CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Qualys Blog•added 2025/02/25 4:0 p.m.•8 views

Qualys TotalCloud KCS Achieves Red Hat Vulnerability Scanner Certification

We’re excited to announce that Qualys TotalCloud Kubernetes and Container Security KCS has achieved the Red Hat Vulnerability Scanning Certification , reinforcing our commitment to unbiased, 6-sigma accurate vulnerability detection. By meeting Red Hat’s rigorous security standards, Qualys...

7.3AI score

Exploits0

Tenable Nessus•added 2024/06/03 12:0 a.m.•11 views

RHEL 8 : glade (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - glade: segmentation fault in gladegtkboxpostcreate CVE-2020-36774 Note that Nessus has not tested for this issue bu...

5.5CVSS5.4AI score0.00026EPSS

Tenable Nessus•added 2024/06/03 12:0 a.m.•20 views

RHEL 4 : pl (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - David Koblas' GIF decoder LZW decoder buffer overflow CVE-2011-2896 Note that Nessus has not tested for this issue...

5.1CVSS7.2AI score0.07216EPSS

Tenable Nessus•added 2024/06/03 12:0 a.m.•9 views

RHEL 5 : automake17 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - automake: locally exploitable make distcheck bug CVE-2012-3386 Note that Nessus has not tested for this issue but h...

4.4CVSS6.6AI score0.00185EPSS

Exploits1References1

Tenable Nessus•added 2024/06/03 12:0 a.m.•14 views

RHEL 5 : gstreamer-plugins-good (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - gstreamer: Invalid memory read in gtypecheckinstanceisfundamentallya CVE-2016-9810 Note that Nessus has not tested...

5.5CVSS5.5AI score0.00366EPSS

Tenable Nessus•added 2024/06/03 12:0 a.m.•15 views

RHEL 4 : mutt (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - mutt: missing host name vs. SSL certificate name checks CVE-2009-3766 Note that Nessus has not tested for this issu...

6.8CVSS6.6AI score0.00517EPSS

Tenable Nessus•added 2024/06/03 12:0 a.m.•14 views

RHEL 7 : screen (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - screen: Stack overflow due to deep recursion causing process freeze CVE-2015-6806 Note that Nessus has not tested f...

5CVSS6.8AI score0.01274EPSS

Exploits1References1

Tenable Nessus•added 2024/05/11 12:0 a.m.•12 views

RHEL 8 : lcms2 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - lcms2: Integer overflow in AllocateDataSet in cmscgats.c leading to heap-based buffer overflow CVE-2018-16435 Note...

7.7AI score0.0045EPSS

Exploits1References1

RedHat Linux•added 2024/02/12 10:27 a.m.•3 views

HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)

A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RSTSTREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any...

RedHat Linux•added 2023/11/08 1:10 a.m.•4 views

HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)

RedHat Linux•added 2023/10/23 2:17 p.m.•2 views

HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)

RedHat Linux•added 2023/10/16 9:9 a.m.•2 views

HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)

RedhatCVE•added 2020/04/09 10:6 a.m.•52 views

CVE-2018-12207

A flaw was found in the way Intel CPUs handle inconsistency between, virtual to physical memory address translations in CPU's local cache and system software's Paging structure entries. A privileged guest user may use this flaw to induce a hardware Machine Check Error on the host processor,...

6.5CVSS0.4AI score0.00262EPSS

Exploits0References4

RedhatCVE•added 2019/12/11 12:21 p.m.•66 views

CVE-2019-19339

It was found that the Red Hat Enterprise Linux 8 kpatch update did not include the complete fix for CVE-2018-12207. A flaw was found in the way Intel CPUs handle inconsistency between, virtual to physical memory address translations in CPU's local cache and system software's Paging structure...

6.5CVSS0.3AI score0.00262EPSS

Exploits0References3

CNVD•added 2016/02/08 12:0 a.m.•1 views

Red Hat redhat-support-plugin-rhev local code execution vulnerability

Red Hat redhat-support-plugin-rhev is a technology preview feature that seamlessly integrates access to Red Hat Subscription Services from the Red Hat Enterprise Virtualization Management Portal. A security vulnerability in Red Hat redhat-support-plugin-rhev allows local attackers to exploit the...

9.1CVSS7.1AI score0.00926EPSS