Lucene search
K
RedhatcveMost viewed

206286 matches found

RedhatCVE
RedhatCVE
•added 2021/01/03 6:49 p.m.•126 views

CVE-2016-8735

The JmxRemoteLifecycleListener was not updated to take account of Oracle's fix for CVE-2016-3427. JMXRemoteLifecycleListener is only included in EWS 2.x and JWS 3.x source distributions. If you deploy a Tomcat instance built from source, using the EWS 2.x, or JWS 3.x distributions, an attacker...

10CVSS3.4AI score0.92334EPSS
Exploits1References2
RedhatCVE
RedhatCVE
•added 2019/10/08 12:15 p.m.•126 views

CVE-2017-12615

A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. Mitigation Ensure that readonly is set to true the default for the...

8.1CVSS1.8AI score0.99607EPSS
Exploits17References2
RedhatCVE
RedhatCVE
•added 2023/10/30 8:28 p.m.•125 views

CVE-2023-39017

A code injection vulnerability was found in quartz-jobs. The issue resides in the org.quartz.jobs.ee.jms.SendQueueMessageJob.execute component, where an unchecked argument can trigger the vulnerability. Mitigation Mitigation for this issue is either not available or the currently available option...

5.3CVSS9.4AI score0.01017EPSS
Exploits1References3
RedhatCVE
RedhatCVE
•added 2023/07/09 7:17 a.m.•125 views

CVE-2023-3390

A use-after-free flaw was found in the Netfilter subsystem of the Linux kernel when processing named and anonymous sets in batch requests, which can lead to performing arbitrary reads and writes in kernel memory. This flaw allows a local user with CAPNETADMIN capability to crash or potentially...

7.8CVSS6.3AI score0.12966EPSS
Exploits7References4
RedhatCVE
RedhatCVE
•added 2023/03/24 1:7 p.m.•125 views

CVE-2023-20861

A flaw found was found in Spring Framework. This flaw allows a malicious user to use a specially crafted SpEL expression that causes a denial of service DoS...

5.3CVSS6.5AI score0.03514EPSS
Exploits1References4
RedhatCVE
RedhatCVE
•added 2022/05/18 10:30 p.m.•125 views

CVE-2022-29581

A use-after-free flaw was found in u32change in net/sched/clsu32.c in the network subcomponent of the Linux kernel. This flaw allows a local attacker to crash the system, cause a privilege escalation, and leak kernel information. Mitigation To mitigate this issue, prevent the module clsu32 from...

7.8CVSS7.1AI score0.01027EPSS
Exploits1References5
RedhatCVE
RedhatCVE
•added 2022/04/20 6:14 p.m.•125 views

CVE-2022-26832

.NET Framework Denial of Service Vulnerability...

7.5CVSS7.4AI score0.0328EPSS
Exploits0References3
RedhatCVE
RedhatCVE
•added 2021/11/01 5:41 p.m.•125 views

CVE-2021-41182

jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the altField option of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the altField option is now...

6.5CVSS4.8AI score0.37788EPSS
Exploits1References3
RedhatCVE
RedhatCVE
•added 2019/10/30 9:26 a.m.•125 views

CVE-2019-17498

In libssh2 v1.9.0 and earlier versions, the SSHMSGDISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary out-of-bounds offset for a subsequent memory read. A crafted SSH server may be able to disclose sensitive information or cause a...

8.1CVSS5.4AI score0.03793EPSS
Exploits1References4
RedhatCVE
RedhatCVE
•added 2024/04/15 2:50 p.m.•124 views

CVE-2024-1874

A command injection flaw was found in PHP, exclusive to Windows environments. This flaw allows an attacker to perform command injection on Windows applications that indirectly depend on the CreateProcess function in specific conditions. The CreateProcess function implicitly uses cmd.exe when...

9.4CVSS7.4AI score0.32568EPSS
Exploits2References4
RedhatCVE
RedhatCVE
•added 2023/10/11 7:12 a.m.•124 views

CVE-2023-38545

A heap-based buffer overflow flaw was found in the SOCKS5 proxy handshake in the Curl package. If Curl is unable to resolve the address itself, it passes the hostname to the SOCKS5 proxy. However, the maximum length of the hostname that can be passed is 255 bytes. If the hostname is longer, then...

8.1CVSS6.9AI score0.78483EPSS
Exploits6References4
RedhatCVE
RedhatCVE
•added 2023/08/22 5:50 p.m.•124 views

CVE-2023-40175

An HTTP request smuggling attack vulnerability was found in Rubygem Puma. This flaw allows an attacker to gain unauthorized access to sensitive data due to an inconsistent interpretation of HTTP requests...

7.3CVSS8.9AI score0.00738EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2021/07/18 1:58 a.m.•124 views

CVE-2020-7662

websocket-extensions npm module prior to 0.1.4 allows Denial of Service DoS via Regex Backtracking. The extension parser may take quadratic time when parsing a header containing an unclosed string parameter value whose content is a repeating two-byte sequence of a backslash and some other...

5CVSS4.2AI score0.02955EPSS
Exploits1References4
RedhatCVE
RedhatCVE
•added 2022/11/04 10:26 a.m.•123 views

CVE-2022-43680

A use-after-free flaw was found in the Expat package, caused by destruction of a shared DTD in XMLExternalEntityParserCreate in out-of-memory situations. This may lead to availability disruptions...

7.5CVSS7.6AI score0.02241EPSS
Exploits1References4
RedhatCVE
RedhatCVE
•added 2022/10/17 7:1 a.m.•123 views

CVE-2022-42003

A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAPSINGLEVALUEARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting...

7.5CVSS3.9AI score0.02824EPSS
Exploits2References3
RedhatCVE
RedhatCVE
•added 2022/09/06 2:29 p.m.•123 views

CVE-2022-38533

A vulnerability was found in the strip utility of binutils. An attacker able to convince a victim to process a specially crafted COFF file by the strip utility can lead to a heap-based buffer overflow, causing the utility to crash. Mitigation Do not process untrusted files with the strip utility...

5.5CVSS4AI score0.00311EPSS
Exploits0References3
RedhatCVE
RedhatCVE
•added 2022/08/09 5:25 p.m.•123 views

CVE-2022-34716

An information disclosure vulnerability exists in .NET Core and .NET. This issue can lead to unauthorized access to privileged information...

5.9CVSS3.6AI score0.0192EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2022/07/21 10:46 a.m.•123 views

CVE-2021-33655

An out-of-bounds write flaw was found in the Linux kernel’s framebuffer-based console driver functionality in the way a user triggers ioctl FBIOPUTVSCREENINFO with malicious data. This flaw allows a local user to crash or potentially escalate their privileges on the system. Mitigation Mitigation...

6.7CVSS1.5AI score0.00305EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2024/08/16 5:43 a.m.•122 views

CVE-2024-42472

A sandbox escape vulnerability was found in Flatpak due to a symlink-following issue when mounting persistent directories. This flaw allows a local user or attacker to craft a symbolic link that can bypass the intended restrictions, enabling access to and modification of files outside the...

7.4CVSS9AI score0.01283EPSS
Exploits1References12
RedhatCVE
RedhatCVE
•added 2023/08/08 5:20 p.m.•122 views

CVE-2022-40982

A Gather Data Sampling GDS transient execution side-channel vulnerability was found affecting certain Intel processors. This issue may allow a local attacker using gather instruction load from memory to infer stale data from previously used vector registers on the same physical core. Mitigation T...

6.5CVSS6.6AI score0.03882EPSS
Exploits1References4
RedhatCVE
RedhatCVE
•added 2023/02/07 5:26 a.m.•122 views

CVE-2022-44268

An information disclosure vulnerability was found in ImageMagick. This flaw allows an attacker to read arbitrary files from a server when parsing an image and happens when the program is parsing a PNG image. If ImageMagick has permission to read other arbitrary files, the resulting image could ha...

6.5CVSS1.2AI score0.89855EPSS
Exploits28References5
RedhatCVE
RedhatCVE
•added 2022/06/22 6:36 a.m.•122 views

CVE-2022-2068

A flaw was found in OpenSSL. The issue in CVE-2022-1292 did not find other places in the crehash script where it possibly passed the file names of certificates being hashed to a command executed through the shell. Some operating systems distribute this script in a manner where it is automatically...

10CVSS1.3AI score0.95764EPSS
Exploits6References4
RedhatCVE
RedhatCVE
•added 2022/05/18 5:34 p.m.•122 views

CVE-2022-22970

A flaw was found in Spring Framework. Applications that handle file uploads are vulnerable to a denial of service DoS attack if they rely on data binding to set a MultipartFile or javax.servlet.Part to a field in a model object...

5.3CVSS1.9AI score0.01853EPSS
Exploits1References4
RedhatCVE
RedhatCVE
•added 2022/04/11 7:44 p.m.•122 views

CVE-2022-28893

A use-after-free flaw was found in the Linux kernel’s net/sunrpc/xprt.c function in the Remote Procedure Call SunRPC protocol. This flaw allows a local attacker to crash the system, leading to a kernel information leak issue. Mitigation This flaw can be mitigated by preventing the affected SUNRPC...

7.8CVSS0.5AI score0.00403EPSS
Exploits0References6
RedhatCVE
RedhatCVE
•added 2024/01/19 3:37 p.m.•121 views

CVE-2024-21733

An information disclosure vulnerability was found in Apache Tomcat. Incomplete POST requests triggered an error response that could contain data from a previous HTTP request. This flaw allows a remote attacker to access files from another user that should be otherwise prevented by limits or...

5.3CVSS5AI score0.14286EPSS
Exploits3References5
RedhatCVE
RedhatCVE
•added 2022/12/14 2:5 p.m.•121 views

CVE-2022-41881

A flaw was found in codec-haproxy from the Netty project. This flaw allows an attacker to build a malformed crafted message and cause infinite recursion, causing stack exhaustion and leading to a denial of service DoS...

7.5CVSS7.1AI score0.01466EPSS
Exploits1References3
RedhatCVE
RedhatCVE
•added 2018/08/22 8:49 a.m.•121 views

CVE-2018-11776

Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when alwaysSelectFullNamespace is true either by user or a plugin like Convention Plugin and then: results are used with no namespace and in same time, its upper package have no or wildcard namespace...

9.8CVSS3.7AI score0.99993EPSS
Exploits41References2
RedhatCVE
RedhatCVE
•added 2018/08/20 1:49 a.m.•121 views

CVE-2018-15473

A user enumeration vulnerability flaw was found in OpenSSH, though version 7.7. The vulnerability occurs by not delaying bailout for an invalid authenticated user until after the packet containing the request has been fully parsed. The highest threat from this vulnerability is to data...

5.3CVSS0.6AI score0.98631EPSS
Exploits23References2
RedhatCVE
RedhatCVE
•added 2024/03/14 9:40 p.m.•120 views

CVE-2024-24549

A vulnerability was found in the Tomcat package due to its handling of HTTP/2 requests. Specifically, when an HTTP/2 request surpasses the predetermined limits for headers configured within the server, the associated HTTP/2 stream isn't reset immediately. Instead, the reset action occurs only aft...

7.5CVSS7.3AI score0.64124EPSS
Exploits1References4
RedhatCVE
RedhatCVE
•added 2024/02/08 5:6 p.m.•120 views

CVE-2024-0985

A flaw was found in PostgreSQL. A late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL can allow an object creator to execute arbitrary SQL functions as the command issuer. The command intends to run SQL functions as the owner of the materialized view, enabling a safe refre...

8CVSS8.4AI score0.01465EPSS
Exploits0References3
RedhatCVE
RedhatCVE
•added 2022/05/12 8:28 a.m.•120 views

CVE-2022-1652

A use-after-free flaw was found in the Linux kernel’s floppy driver implementation. This flaw allows a local attacker to possibly corrupt memory. Mitigation The floppy module will be auto-loaded when the hardware is present. Its loading can be prevented with the following instructions: echo...

7.8CVSS7.3AI score0.00537EPSS
Exploits0References3
RedhatCVE
RedhatCVE
•added 2022/03/31 6:32 p.m.•120 views

CVE-2022-22963

A flaw was found in Spring Cloud Function via the spring.cloud.function.routing-expression header that is modified by the attacker to contain malicious expression language code. The attacker is able to call functions that should not normally be accessible, including runtime exec calls. Mitigation...

9.8CVSS4.8AI score0.99939EPSS
Exploits36References5
RedhatCVE
RedhatCVE
•added 2021/08/08 11:20 a.m.•120 views

CVE-2021-21644

A cross-site request forgery CSRF vulnerability was found in the config-file-provider Jenkins plugin. The plugin does not require POST requests for an HTTP endpoint which allows attackers to delete configuration files corresponding to an attacker-specified ID...

6.3CVSS2.5AI score0.01053EPSS
Exploits0References3
RedhatCVE
RedhatCVE
•added 2021/07/20 12:55 p.m.•120 views

CVE-2021-33910

A flaw was found in systemd. The use of alloca function with an uncontrolled size in function unitnamepathescape allows a local attacker, able to mount a filesystem on a very long path, to crash systemd and the whole system by allocating a very large space in the stack. The highest threat from th...

5.5CVSS1.3AI score0.0865EPSS
Exploits2References4
RedhatCVE
RedhatCVE
•added 2023/07/26 4:47 p.m.•119 views

CVE-2023-35942

A flaw was found in Envoy, where gRPC access loggers using the listener's global scope can cause a use-after-free crash when the listener is drained. This issue can be triggered by a listener discovery service LDS update with the same gRPC access log configuration...

6.5CVSS6.8AI score0.00735EPSS
Exploits1References3
RedhatCVE
RedhatCVE
•added 2022/08/19 8:38 a.m.•119 views

CVE-2022-2739

The version of podman as released for Red Hat Enterprise Linux 7 Extras via RHSA-2022:2190 advisory included an incorrect version of podman missing the fix for CVE-2020-14370, which was previously fixed via RHSA-2020:5056. This issue could possibly allow an attacker to gain access to sensitive...

5.3CVSS5.1AI score0.01402EPSS
Exploits0References3
RedhatCVE
RedhatCVE
•added 2022/02/21 5:36 p.m.•119 views

CVE-2022-23647

A Cross-site scripting attack was found in Prism. The command-line plugin did not properly escape its output. This issue leads to the input text being inserted into the Document Object Model DOM as HTML code, which can be exploited by an attacker...

7.5CVSS0.8AI score0.01456EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2021/11/01 5:41 p.m.•119 views

CVE-2021-41183

jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of various Text options of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. The values passed to various Text options are now alway...

6.5CVSS2.5AI score0.07948EPSS
Exploits1References3
RedhatCVE
RedhatCVE
•added 2023/11/28 11:49 a.m.•118 views

CVE-2023-5981

A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS1 v1.5 padding. Mitigation To address the issue found upgrade to GnuTLS 3.8.2 or later versions...

5.9CVSS7.5AI score0.01257EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2023/07/06 5:57 a.m.•118 views

CVE-2023-26136

A flaw was found in the tough-cookie package which allows Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized...

6.5CVSS8.8AI score0.02542EPSS
Exploits2References8
RedhatCVE
RedhatCVE
•added 2022/05/07 1:54 p.m.•118 views

CVE-2021-29923

A flaw was found in golang. Extraneous zero characters at the beginning of an IP address octet are not properly considered which could allow an attacker to bypass IP-based access controls. The highest threat from this vulnerability is to data confidentiality and integrity as well as system...

7.5CVSS1.5AI score0.03775EPSS
Exploits1References4
RedhatCVE
RedhatCVE
•added 2025/05/23 4:29 a.m.•117 views

CVE-2023-4444

A vulnerability classified as critical was found in SourceCodester Free Hospital Management System for Small Practices 1.0. Affected by this vulnerability is an unknown functionality of the file vm\patient\edit-user.php. The manipulation of the argument id00/nic/oldemail/email/spec/Tele leads to...

9.8CVSS8AI score0.00596EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2024/01/17 3:56 a.m.•117 views

CVE-2023-45237

A security flaw has been identified in the cryptographic system of EDK2, the open-source reference implementation of the UEFI specification. This vulnerability enables an unauthorized remote attacker to potentially expose sensitive information. Mitigation Mitigation for this issue is either not...

7.5CVSS6.3AI score0.00986EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2023/03/07 4:30 p.m.•117 views

CVE-2023-25690

A vulnerability was found in httpd. This security issue occurs when some modproxy configurations on Apache HTTP Server allow an HTTP Request Smuggling attack. Configurations are affected when modproxy is enabled along with some form of RewriteRule or ProxyPassMatch in which a non-specific pattern...

9.8CVSS9AI score0.8377EPSS
Exploits5References4
RedhatCVE
RedhatCVE
•added 2022/05/02 4:22 p.m.•117 views

CVE-2022-27239

A stack-based buffer overflow issue was found in cifs-utils. Parsing the mount.cifs ip command-line argument can lead to local attackers gaining root privileges...

7.8CVSS5.9AI score0.00557EPSS
Exploits0References3
RedhatCVE
RedhatCVE
•added 2022/03/15 2:43 p.m.•117 views

CVE-2022-22719

A flaw was found in the modlua module of httpd. A crafted request body can cause a read to a random memory area due to an uninitialized value in functions called by the parsebody function. The highest threat from this vulnerability is to system availability. Mitigation Disabling modlua and...

7.5CVSS8.5AI score0.69803EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2022/02/11 10:46 a.m.•117 views

CVE-2022-23806

A flaw was found in the elliptic package of the crypto library in golang when the IsOnCurve function could return true for invalid field elements. This flaw allows an attacker to take advantage of this undefined behavior, affecting the availability and integrity of the resource...

9.1CVSS3.5AI score0.03015EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2019/01/15 12:50 a.m.•117 views

CVE-2019-6110

In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server or Man-in-The-Middle attacker can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred. Mitigation This issue only affects the user...

6.8CVSS2.2AI score0.20906EPSS
Exploits8References2
RedhatCVE
RedhatCVE
•added 2022/08/24 3:11 p.m.•116 views

CVE-2022-32743

A flaw was found in samba that validates the domain name system's host name. This issue links a trailing $ to objectclass=computer, which helps avoid the creation of SPN values that collide with other, possibly privileged hosts...

7.5CVSS2AI score0.01147EPSS
Exploits1References3
RedhatCVE
RedhatCVE
•added 2022/04/11 7:55 p.m.•116 views

CVE-2022-24329

In JetBrains Kotlin before 1.6.0, it was not possible to lock dependencies for Multiplatform Gradle Projects...

5.3CVSS2.3AI score0.02178EPSS
Exploits0References3
Total number of security vulnerabilities5000