Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat openshift 3.1 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2016-0791
Jenkins prior to 1.650 and LTS prior to 1.642.2 do not use a constant-time algorithm to verify CSRF tokens, which makes it easier for remote malicious users to bypass a CSRF protection mechanism via a brute-force approach.
Redhat Openshift 3.1
Jenkins Jenkins
Jenkins Jenkins 1.642.1
8.8
CVSSv3
CVE-2016-0792
Multiple unspecified API endpoints in Jenkins prior to 1.650 and LTS prior to 1.642.2 allow remote authenticated users to execute arbitrary code via serialized data in an XML file, related to XStream and groovy.util.Expando.
Jenkins Jenkins
Redhat Openshift 3.1
2 EDB exploits
2 Metasploit modules
4 Github repositories
8.6
CVSSv3
CVE-2021-3517
There is a flaw in the xml entity encoding functionality of libxml2 in versions prior to 2.9.11. An attacker who is able to supply a crafted file to be processed by an application linked with the affected functionality of libxml2 could trigger an out-of-bounds read. The most like...
Xmlsoft Libxml2
Redhat Jboss Core Services -
Redhat Enterprise Linux 8.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Debian Debian Linux 9.0
Netapp Snapmanager -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Ontap Select Deploy Administration Utility -
Netapp Clustered Data Ontap -
Netapp E-series Santricity Storage Manager -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Snapdrive -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Santricity Unified Manager -
Netapp Manageability Software Development Kit -
Netapp E-series Santricity Web Services -
Netapp E-series Santricity Os Controller
Netapp Hci H410c Firmware -
7.8
CVSSv3
CVE-2022-1158
A flaw was found in KVM. When updating a guest's page table entry, vm_pgoff was improperly used as the offset to get the page's pfn. As vaddr and vm_pgoff are controllable by user-mode processes, this flaw allows unprivileged local users on the host to write outside the...
Linux Linux Kernel
Fedoraproject Fedora 36
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
7.5
CVSSv3
CVE-2022-0778
The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curv...
Openssl Openssl
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Santricity Smi-s Provider -
Netapp Storagegrid -
Netapp Clustered Data Ontap -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Cloud Volumes Ontap Mediator -
Netapp A250 Firmware -
Netapp 500f Firmware -
Fedoraproject Fedora 34
Fedoraproject Fedora 36
Tenable Nessus
Mariadb Mariadb
Nodejs Node.js
10 Github repositories
7.5
CVSSv3
CVE-2021-4104
JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. The attacker can provide TopicBindingName and TopicConnectionFactoryBindingName configurations causing JMSAppender to perform JNDI requests t...
Apache Log4j 1.2
Fedoraproject Fedora 35
Redhat Jboss Operations Network 3.0
Redhat Jboss A-mq 6.0.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Jboss Enterprise Application Platform 6.0.0
Redhat Jboss Enterprise Application Platform 7.0
Redhat Jboss Fuse 6.0.0
Redhat Jboss Fuse Service Works 6.0
Redhat Jboss Web Server 3.0
Redhat Jboss Data Virtualization 6.0.0
Redhat Enterprise Linux 8.0
Redhat Single Sign-on 7.0
Redhat Software Collections -
Redhat Jboss Fuse 7.0.0
Redhat Process Automation 7.0
Redhat Jboss Data Grid 7.0.0
Redhat Openshift Application Runtimes -
Redhat Codeready Studio 12.0
Redhat Integration Camel K -
Redhat Openshift Container Platform 4.6
20 Github repositories
7.5
CVSSv3
CVE-2015-7539
The Plugins Manager in Jenkins prior to 1.640 and LTS prior to 1.625.2 does not verify checksums for plugin files referenced in update site data, which makes it easier for man-in-the-middle malicious users to execute arbitrary code via a crafted plugin.
Jenkins Jenkins
Redhat Openshift 2.0
Redhat Openshift 3.1
7.4
CVSSv3
CVE-2016-3726
Multiple open redirect vulnerabilities in Jenkins prior to 2.3 and LTS prior to 1.651.2 allow remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors related to "scheme-relative" URLs.
Jenkins Jenkins
Redhat Openshift 3.1
Redhat Openshift 3.2
7.1
CVSSv3
CVE-2022-1353
A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a leak of internal kernel information.
Linux Linux Kernel
Linux Linux Kernel 5.17
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Redhat Enterprise Linux 8.0
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410c Firmware -
7
CVSSv3
CVE-2017-1000376
libffi requests an executable stack allowing malicious users to more easily trigger arbitrary code execution by overwriting the stack. Please note that libffi is used by a number of other libraries. It was previously stated that this affects libffi version 3.2.1 but this appears ...
Redhat Enterprise Virtualization Server -
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Openshift 2.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Libffi Project Libffi
Oracle Peopletools 8.57
Oracle Peopletools 8.56
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »