Lucene search
K
RedhatcveMost viewed

206311 matches found

RedhatCVE
RedhatCVE
added 2019/12/20 6:38 p.m.46 views

CVE-2019-17563

It was found that tomcat's FORM authentication allowed a very small period in which an attacker could possibly force a victim to use a valid user session, or Session Fixation. While practical exploit of this issue is deemed highly improbable, an abundance of caution merits it be considered a flaw...

7.5CVSS2.5AI score0.10687EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2019/11/02 9:34 a.m.46 views

CVE-2018-11784

When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to a directory e.g. redirecting to '/foo/' when the user requested '/foo' a specially crafted URL could be used to cause the redirect to be generated to any URI of the...

5.3CVSS4AI score0.94494EPSS
Exploits3References2
RedhatCVE
RedhatCVE
added 2019/11/01 9:25 a.m.46 views

CVE-2019-18424

A flaw was found in Xen. A PCI device assigned to an untrusted domain can be programmed to an arbitrary address in DMA. When the guest domain is removed, the device is assigned back to dom0 allowing any in-flight DMA to potentially target critical host data. The highest threat from this...

7.6CVSS4.7AI score0.00497EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2019/10/27 12:25 p.m.46 views

CVE-2019-11085

A flaw was found in the Linux kernel's implementation of GVT-g which allowed an attacker with access to a 'passed through' Intel i915 graphics card to possibly access resources allocated to other virtual machines, crash the host, or possibly corrupt memory leading to privilege escalation...

8.8CVSS3.3AI score0.00475EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2019/10/21 6:3 a.m.46 views

CVE-2018-10883

A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bound write in jbd2journaldirtymetadata, a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image...

5.5CVSS2.7AI score0.0053EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2019/10/21 6:3 a.m.46 views

CVE-2018-10881

A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bound access in ext4getgroupinfo function, a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image...

5.5CVSS3.2AI score0.00766EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2019/10/19 6:58 p.m.46 views

CVE-2019-2422

Vulnerability in the Java SE component of Oracle Java SE subcomponent: Libraries. Supported versions that are affected are Java SE: 7u201, 8u192 and 11.0.1; Java SE Embedded: 8u191. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to...

3.1CVSS2.5AI score0.03374EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2019/10/13 7:44 p.m.46 views

CVE-2018-14632

An out of bounds write can occur when patching an Openshift object using the 'oc patch' functionality in OpenShift Container Platform 3.x. An attacker can use this flaw to cause a denial of service attack on the Openshift master API service which provides cluster management...

7.7CVSS2.8AI score0.01952EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2019/10/11 9:46 a.m.46 views

CVE-2018-5131

Under certain circumstances the "fetch" API can return transient local copies of resources that were sent with a "no-store" or "no-cache" cache header instead of downloading a copy from the network as it should. This can result in previously stored, locally cached data of a website being accessib...

6.1CVSS2.6AI score0.02323EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2019/10/10 4:49 a.m.46 views

CVE-2016-10708

sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c...

7.5CVSS5.5AI score0.15716EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2019/10/09 10:0 a.m.46 views

CVE-2018-16802

An issue was discovered in Artifex Ghostscript before 9.25. Incorrect "restoration of privilege" checking when running out of stack during exception handling could be used by attackers able to supply crafted PostScript to execute code using the "pipe" instruction. This is due to an incomplete fix...

9.3CVSS2.3AI score0.92499EPSS
Exploits4References2
RedhatCVE
RedhatCVE
added 2019/10/08 3:55 a.m.46 views

CVE-2017-12616

When using a VirtualDirContext with Apache Tomcat 7.0.0 to 7.0.80 it was possible to bypass security constraints and/or view the source code of JSPs for resources served by the VirtualDirContext using a specially crafted request...

7.5CVSS2.4AI score0.708EPSS
Exploits4References2
RedhatCVE
RedhatCVE
added 2019/10/02 8:51 a.m.46 views

CVE-2019-11253

A flaw was found kubernetes. The parsing of YAML manifests by the Kubernetes API server could lead to a denial-of-service attack leaving it vulnerable to an instance of a "billion laughs" attack. The highest threat from this vulnerability is to system availability...

7.5CVSS2.5AI score0.25939EPSS
Exploits2References4
RedhatCVE
RedhatCVE
added 2019/02/27 3:20 p.m.46 views

CVE-2009-5155

In the GNU C Library aka glibc or libc6 before 2.28, parseregexp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service assertion failure and application exit or trigger an incorrect result by attempting a regular-expression match...

7.5CVSS5.1AI score0.03906EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2018/12/04 10:22 a.m.46 views

CVE-2018-19628

A divide-by-zero vulnerability in ZigBee ZCL dissector allows Wireshark to crash when parsing a specially crafted pcap file. An attacker could cause a denial of service to Wireshark by injecting malicious packets into victim's WPAN network...

7.5CVSS5.1AI score0.03141EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2018/10/08 9:20 p.m.46 views

CVE-2018-18025

In ImageMagick 7.0.8-13 Q16, there is a heap-based buffer over-read in the EncodeImage function of coders/pict.c, which allows attackers to cause a denial of service via a crafted SVG image file...

6.5CVSS4.4AI score0.02541EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2018/09/06 1:19 a.m.46 views

CVE-2018-16509

It was discovered that the ghostscript /invalidaccess checks fail under certain conditions. An attacker could possibly exploit this to bypass the -dSAFER protection and, for example, execute arbitrary shell commands via a specially crafted PostScript document. Mitigation ImageMagick relies on...

9.3CVSS0.3AI score0.92499EPSS
Exploits4References2
RedhatCVE
RedhatCVE
added 2018/06/07 6:19 p.m.46 views

CVE-2016-1000340

In the Bouncy Castle JCE Provider versions 1.51 to 1.55, a carry propagation bug was introduced in the implementation of squaring for several raw math classes have been fixed org.bouncycastle.math.raw.Nat???. These classes are used by our custom elliptic curve implementations...

7.5CVSS2.8AI score0.02241EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2018/05/22 1:19 p.m.46 views

CVE-2018-11236

stdlib/canonicalize.c in the GNU C Library aka glibc or libc6 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitrary code execution...

9.8CVSS5.1AI score0.074EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2018/05/17 9:19 p.m.46 views

CVE-2018-11037

In Exiv2 0.26, the Exiv2::PngImage::printStructure function in pngimage.cpp allows remote attackers to cause an information leak via a crafted file...

6.5CVSS4.8AI score0.02363EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2018/05/02 10:29 a.m.46 views

CVE-2018-10547

An issue was discovered in ext/phar/pharobject.c in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. There is Reflected XSS on the PHAR 403 and 404 error pages via request data of a request for a .phar file. NOTE: this vulnerability exists because of an...

6.1CVSS2.9AI score0.79949EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2018/04/17 9:19 p.m.46 views

CVE-2018-2790

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

3.1CVSS2.2AI score0.05095EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2017/11/29 11:20 a.m.46 views

CVE-2017-8818

curl and libcurl before 7.57.0 on 32-bit platforms allow attackers to cause a denial of service out-of-bounds access and application crash or possibly have unspecified other impact because too little memory is allocated for interfacing to an SSL library...

9.8CVSS6.9AI score0.03995EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2017/11/07 12:20 p.m.46 views

CVE-2017-15286

SQLite 3.20.1 has a NULL pointer dereference in tableColumnList in shell.c because it fails to consider certain cases where sqlite3steppStmt==SQLITEROW is false and a data structure is never initialized...

7.5CVSS2.5AI score0.02902EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2017/10/17 9:20 p.m.46 views

CVE-2017-10349

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: JAXP. Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...

5.3CVSS1.9AI score0.03305EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2017/10/17 9:19 p.m.46 views

CVE-2017-10347

Vulnerability in the Java SE, JRockit component of Oracle Java SE subcomponent: Serialization. Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...

5.3CVSS2.5AI score0.03114EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2017/10/03 9:49 a.m.46 views

CVE-2017-14955

CheckMK before 1.2.8p26 mishandles certain errors within the failed-login save feature because of a race condition, which allows remote attackers to obtain sensitive user information by reading a GUI crash report...

6.5CVSS4.2AI score0.12134EPSS
Exploits5References2
RedhatCVE
RedhatCVE
added 2017/09/12 12:48 p.m.46 views

CVE-2017-14317

A domain cleanup issue was discovered in the C xenstore daemon aka cxenstored in Xen through 4.9.x. When shutting down a VM with a stubdomain, a race in cxenstored may cause a double-free. The xenstored daemon may crash, resulting in a DoS of any parts of the system relying on it including domain...

5.6CVSS1.8AI score0.00277EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2017/08/10 7:18 p.m.46 views

CVE-2017-1000116

A shell command injection flaw related to the handling of "ssh" URLs has been discovered in Mercurial. This can be exploited to execute shell commands with the privileges of the user running the Mercurial client, for example, when performing a "checkout" or "update" action on a sub-repository...

10CVSS2.5AI score0.05734EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2017/08/03 2:20 p.m.46 views

CVE-2017-7533

A race condition was found in the Linux kernel, present since v3.14-rc1 through v4.12. The race happens between threads of inotifyhandleevent and vfsrename while running the rename operation against the same file. As a result of the race the next slab data or the slab's free list pointer can be...

7.8CVSS1.4AI score0.01223EPSS
Exploits3References1
RedhatCVE
RedhatCVE
added 2017/07/17 2:51 p.m.46 views

CVE-2017-11147

In PHP before 5.6.30 and 7.x before 7.0.15, the PHAR archive handler could be used by attackers supplying malicious archive files to crash the PHP interpreter or potentially disclose information due to a buffer over-read in the pharparsepharfile function in ext/phar/phar.c...

9.1CVSS3.2AI score0.0471EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2017/07/10 7:19 p.m.46 views

CVE-2017-9791

The Struts 1 plugin in Apache Struts 2.1.x and 2.3.x might allow remote code execution via a malicious field value passed in a raw message to the ActionMessage...

9.8CVSS4.3AI score0.98931EPSS
Exploits19References2
RedhatCVE
RedhatCVE
added 2017/04/18 10:25 p.m.46 views

CVE-2017-3544

A newline injection flaw was discovered in the SMTP client implementation in the Networking component in OpenJDK. A remote attacker could possibly use this flaw to manipulate SMTP connections established by a Java application...

4.3CVSS1.5AI score0.01686EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2017/02/13 11:12 a.m.46 views

CVE-2017-5970

A vulnerability was found in the Linux kernel where having malicious IP options present would cause the ipv4pktinfoprepare function to drop/free the dst. This could result in a system crash or possible privilege escalation...

7.5CVSS2.5AI score0.03915EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2016/11/11 9:17 a.m.46 views

CVE-2016-6809

Apache Tika before 1.14 allows Java code execution for serialized objects embedded in MATLAB files. The issue exists because Tika invokes JMatIO to do native deserialization...

9.8CVSS4.2AI score0.0809EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2026/01/26 11:31 p.m.45 views

CVE-2026-24048

Backstage is an open framework for building developer portals, and @backstage/backend-defaults provides the default implementations and setup for a standard Backstage backend app. Prior to versions 0.12.2, 0.13.2, 0.14.1, and 0.15.0, the FetchUrlReader component, used by the catalog and other...

3.5CVSS5.9AI score0.00201EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/01/22 6:13 a.m.45 views

CVE-2026-23737

A flaw was found in seroval, a JavaScript library designed to convert complex data into a string format. This vulnerability exists within the library's JSON deserialization process, which is responsible for converting string data back into usable objects. A remote attacker can exploit improper...

7.5CVSS5.8AI score0.00519EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/01/09 11:19 a.m.45 views

CVE-2021-22388

There is an Integer Overflow Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause certain codes to be executed...

9.8CVSS6.8AI score0.00787EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:48 a.m.45 views

CVE-2022-31890

SQL Injection vulnerability in audit/class.audit.php in osTicket osTicket-plugins before commit a7842d494889fd5533d13deb3c6a7789768795ae via the order parameter to the getOrder function...

9.8CVSS8AI score0.01503EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:58 a.m.45 views

CVE-2023-49176

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodeRevolution WP Pocket URLs allows Reflected XSS.This issue affects WP Pocket URLs: from n/a through 1.0.2...

7.1CVSS7.1AI score0.00403EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:23 a.m.45 views

CVE-2023-43338

Cesanta mjs v2.20.0 was discovered to contain a function pointer hijacking vulnerability via the function mjsgetptr. This vulnerability allows attackers to execute arbitrary code via a crafted input...

9.8CVSS8.2AI score0.00903EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 4:22 p.m.45 views

CVE-2020-27589

Synopsys hub-rest-api-python aka blackduck on PyPI version 0.0.25 - 0.0.52 does not validate SSL certificates in certain cases...

7.5CVSS6.8AI score0.01112EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/04/17 2:19 a.m.45 views

CVE-2025-33028

In WinZip through 29.0, there is a Mark-of-the-Web Bypass Vulnerability because of an incomplete fix for CVE-2024-8811. This vulnerability allows attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of WinZip. User interaction is required to exploit this...

7.8CVSS7.8AI score0.00477EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/10 7:54 p.m.45 views

CVE-2025-27738

Improper access control in Windows Resilient File System ReFS allows an authorized attacker to disclose information over a network...

6.5CVSS6.3AI score0.02848EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/04/02 7:33 a.m.45 views

CVE-2025-32044

A flaw has been identified in Moodle where, on certain sites, unauthenticated users could retrieve sensitive user data—including names, contact information, and hashed passwords—via stack traces returned by specific API calls. Sites with PHP configured with zend.exceptionignoreargs = 1 in the...

7.5CVSS7.1AI score0.00337EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2024/12/17 9:50 a.m.45 views

CVE-2023-31355

A flaw was found in the AMD firmware. This vulnerability allows a malicious hypervisor to overwrite a guest's UMC seed, potentially enabling the reading of memory from a decommissioned guest via improper restriction of write operations. Mitigation Mitigation for this issue is either not available...

6CVSS6.5AI score0.00443EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2024/12/12 8:40 a.m.45 views

CVE-2024-4109

A flaw was found in Undertow. An HTTP request header value from a previous stream may be incorrectly reused for a request associated with a subsequent stream on the same HTTP/2 connection. This issue can potentially lead to information leakage between requests...

4.8AI score
Exploits0References4
RedhatCVE
RedhatCVE
added 2024/05/01 5:5 p.m.45 views

CVE-2024-26942

In the Linux kernel, the following vulnerability has been resolved: net: phy: qcom: at803x: fix kernel panic with at8031probe On reworking and splitting the at803x driver, in splitting function of at803x PHYs it was added a NULL dereference bug where priv is referenced before it's actually...

5.5CVSS7AI score0.00147EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2024/03/19 5:26 p.m.45 views

CVE-2024-27439

A flaw was found in Apache Wicket. Under certain circumstances, this flaw allows an attacker to bypass Cross-Site Request Forgery CSRF protections...

8.1CVSS7AI score0.00681EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2024/03/04 8:8 p.m.45 views

CVE-2023-52532

In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix TX CQE error handling For an unknown TX CQE error type probably from a newer hardware, still free the SKB, update the queue tail, etc., otherwise the accounting will be wrong. Also, TX errors can be triggered by...

6CVSS6.5AI score0.0023EPSS
Exploits0References4
Total number of security vulnerabilities5000