Lucene search

K
RedhatVirtualization4.0

84 matches found

CVE
CVE
added 2023/10/03 6:15 p.m.1171 views

CVE-2023-4911

A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code...

7.8CVSS8.2AI score0.74608EPSS
CVE
CVE
added 2019/03/08 9:29 p.m.1075 views

CVE-2019-9636

Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: Improper Handling of Unicode Encoding (with an incorrect netloc) during NFKC normalization. The impact is: Information disclosure (credentials, cookies, etc. that are cached against a given hostname). The components are: urllib.parse...

9.8CVSS9.4AI score0.05634EPSS
CVE
CVE
added 2022/02/16 7:15 p.m.1019 views

CVE-2021-3560

It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges of the requestor to the root user. This flaw could be used by an unprivileged local attacker to, for example, create a new local administrator. The highest threat from this vu...

7.8CVSS6.1AI score0.05351EPSS
CVE
CVE
added 2021/12/23 9:15 p.m.920 views

CVE-2021-3621

A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. This flaw allows an attacker to trick the root user into running a specially crafted sssctl command, such as via sudo, to gain root access. The highest threa...

9.3CVSS8.8AI score0.00276EPSS
CVE
CVE
added 2019/06/07 6:29 p.m.866 views

CVE-2019-10160

A security regression of CVE-2019-9636 was discovered in python since commit d537ab0ff9767ef024f26246899728f0116b1ec3 affecting versions 2.7, 3.5, 3.6, 3.7 and from v3.8.0a4 through v3.8.0b1, which still allows an attacker to exploit CVE-2019-9636 by abusing the user and password parts of a URL. Wh...

9.8CVSS9.7AI score0.05634EPSS
CVE
CVE
added 2022/02/18 6:15 p.m.836 views

CVE-2020-25717

A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible privilege escalation.

8.5CVSS8.1AI score0.00152EPSS
CVE
CVE
added 2019/02/27 11:29 p.m.779 views

CVE-2019-1559

If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is receiv...

5.9CVSS6.3AI score0.04426EPSS
CVE
CVE
added 2019/09/20 7:15 p.m.744 views

CVE-2019-14816

There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.

7.8CVSS9.1AI score0.00289EPSS
CVE
CVE
added 2018/05/22 12:29 p.m.725 views

CVE-2018-3639

Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store ...

5.5CVSS5.9AI score0.46737EPSS
CVE
CVE
added 2018/08/22 5:29 p.m.587 views

CVE-2018-10858

A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server could use this flaw to cause arbitrary code execution on a samba client. Samba versions before 4.6.16, 4.7.9 and 4.8.4 are vulnerable.

8.8CVSS7.1AI score0.07048EPSS
CVE
CVE
added 2018/07/06 2:29 p.m.578 views

CVE-2018-13405

The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. Here, the non-member can trigge...

7.8CVSS6.5AI score0.00165EPSS
CVE
CVE
added 2019/09/17 4:15 p.m.552 views

CVE-2019-14835

A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migratio...

7.8CVSS8.3AI score0.00025EPSS
CVE
CVE
added 2018/04/26 9:29 p.m.519 views

CVE-2018-10237

Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks against servers that depend on this library and deserialize attacker-provided data, because the AtomicDoubleArray class (when serialized with Java serialization) ...

5.9CVSS5.9AI score0.03259EPSS
CVE
CVE
added 2022/02/04 11:15 p.m.466 views

CVE-2021-4154

A use-after-free flaw was found in cgroup1_parse_param in kernel/cgroup/cgroup-v1.c in the Linux kernel's cgroup v1 parser. A local attacker with a user privilege could cause a privilege escalation by exploiting the fsconfig syscall parameter leading to a container breakout and a denial of service ...

8.8CVSS8.1AI score0.00543EPSS
CVE
CVE
added 2022/03/25 7:15 p.m.452 views

CVE-2022-0435

A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed. This flaw allows a remote user to crash the system or possibly escalate their privileges i...

9CVSS9AI score0.60408EPSS
CVE
CVE
added 2018/04/18 1:29 a.m.442 views

CVE-2017-12196

undertow before versions 1.4.18.SP1, 2.0.2.Final, 1.4.24.Final was found vulnerable when using Digest authentication, the server does not ensure that the value of URI in the Authorization header matches the URI in HTTP request line. This allows the attacker to cause a MITM attack and access the des...

5.9CVSS5.6AI score0.00401EPSS
CVE
CVE
added 2018/08/06 8:29 p.m.439 views

CVE-2018-5390

Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service.

7.8CVSS7.5AI score0.19919EPSS
CVE
CVE
added 2019/06/14 2:29 p.m.413 views

CVE-2019-10126

A flaw was found in the Linux kernel. A heap based buffer overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c might lead to memory corruption and possibly other consequences.

9.8CVSS9.8AI score0.00873EPSS
CVE
CVE
added 2021/03/18 5:15 p.m.412 views

CVE-2020-27827

A flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets can cause memory to be lost when allocating data to handle specific optional TLVs, potentially causing a denial of service. The highest threat from this vulnerability is to system availability.

7.5CVSS7.2AI score0.00415EPSS
CVE
CVE
added 2021/08/31 5:15 p.m.402 views

CVE-2021-3634

A flaw has been found in libssh in versions prior to 0.9.6. The SSH protocol keeps track of two shared secrets during the lifetime of the session. One of them is called secret_hash and the other session_id. Initially, both of them are the same, but after key re-exchange, previous session_id is kept...

6.5CVSS6.5AI score0.00104EPSS
CVE
CVE
added 2018/02/06 3:29 p.m.400 views

CVE-2017-7525

A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.

9.8CVSS9.2AI score0.77336EPSS
CVE
CVE
added 2022/03/25 7:15 p.m.397 views

CVE-2022-0330

A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allows a local user to crash the system or escalate their privileges on the system.

7.8CVSS7.7AI score0.00046EPSS
CVE
CVE
added 2019/07/30 11:15 p.m.390 views

CVE-2019-10161

It was discovered that libvirtd before versions 4.10.1 and 5.4.1 would permit read-only clients to use the virDomainSaveImageGetXMLDesc() API, specifying an arbitrary path which would be accessed with the permissions of the libvirtd process. An attacker with access to the libvirtd socket could use ...

8.8CVSS8AI score0.00073EPSS
CVE
CVE
added 2018/08/09 8:29 p.m.380 views

CVE-2018-10915

A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If an affected version of libpq was used with "host" or "hostaddr" connection parameters from untrusted input, attackers could bypass client-side co...

8.5CVSS7.3AI score0.01557EPSS
CVE
CVE
added 2022/03/23 6:15 a.m.358 views

CVE-2022-27666

A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat.

7.8CVSS8AI score0.01101EPSS
CVE
CVE
added 2022/03/02 11:15 p.m.339 views

CVE-2021-3677

A flaw was found in postgresql. A purpose-crafted query can read arbitrary bytes of server memory. In the default configuration, any authenticated database user can complete this attack at will. The attack does not require the ability to create objects. If server settings include max_worker_process...

6.5CVSS6.4AI score0.00177EPSS
CVE
CVE
added 2019/06/12 2:29 p.m.315 views

CVE-2019-3888

A vulnerability was found in Undertow web server before 2.0.21. An information exposure of plain text credentials through log files because Connectors.executeRootHandler:402 logs the HttpServerExchange object at ERROR level using UndertowLogger.REQUEST_LOGGER.undertowRequestFailed(t, exchange)

9.8CVSS9.1AI score0.00569EPSS
CVE
CVE
added 2018/08/01 5:29 p.m.302 views

CVE-2018-10897

A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversa...

9.3CVSS7.8AI score0.0275EPSS
CVE
CVE
added 2019/01/25 6:29 p.m.302 views

CVE-2018-16881

A denial of service vulnerability was found in rsyslog in the imptcp module. An attacker could send a specially crafted message to the imptcp socket, which would cause rsyslog to crash. Versions before 8.27.0 are vulnerable.

7.5CVSS7.1AI score0.00436EPSS
CVE
CVE
added 2018/09/04 4:29 p.m.267 views

CVE-2018-10930

A flaw was found in RPC request using gfs3_rename_req in glusterfs server. An authenticated attacker could use this flaw to write to a destination outside the gluster volume.

6.5CVSS7AI score0.00776EPSS
CVE
CVE
added 2022/03/03 7:15 p.m.267 views

CVE-2021-3609

.A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege escalation to root.

7CVSS7.2AI score0.00055EPSS
CVE
CVE
added 2018/07/03 1:29 a.m.248 views

CVE-2018-10855

Ansible 2.5 prior to 2.5.5, and 2.4 prior to 2.4.5, do not honor the no_log task flag for failed tasks. When the no_log flag has been used to protect sensitive data passed to a task from being logged, and that task does not run successfully, Ansible will expose sensitive data in log files and on th...

5.9CVSS5.7AI score0.02523EPSS
CVE
CVE
added 2018/07/13 10:29 p.m.248 views

CVE-2018-10875

A flaw was found in ansible. ansible.cfg is read from the current working directory which can be altered to make it point to a plugin or a module path under the control of an attacker, thus allowing the attacker to execute arbitrary code.

7.8CVSS7.7AI score0.00062EPSS
CVE
CVE
added 2021/01/12 3:15 p.m.232 views

CVE-2020-25657

A flaw was found in all released versions of m2crypto, where they are vulnerable to Bleichenbacher timing attacks in the RSA decryption API via the timed processing of valid PKCS#1 v1.5 Ciphertext. The highest threat from this vulnerability is to confidentiality.

5.9CVSS5.6AI score0.00544EPSS
CVE
CVE
added 2018/01/12 9:29 a.m.223 views

CVE-2018-5344

In the Linux kernel through 4.14.13, drivers/block/loop.c mishandles lo_release serialization, which allows attackers to cause a denial of service (__lock_acquire use-after-free) or possibly have unspecified other impact.

7.8CVSS6.5AI score0.00043EPSS
CVE
CVE
added 2018/04/18 4:29 p.m.217 views

CVE-2018-1088

A privilege escalation flaw was found in gluster 3.x snapshot scheduler. Any gluster client allowed to mount gluster volumes could also mount shared gluster storage volume and escalate privileges by scheduling malicious cronjob via symlink.

8.1CVSS8AI score0.05224EPSS
CVE
CVE
added 2018/06/13 4:29 p.m.212 views

CVE-2018-11806

m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow via incoming fragmented datagrams.

8.2CVSS8.4AI score0.00055EPSS
CVE
CVE
added 2018/08/17 12:29 p.m.210 views

CVE-2018-10873

A vulnerability was discovered in SPICE before version 0.14.1 where the generated code used for demarshalling messages lacked sufficient bounds checks. A malicious client or server, after authentication, could send specially crafted messages to its peer which would result in a crash or, potentially...

8.8CVSS8AI score0.00516EPSS
CVE
CVE
added 2018/03/20 4:29 p.m.203 views

CVE-2018-8088

org.slf4j.ext.EventData in the slf4j-ext module in QOS.CH SLF4J before 1.8.0-beta2 allows remote attackers to bypass intended access restrictions via crafted data. EventData in the slf4j-ext module in QOS.CH SLF4J, has been fixed in SLF4J versions 1.7.26 later and in the 2.0.x series.

9.8CVSS9.3AI score0.00836EPSS
CVE
CVE
added 2022/03/03 7:15 p.m.201 views

CVE-2021-3620

A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is to confidentiality.

5.5CVSS5.3AI score0.00228EPSS
CVE
CVE
added 2020/01/02 3:15 p.m.200 views

CVE-2019-14859

A flaw was found in all python-ecdsa versions before 0.13.3, where it did not correctly verify whether signatures used DER encoding. Without this verification, a malformed signature could be accepted, making the signature malleable. Without proper verification, an attacker could use a malleable sig...

9.1CVSS8.8AI score0.00065EPSS
CVE
CVE
added 2022/06/30 1:15 p.m.189 views

CVE-2022-2078

A vulnerability was found in the Linux kernel's nft_set_desc_concat_parse() function .This flaw allows an attacker to trigger a buffer overflow via nft_set_desc_concat_parse() , causing a denial of service and possibly to run code.

5.5CVSS6.2AI score0.00401EPSS
CVE
CVE
added 2018/01/22 4:29 a.m.184 views

CVE-2018-5968

FasterXML jackson-databind through 2.8.11 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 and CVE-2017-17485 deserialization flaws. This is exploitable via two different gadgets that bypass a blacklist.

8.1CVSS9.6AI score0.77336EPSS
CVE
CVE
added 2018/10/31 7:29 p.m.174 views

CVE-2018-14659

The Gluster file system through versions 4.1.4 and 3.1.2 is vulnerable to a denial of service attack via use of the 'GF_XATTR_IOSTATS_DUMP_KEY' xattr. A remote, authenticated attacker could exploit this by mounting a Gluster volume and repeatedly calling 'setxattr(2)' to trigger a state dump and cr...

6.5CVSS7AI score0.02738EPSS
CVE
CVE
added 2018/10/31 7:29 p.m.173 views

CVE-2018-14654

The Gluster file system through version 4.1.4 is vulnerable to abuse of the 'features/index' translator. A remote attacker with access to mount volumes could exploit this via the 'GF_XATTROP_ENTRY_IN_KEY' xattrop to create arbitrary, empty files on the target server.

8.5CVSS7.1AI score0.02212EPSS
CVE
CVE
added 2017/08/02 7:29 p.m.172 views

CVE-2017-10664

qemu-nbd in QEMU (aka Quick Emulator) does not ignore SIGPIPE, which allows remote attackers to cause a denial of service (daemon crash) by disconnecting during a server-to-client reply attempt.

7.5CVSS7.2AI score0.05034EPSS
CVE
CVE
added 2019/03/26 6:29 p.m.169 views

CVE-2019-3804

It was found that cockpit before version 184 used glib's base64 decode functionality incorrectly resulting in a denial of service attack. An unauthenticated attacker could send a specially crafted request with an invalid base64-encoded cookie which could cause the web service to crash.

7.5CVSS7.2AI score0.0455EPSS
CVE
CVE
added 2021/05/06 1:15 p.m.169 views

CVE-2021-3501

A flaw was found in the Linux kernel in versions before 5.12. The value of internal.ndata, in the KVM API, is mapped to an array index, which can be updated by a user process at anytime which could lead to an out-of-bounds write. The highest threat from this vulnerability is to data integrity and s...

7.1CVSS6.3AI score0.00039EPSS
CVE
CVE
added 2022/08/31 4:15 p.m.159 views

CVE-2022-2132

A permissive list of allowed inputs flaw was found in DPDK. This issue allows a remote attacker to cause a denial of service triggered by sending a crafted Vhost header to DPDK.

8.6CVSS8AI score0.00446EPSS
CVE
CVE
added 2018/11/01 2:29 p.m.156 views

CVE-2018-14660

A flaw was found in glusterfs server through versions 4.1.4 and 3.1.2 which allowed repeated usage of GF_META_LOCK_KEY xattr. A remote, authenticated attacker could use this flaw to create multiple locks for single inode by using setxattr repetitively resulting in memory exhaustion of glusterfs ser...

6.5CVSS7AI score0.01752EPSS
Total number of security vulnerabilities84