CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Redhat : Security Vulnerabilities (CVSS score between 5 and 5.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2014-0160 119 2 Overflow +Info 2014-04-07 2020-07-28
5.0
None Remote Low Not required Partial None None
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.
2 CVE-2022-30597 2022-05-18 2022-06-13
5.0
None Remote Low Not required Partial None None
A flaw was found in moodle where the description user field was not hidden when being set as a hidden user field.
3 CVE-2022-1949 863 Bypass 2022-06-02 2022-06-13
5.0
None Remote Low Not required Partial None None
An access control bypass vulnerability found in 389-ds-base. That mishandling of the filter that would yield incorrect results, but as that has progressed, can be determined that it actually is an access control bypass. This may allow any remote unauthenticated user to issue a filter that allows searching for database items they do not have access to, including but not limited to potentially userPassword hashes and other sensitive data.
4 CVE-2022-0996 613 2022-03-23 2022-04-29
5.0
None Remote Low Not required Partial None None
A vulnerability was found in the 389 Directory Server that allows expired passwords to access the database to cause improper authentication.
5 CVE-2022-0918 DoS 2022-03-16 2022-03-28
5.0
None Remote Low Not required None None Partial
A vulnerability was discovered in the 389 Directory Server that allows an unauthenticated attacker with network access to the LDAP port to cause a denial of service. The denial of service is triggered by a single message sent over a TCP connection, no bind or other authentication is required. The message triggers a segmentation fault that results in slapd crashing.
6 CVE-2022-0853 401 +Info 2022-03-11 2022-03-18
5.0
None Remote Low Not required None None Partial
A flaw was found in JBoss-client. The vulnerability occurs due to a memory leak on the JBoss client-side, when using UserTransaction repeatedly and leads to information leakage vulnerability.
7 CVE-2022-0711 835 DoS 2022-03-02 2022-05-23
5.0
None Remote Low Not required None None Partial
A flaw was found in the way HAProxy processed HTTP responses containing the "Set-Cookie2" header. This flaw could allow an attacker to send crafted HTTP response packets which lead to an infinite loop, eventually resulting in a denial of service condition. The highest threat from this vulnerability is availability.
8 CVE-2021-42781 787 Overflow 2022-04-18 2022-04-25
5.0
None Remote Low Not required None None Partial
Heap buffer overflow issues were found in Opensc before version 0.22.0 in pkcs15-oberthur.c that could potentially crash programs using the library.
9 CVE-2021-42780 252 2022-04-18 2022-04-25
5.0
None Remote Low Not required None None Partial
A use after return issue was found in Opensc before version 0.22.0 in insert_pin function that could potentially crash programs using the library.
10 CVE-2021-42779 416 2022-04-18 2022-04-28
5.0
None Remote Low Not required None None Partial
A heap use after free issue was found in Opensc before version 0.22.0 in sc_file_valid.
11 CVE-2021-42778 672 2022-04-18 2022-04-28
5.0
None Remote Low Not required None None Partial
A heap double free issue was found in Opensc before version 0.22.0 in sc_pkcs15_free_tokeninfo.
12 CVE-2021-41819 565 2022-01-01 2022-05-08
5.0
None Remote Low Not required None Partial None
CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in cookie names. This also affects the CGI gem through 0.3.0 for Ruby.
13 CVE-2021-41817 DoS 2022-01-01 2022-05-08
5.0
None Remote Low Not required None None Partial
Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS (regular expression Denial of Service) via a long string. The fixed versions are 3.2.1, 3.1.2, 3.0.2, and 2.0.1.
14 CVE-2021-40153 22 Dir. Trav. 2021-08-27 2021-10-07
5.8
None Remote Medium Not required None Partial Partial
squashfs_opendir in unsquash-1.c in Squashfs-Tools 4.5 stores the filename in the directory entry; this is then used by unsquashfs to create the new file during the unsquash. The filename is not validated for traversal outside of the destination directory, and thus allows writing to locations outside of the destination.
15 CVE-2021-31918 200 +Info 2021-05-06 2021-05-17
5.0
None Remote Low Not required Partial None None
A flaw was found in tripleo-ansible version as shipped in Red Hat Openstack 16.1. The Ansible log file is readable to all users during stack update and creation. The highest threat from this vulnerability is to data confidentiality.
16 CVE-2021-23214 89 Sql 2022-03-04 2022-03-15
5.1
None Remote High Not required Partial Partial Partial
When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL certificate verification and encryption.
17 CVE-2021-20324 384 2022-04-18 2022-04-26
5.8
None Remote Medium Not required Partial Partial None
A flaw was found in WildFly Elytron. A variation to the use of a session fixation exploit when using Undertow was found despite Undertow switching the session ID after authentication.
18 CVE-2021-20289 209 2021-03-26 2022-05-10
5.0
None Remote Low Not required Partial None None
A flaw was found in RESTEasy in all versions of RESTEasy up to 4.6.0.Final. The endpoint class and method names are returned as part of the exception response when RESTEasy cannot convert one of the request URI path or query values to the matching JAX-RS resource method's parameter value. The highest threat from this vulnerability is to data confidentiality.
19 CVE-2021-20271 345 Exec Code 2021-03-26 2021-12-10
5.1
None Remote High Not required Partial Partial Partial
A flaw was found in RPM's signature check functionality when reading a package file. This flaw allows an attacker who can convince a victim to install a seemingly verifiable package, whose signature header was modified, to cause RPM database corruption and execute code. The highest threat from this vulnerability is to data integrity, confidentiality, and system availability.
20 CVE-2021-20270 835 DoS 2021-03-23 2021-12-10
5.0
None Remote Low Not required None None Partial
An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML (SML) source file, as demonstrated by input that only contains the "exception" keyword.
21 CVE-2021-20267 345 DoS 2021-05-28 2021-07-12
5.5
None Remote Low ??? Partial None Partial
A flaw was found in openstack-neutron's default Open vSwitch firewall rules. By sending carefully crafted packets, anyone in control of a server instance connected to the virtual switch can impersonate the IPv6 addresses of other systems on the network, resulting in denial of service or in some cases possibly interception of traffic intended for other destinations. Only deployments using the Open vSwitch driver are affected. Source: OpenStack project. Versions before openstack-neutron 15.3.3, openstack-neutron 16.3.1 and openstack-neutron 17.1.1 are affected.
22 CVE-2021-20228 522 +Info 2021-04-29 2021-12-10
5.0
None Remote Low Not required Partial None None
A flaw was found in the Ansible Engine 2.9.18, where sensitive info is not masked by default and is not protected by the no_log feature when using the sub-option feature of the basic.py module. This flaw allows an attacker to obtain sensitive information. The highest threat from this vulnerability is to confidentiality.
23 CVE-2021-20222 20 Exec Code 2021-03-23 2021-05-19
5.1
None Remote High Not required Partial Partial Partial
A flaw was found in keycloak. The new account console in keycloak can allow malicious code to be executed using the referrer URL. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
24 CVE-2021-20220 444 XSS +Info 2021-02-23 2022-02-22
5.8
None Remote Medium Not required Partial Partial None
A flaw was found in Undertow. A regression in the fix for CVE-2020-10687 was found. HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a web-cache, perform an XSS attack, or obtain sensitive information from request other than their own. The highest threat from this vulnerability is to data confidentiality and integrity.
25 CVE-2021-20218 22 Dir. Trav. 2021-03-16 2021-03-25
5.8
None Remote Medium Not required None Partial Partial
A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after. This flaw allows a malicious pod/container to cause applications using the fabric8 kubernetes-client `copy` command to extract files outside the working path. The highest threat from this vulnerability is to integrity and system availability. This has been fixed in kubernetes-client-4.13.2 kubernetes-client-5.0.2 kubernetes-client-4.11.2 kubernetes-client-4.7.2
26 CVE-2021-20201 400 DoS 2021-05-28 2021-06-04
5.0
None Remote Low Not required None None Partial
A flaw was found in spice in versions before 0.14.92. A DoS tool might make it easier for remote attackers to cause a denial of service (CPU consumption) by performing many renegotiations within a single connection.
27 CVE-2021-20179 863 2021-03-15 2021-03-24
5.5
None Remote Low ??? Partial Partial None
A flaw was found in pki-core. An attacker who has successfully compromised a key could use this flaw to renew the corresponding certificate over and over again, as long as it is not explicitly revoked. The highest threat from this vulnerability is to data confidentiality and integrity.
28 CVE-2021-4166 125 2021-12-25 2022-05-17
5.8
None Remote Medium Not required Partial None Partial
vim is vulnerable to Out-of-bounds Read
29 CVE-2021-4091 415 2022-02-18 2022-03-01
5.0
None Remote Low Not required None None Partial
A double-free was found in the way 389-ds-base handles virtual attributes context in persistent searches. An attacker could send a series of search requests, forcing the server to behave unexpectedly, and crash.
30 CVE-2021-4047 2022-04-11 2022-04-18
5.0
None Remote Low Not required None Partial None
The release of OpenShift 4.9.6 included four CVE fixes for the haproxy package, however the patch for CVE-2021-39242 was missing. This issue only affects Red Hat OpenShift 4.9.
31 CVE-2021-3935 89 Sql 2021-11-22 2022-03-16
5.1
None Remote High Not required Partial Partial Partial
When PgBouncer is configured to use "cert" authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of TLS certificate verification and encryption. This flaw affects PgBouncer versions prior to 1.16.1.
32 CVE-2021-3814 862 Bypass 2022-03-25 2022-04-07
5.0
None Remote Low Not required Partial None None
It was found that 3scale's APIdocs does not validate the access token, in the case of invalid token, it uses session auth instead. This conceivably bypasses access controls and permits unauthorized information disclosure.
33 CVE-2021-3772 354 2022-03-02 2022-05-01
5.8
None Remote Medium Not required None Partial Partial
A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP association through invalid chunks if the attacker knows the IP-addresses and port numbers being used and the attacker can send packets with spoofed IP addresses.
34 CVE-2021-3698 295 2022-03-10 2022-03-14
5.0
None Remote Low Not required Partial None None
A flaw was found in Cockpit in versions prior to 260 in the way it handles the certificate verification performed by the System Security Services Daemon (SSSD). This flaw allows client certificates to authenticate successfully, regardless of the Certificate Revocation List (CRL) configuration or the certificate status. The highest threat from this vulnerability is to confidentiality.
35 CVE-2021-3637 770 2021-07-09 2021-07-13
5.0
None Remote Low Not required None None Partial
A flaw was found in keycloak-model-infinispan in keycloak versions before 14.0.0 where authenticationSessions map in RootAuthenticationSessionEntity grows boundlessly which could lead to a DoS attack.
36 CVE-2021-3629 400 DoS 2022-05-24 2022-06-09
5.0
None Remote Low Not required None None Partial
A flaw was found in Undertow. A potential security issue in flow control handling by the browser over http/2 may potentially cause overhead or a denial of service in the server. The highest threat from this vulnerability is availability. This flaw affects Undertow versions prior to 2.0.40.Final and prior to 2.2.11.Final.
37 CVE-2021-3610 125 Overflow 2022-02-24 2022-03-07
5.0
None Remote Low Not required None None Partial
A heap-based buffer overflow vulnerability was found in ImageMagick in versions prior to 7.0.11-14 in ReadTIFFImage() in coders/tiff.c. This issue is due to an incorrect setting of the pixel array size, which can lead to a crash and segmentation fault.
38 CVE-2021-3580 20 DoS 2021-08-05 2021-11-26
5.0
None Remote Low Not required None None Partial
A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated ciphertext leading to application crash and denial of service.
39 CVE-2021-3571 119 Overflow +Info 2021-07-09 2021-09-14
5.5
None Remote Low ??? Partial None Partial
A flaw was found in the ptp4l program of the linuxptp package. When ptp4l is operating on a little-endian architecture as a PTP transparent clock, a remote attacker could send a crafted one-step sync message to cause an information leak or crash. The highest threat from this vulnerability is to data confidentiality and system availability. This flaw affects linuxptp versions before 3.1.1 and before 2.0.1.
40 CVE-2021-3531 20 DoS 2021-05-18 2021-05-25
5.0
None Remote Low Not required None None Partial
A flaw was found in the Red Hat Ceph Storage RGW in versions before 14.2.21. When processing a GET Request for a swift URL that ends with two slashes it can cause the rgw to crash, resulting in a denial of service. The greatest threat to the system is of availability.
41 CVE-2021-3504 125 2021-05-11 2021-06-21
5.8
None Remote Medium Not required Partial None Partial
A flaw was found in the hivex library in versions before 1.3.20. It is caused due to a lack of bounds check within the hivex_open function. An attacker could input a specially crafted Windows Registry (hive) file which would cause hivex to read memory beyond its normal bounds or cause the program to crash. The highest threat from this vulnerability is to system availability.
42 CVE-2021-3503 2022-04-18 2022-06-09
5.0
None Remote Low Not required Partial None None
A flaw was found in Wildfly where insufficient RBAC restrictions may lead to expose metrics data.
43 CVE-2021-3445 347 Exec Code 2021-05-19 2022-02-24
5.1
None Remote High Not required Partial Partial Partial
A flaw was found in libdnf's signature verification functionality in versions before 0.60.1. This flaw allows an attacker to achieve code execution if they can alter the header information of an RPM package and then trick a user or system into installing it. The highest risk of this vulnerability is to confidentiality, integrity, as well as system availability.
44 CVE-2021-3424 2021-06-01 2022-04-25
5.0
None Remote Low Not required None Partial None
A flaw was found in keycloak as shipped in Red Hat Single Sign-On 7.4 where IDN homograph attacks are possible. A malicious user can register himself with a name already registered and trick admin to grant him extra privileges.
45 CVE-2021-3412 307 Bypass 2021-06-01 2022-06-03
5.0
None Remote Low Not required Partial None None
It was found that all versions of 3Scale developer portal lacked brute force protections. An attacker could use this gap to bypass login controls, and access privileged information, or possibly conduct further attacks.
46 CVE-2020-36332 400 2021-05-21 2021-11-30
5.0
None Remote Low Not required None None Partial
A flaw was found in libwebp in versions before 1.0.1. When reading a file libwebp allocates an excessive amount of memory. The highest threat from this vulnerability is to the service availability.
47 CVE-2020-35518 200 +Info 2021-03-26 2021-04-01
5.0
None Remote Low Not required Partial None None
When binding against a DN during authentication, the reply from 389-ds-base will be different whether the DN exists or not. This can be used by an unauthenticated attacker to check the existence of an entry in the LDAP database.
48 CVE-2020-29573 787 Overflow 2020-12-06 2021-01-26
5.0
None Remote Low Not required None None Partial
sysdeps/i386/ldbl2mpn.c in the GNU C Library (aka glibc or libc6) before 2.23 on x86 targets has a stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern, as seen when passing a \x00\x04\x00\x00\x00\x00\x00\x00\x00\x04 value to sprintf. NOTE: the issue does not affect glibc by default in 2016 or later (i.e., 2.23 or later) because of commits made in 2015 for inlining of C99 math functions through use of GCC built-ins. In other words, the reference to 2.23 is intentional despite the mention of "Fixed for glibc 2.33" in the 26649 reference.
49 CVE-2020-27825 362 DoS +Info 2020-12-11 2021-05-21
5.4
None Local Medium Not required Partial None Complete
A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux kernel (before 5.10-rc1). There was a race problem in trace_open and resize of cpu buffer running parallely on different cpus, may cause a denial of service problem (DOS). This flaw could even allow a local attacker with special user privilege to a kernel information leak threat.
50 CVE-2020-27816 601 2020-12-02 2020-12-04
5.8
None Remote Medium Not required Partial Partial None
The elasticsearch-operator does not validate the namespace where kibana logging resource is created and due to that it is possible to replace the original openshift-logging console link (kibana console) to different one, created based on the new CR for the new kibana resource. This could lead to an arbitrary URL redirection or the openshift-logging console link damage. This flaw affects elasticsearch-operator-container versions before 4.7.
Total number of vulnerabilities : 743   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.