Lucene search
K
RedhatcveMost viewed

206305 matches found

RedhatCVE
RedhatCVE
added 2020/11/24 10:51 a.m.49 views

CVE-2020-25669

A vulnerability was found in the Linux Kernel where the function sunkbdreinit having been scheduled by sunkbdinterrupt before sunkbd being freed. Though the dangling pointer is set to NULL in sunkbddisconnect, there is still an alias in sunkbdreinit causing Use After Free...

7.8CVSS2.1AI score0.00627EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2020/09/30 4:16 p.m.49 views

CVE-2020-25626

A flaw was found in the Django REST Framework. When using the browseable API viewer, the Django REST Framework fails to properly escape certain strings that come from user input. This flaw allows a user to control those strings to inject malicious...

6.1CVSS1.9AI score0.01286EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2020/09/22 6:39 p.m.49 views

CVE-2020-25597

A logic flaw was found in the handling of event channel operations in Xen. Operations such as resetting all event channels may involve decreasing one of the bounds checked when determining validity. This flaw allows an unprivileged guest to crash Xen, leading to a denial of service DoS for the...

6.5CVSS0.4AI score0.00358EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2020/06/23 3:25 p.m.49 views

CVE-2020-7656

A flaw was found in jquery in versions prior to 1.9.0. A cross-site scripting attack is possible as the load method fails to recognize and remove "...

4.3CVSS2.5AI score0.06273EPSS
Exploits4References3
RedhatCVE
RedhatCVE
added 2020/05/14 3:56 p.m.49 views

CVE-2020-2752

Vulnerability in the MySQL Client product of Oracle MySQL component: C API. Supported versions that are affected are 5.6.47 and prior, 5.7.27 and prior and 8.0.17 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise...

5.3CVSS2.6AI score0.02317EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2020/05/12 10:35 a.m.49 views

CVE-2020-10706

A flaw was found in OpenShift Container Platform where OAuth tokens are not encrypted when the encryption of data at rest is enabled. This flaw allows an attacker with access to a backup to obtain OAuth tokens and then use them to log into the cluster as any user who logged into the cluster via t...

4.6CVSS2.7AI score0.00128EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2020/05/07 4:39 a.m.49 views

CVE-2019-10638

A flaw was found in the way the Linux kernel derived the IP ID field from a partial kernel space address returned by a nethashmix function. A remote user could observe a weak IP ID generation in this field to track Linux devices...

6.5CVSS2.8AI score0.02571EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2020/04/28 5:40 p.m.49 views

CVE-2020-11762

An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read and write in DwaCompressor::uncompress in ImfDwaCompressor.cpp when handling the UNKNOWN compression case. Mitigation Mitigation for this issue is either not available or the currently available options do not meet th...

5.5CVSS1.9AI score0.01807EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2020/04/24 4:33 a.m.49 views

CVE-2020-10663

A flaw was found in rubygem-json. While parsing certain JSON documents, the json gem including the one bundled with Ruby can be coerced into creating arbitrary objects in the target system. This is the same issue as CVE-2013-0269. Mitigation To mitigate this vulnerability, do not supply untrusted...

7.5CVSS2.3AI score0.13911EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2020/04/21 11:33 p.m.49 views

CVE-2020-10712

A flaw was found in OpenShift Container Platform versions from 4.1 to 4.4 inclusive. Sensitive information was found to be logged by the image registry operator allowing an attacker able to gain access to those logs, to read and write to the storage backing the internal image registry. The highes...

6.4CVSS2.7AI score0.0097EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2020/04/08 5:15 p.m.49 views

CVE-2016-7124

ext/standard/varunserializer.c in PHP before 5.6.25 and 7.x before 7.0.10 mishandles certain invalid objects, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data that leads to a 1 destruct call or 2 magic method call...

9.8CVSS6.5AI score0.16482EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2020/04/08 5:28 a.m.49 views

CVE-2019-9791

The type inference system allows the compilation of functions that can cause type confusions between arbitrary objects when compiled through the IonMonkey just-in-time JIT compiler and when the constructor function is entered through on-stack replacement OSR. This allows for possible arbitrary...

9.8CVSS2.8AI score0.19762EPSS
Exploits6References3
RedhatCVE
RedhatCVE
added 2020/04/07 5:14 p.m.49 views

CVE-2019-14892

A flaw was discovered in jackson-databind in versions before 2.9.10, 2.8.11.5 and 2.6.7.3, where it would permit polymorphic deserialization of a malicious object using commons-configuration 1 and 2 JNDI classes. An attacker could use this flaw to execute arbitrary code...

9.8CVSS5.8AI score0.0544EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2020/04/03 2:11 p.m.49 views

CVE-2020-7065

A vulnerability was found in PHP while using the mbstrtolower function with UTF-32LE encoding, where certain invalid strings cause PHP to overwrite the stack-allocated buffer. This flaw leads to memory corruption, crashes, and potential code execution...

8.8CVSS3.3AI score0.04764EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2020/03/31 8:38 a.m.49 views

CVE-2018-18314

Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations...

9.8CVSS6.2AI score0.0606EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2020/03/29 8:8 p.m.49 views

CVE-2019-15030

A flaw in the Linux kernel on the PowerPC platform, was found where a local user can read vector registers of other user processes via a Facility Unavailable exception. An attacker must start a transaction when the FPU operation begins or there is no leakage. Vector registers will become corrupte...

4.4CVSS2.6AI score0.00451EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2020/02/13 11:44 a.m.49 views

CVE-2019-12415

In Apache POI up to 4.1.0, when using the tool XSSFExportToXml to convert user-provided Microsoft Excel documents, a specially crafted document can allow an attacker to read files from the local filesystem or from internal network resources via XML External Entity XXE Processing. Mitigation The...

5.5CVSS3.3AI score0.0099EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2020/02/06 5:44 p.m.49 views

CVE-2020-5398

A flaw was found in springframework in versions prior to 5.0.16, 5.1.13, and 5.2.3. A reflected file download RFD attack is possible when a "Content-Disposition" header is set in response to where the filename attribute is derived from user supplied input. The highest threat from this vulnerabili...

8CVSS4.4AI score0.88077EPSS
Exploits2References4
RedhatCVE
RedhatCVE
added 2020/01/22 3:58 p.m.49 views

CVE-2019-15216

An issue was discovered in the Linux kernel before 5.0.14. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/yurex.c driver...

4.9CVSS3.2AI score0.00693EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2020/01/07 11:9 p.m.49 views

CVE-2019-17022

When pasting a style tag from the clipboard into a rich text editor, the CSS sanitizer does not escape and characters. Because the resulting string is pasted directly into the text node of the element this does not result in a direct injection into the webpage; however, if a webpage subsequently...

6.1CVSS0.4AI score0.01988EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2020/01/07 9:28 p.m.49 views

CVE-2018-1120

By mmaping a FUSE-backed file onto a process's memory containing command line arguments or environment strings, an attacker can cause utilities from psutils or procps such as ps, w or any other program which makes a read call to the /proc//cmdline or /proc//environ files to block indefinitely...

5.3CVSS2.9AI score0.07291EPSS
Exploits5References2
RedhatCVE
RedhatCVE
added 2019/12/28 3:54 a.m.49 views

CVE-2019-15903

In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XMLGetCurrentLineNumber or XMLGetCurrentColumnNumber then resulted in a heap-based buffer over-read. Mitigation Mitigation for this issue is either...

7.5CVSS2.2AI score0.06643EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2019/12/10 4:48 p.m.49 views

CVE-2019-19532

An out-of-bounds write flaw was found in the Linux kernel’s HID drivers. An attacker, able to plug in a malicious USB device, can crash the system or read and write to memory with an incorrect address. Mitigation Mitigation for this issue is either not available or the currently available options...

6.8CVSS1.5AI score0.00504EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2019/12/10 11:51 a.m.49 views

CVE-2019-19449

An out of bounds OOB memory access flaw was found in the Linux kernel's F2FS file system. A local attacker could use this vulnerability to crash the system or leak kernel internal information. Mitigation Red Hat has investigated whether a possible mitigation exists for this issue, and has not bee...

7.8CVSS1.6AI score0.02014EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2019/11/05 10:21 p.m.49 views

CVE-2017-12165

It was discovered that Undertow processes http request headers with unusual whitespaces which can cause possible http request smuggling...

7.5CVSS0.9AI score0.01858EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2019/11/04 4:10 p.m.49 views

CVE-2019-1125

A Spectre gadget was found in the Linux kernel's implementation of system interrupts. An attacker with local access could use this information to reveal private data through a Spectre like side channel. Mitigation For mitigation related information, please refer to the Red Hat Knowledgebase artic...

5.9CVSS0.5AI score0.04521EPSS
Exploits4References3
RedhatCVE
RedhatCVE
added 2019/10/20 12:7 p.m.49 views

CVE-2018-13405

A vulnerability was found in the fs/inode.c:inodeinitowner function logic of the LInux kernel that allows local users to create files with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a directory is SGID and belongs to a certain group an...

7.8CVSS3AI score0.0101EPSS
Exploits2References2
RedhatCVE
RedhatCVE
added 2019/10/19 6:8 p.m.49 views

CVE-2018-14613

An issue was discovered in the btrfs filesystem code in the Linux kernel. An invalid pointer dereference in ioctlmappage when mounting and operating a crafted btrfs image is due to a lack of block group item validation in checkleafitem in fs/btrfs/tree-checker.c function. This could lead to a...

7.1CVSS3AI score0.02512EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2019/10/10 11:37 p.m.49 views

CVE-2017-11600

The xfrmmigrate function in the net/xfrm/xfrmpolicy.c file in the Linux kernel built with CONFIGXFRMMIGRATE does not verify if the dir parameter is less than XFRMPOLICYMAX. This allows a local attacker to cause a denial of service out-of-bounds access or possibly have unspecified other impact by...

7CVSS5AI score0.00406EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2019/10/08 10:56 a.m.49 views

CVE-2018-2798

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: AWT. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with...

5.3CVSS2.6AI score0.078EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2019/10/08 10:48 a.m.49 views

CVE-2017-7668

A buffer over-read flaw was found in the httpd's apfindtoken function. A remote attacker could use this flaw to cause httpd child process to crash via a specially crafted HTTP request...

7.5CVSS1.7AI score0.57472EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2019/06/11 2:52 p.m.49 views

CVE-2019-3875

A vulnerability was found in keycloak before 6.0.2. The X.509 authenticator supports the verification of client certificates through the CRL, where the CRL list can be obtained from the URL provided in the certificate itself CDP or through the separately configured path. The CRL are often availab...

6.5CVSS1.2AI score0.00291EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2019/04/02 10:50 a.m.49 views

CVE-2019-0215

A flaw was found in Apache HTTP Server 2.4 releases 2.4.37 and 2.4.38. A bug in modssl, when using per-location client certificate verification with TLSv1.3, allowed a client supporting Post-Handshake Authentication to bypass configured access control restrictions. An attacker could perform vario...

7.5CVSS2.2AI score0.10508EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2018/12/27 9:49 p.m.49 views

CVE-2018-20482

GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows local users to cause a denial of service infinite read loop in sparsedumpregion in sparse.c by modifying a file that is supposed to be archived by a different user's process e.g., a system back...

5.5CVSS3.7AI score0.00526EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2018/05/18 5:20 a.m.49 views

CVE-2018-1123

Due to incorrect accounting when decoding and escaping Unicode data in procfs, ps is vulnerable to overflowing an mmaped region when formatting the process list for display. Since ps maps a guard page at the end of the buffer, impact is limited to a crash...

7.5CVSS2.3AI score0.09081EPSS
Exploits5References2
RedhatCVE
RedhatCVE
added 2017/12/12 9:49 a.m.49 views

CVE-2017-1000408

A memory leak in glibc 2.1.1 released on May 24, 1999 can be reached and amplified through the LDHWCAPMASK environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched for CVE-2017-1000366...

7.8CVSS4.4AI score0.02733EPSS
Exploits15References1
RedhatCVE
RedhatCVE
added 2017/10/13 7:19 a.m.49 views

CVE-2017-5123

The waitid implementation in upstream kernels did not restrict the target destination to copy information results. This can allow local users to write to otherwise protected kernel memory, which can lead to privilege escalation...

8.8CVSS7.1AI score0.03714EPSS
Exploits10References1
RedhatCVE
RedhatCVE
added 2017/08/21 1:20 p.m.49 views

CVE-2017-12455

The evaxbfdprintemh function in vms-alpha.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted vms alpha file...

7.8CVSS5.5AI score0.01493EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2017/08/15 12:49 p.m.49 views

CVE-2017-12134

The xenbiovecphysmergeable function in drivers/xen/biomerge.c in Xen might allow local OS guest users to corrupt block device data streams and consequently obtain sensitive memory information, cause a denial of service, or gain host OS privileges by leveraging incorrect block IO merge-ability...

8.8CVSS5.8AI score0.00497EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2017/04/20 6:20 a.m.49 views

CVE-2017-5432

A use-after-free vulnerability occurs during certain text input selection resulting in a potentially exploitable crash. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox ESR 52.1, and Firefox 53...

7.5CVSS3.6AI score0.0318EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2017/04/19 10:18 a.m.49 views

CVE-2017-3514

Vulnerability in the Java SE component of Oracle Java SE subcomponent: AWT. Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful...

8.3CVSS2.8AI score0.02487EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2017/02/03 12:49 p.m.49 views

CVE-2016-10159

Integer overflow in the pharparsepharfile function in ext/phar/phar.c in PHP before 5.6.30 and 7.0.x before 7.0.15 allows remote attackers to cause a denial of service memory consumption or application crash via a truncated manifest entry in a PHAR archive...

7.5CVSS5.9AI score0.07618EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2016/12/21 3:18 p.m.49 views

CVE-2016-8743

It was discovered that the HTTP parser in httpd incorrectly allowed certain characters not permitted by the HTTP protocol specification to appear unencoded in HTTP request headers. If httpd was used in conjunction with a proxy or backend server that interpreted those characters differently, a...

7.5CVSS2.4AI score0.13252EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2016/12/06 1:17 p.m.49 views

CVE-2016-9637

An out of bounds array access issue was found in the Xen virtual machine monitor, built with the QEMU ioport support. It could occur while doing ioport read/write operations, if guest was to supply a 32bit address parameter. A privileged guest user/process could use this flaw to potentially...

7.6CVSS2.5AI score0.00364EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2016/11/22 10:47 a.m.49 views

CVE-2016-7431

NTP before 4.2.8p9 allows remote attackers to bypass the origin timestamp protection mechanism via an origin timestamp of zero. NOTE: this vulnerability exists because of a CVE-2015-8138 regression...

5.3CVSS5.8AI score0.0864EPSS
Exploits2References2
RedhatCVE
RedhatCVE
added 2026/01/25 9:16 a.m.48 views

CVE-2026-1103

The AIKTP plugin for WordPress is vulnerable to unauthorized modification of data due to missing authorization checks on the /aiktp/getToken REST API endpoint in all versions up to, and including, 5.0.04. The endpoint uses the 'verifyuserloggedin' as a permission callback, which only checks if a...

5.4CVSS5.5AI score0.00239EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:31 a.m.48 views

CVE-2023-25572

react-admin is a frontend framework for building browser applications on top of REST/GraphQL APIs. react-admin prior to versions 3.19.12 and 4.7.6, along with ra-ui-materialui prior to 3.19.12 and 4.7.6, are vulnerable to cross-site scripting. All React applications built with react-admin and usi...

5.4CVSS5.4AI score0.00694EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:18 a.m.48 views

CVE-2025-1188

A vulnerability, which was classified as critical, has been found in Codezips Gym Management System 1.0. Affected by this issue is some unknown functionality of the file /dashboard/admin/updateroutine.php. The manipulation of the argument tid leads to sql injection. The attack may be launched...

9.8CVSS7.3AI score0.00484EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/11/12 3:46 a.m.48 views

CVE-2025-11873

The WP BBCode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'url' shortcode in all versions up to, and including, 1.8.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers,...

6.4CVSS5AI score0.00196EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/07/16 8:58 p.m.48 views

CVE-2025-53820

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting XSS vulnerability was identified in the index.php endpoint of the WeGIA application prior to version 3.4.5. This vulnerability allows attackers to inject...

6.5CVSS6AI score0.0024EPSS
Exploits1References1
Total number of security vulnerabilities5000