up to 1.5.11 and 2.0.2 allowed asymmetric resource exhaustion when go-getter processed malicious HTTP responses. Fixed in 1.6.1 and 2.1.0.
Hashicorp Go-getter 2.0.2
Hashicorp Go-getter
668
VMScore
CVE-2022-30323
go-getter up to 1.5.11 and 2.0.2 panicked when processing password-protected ZIP files. Fixed in 1.6.1 and 2.1.0.
Hashicorp Go-getter 2.0.2
Hashicorp Go-getter
668
VMScore
CVE-2022-29599
In Apache Maven maven-shared-utils prior to version 3.3.3, the Commandline class can emit double-quoted strings without proper escaping, allowing shell injection attacks.
Apache Maven Shared Utils
Debian Debian Linux 10.0
Debian Debian Linux 11.0
668
VMScore
CVE-2022-27404
FreeType commit 1e2eb65048f75c64b68708efed6ce904c31f3b2f exists to contain a heap buffer overflow via the function sfnt_init_face.
Freetype Freetype
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
668
VMScore
CVE-2021-44906
Minimist <=1.2.5 is vulnerable to Prototype Pollution via file index.js, function setKey() (lines 69-95).
Substack Minimist
4 Github repositories
668
VMScore
CVE-2021-38578
Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize.
Tianocore Edk2
Insyde Kernel 5.0
Insyde Kernel 5.2
Insyde Kernel 5.3
Insyde Kernel 5.4
Insyde Kernel 5.5
Insyde Kernel 5.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
remote code execution
CVE-2024-34909
CVE-2024-3317
SSTI
CVE-2024-3400
CVE-2024-30051
wireless
CVE-2024-4622
CVE-2024-4908
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »