Filtered by vendor Redhat
Subscribe
Search
Total
4673 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-40370 | 3 Ibm, Microsoft, Redhat | 4 Robotic Process Automation, Robotic Process Automation For Cloud Pak, Windows and 1 more | 2023-08-26 | N/A | 5.3 MEDIUM |
| IBM Robotic Process Automation 21.0.0 through 21.0.7.1 runtime is vulnerable to information disclosure of script content if the remote REST request computer policy is enabled. IBM X-Force ID: 263470. | |||||
| CVE-2023-38733 | 3 Ibm, Microsoft, Redhat | 3 Robotic Process Automation, Windows, Openshift | 2023-08-26 | N/A | 4.3 MEDIUM |
| IBM Robotic Process Automation 21.0.0 through 21.0.7.1 and 23.0.0 through 23.0.1 server could allow an authenticated user to view sensitive information from installation logs. IBM X-Force Id: 262293. | |||||
| CVE-2023-38732 | 3 Ibm, Microsoft, Redhat | 4 Robotic Process Automation, Robotic Process Automation For Cloud Pak, Windows and 1 more | 2023-08-26 | N/A | 4.3 MEDIUM |
| IBM Robotic Process Automation 21.0.0 through 21.0.7 server could allow an authenticated user to view sensitive information from application logs. IBM X-Force ID: 262289. | |||||
| CVE-2023-4456 | 1 Redhat | 1 Openshift Logging | 2023-08-25 | N/A | 6.5 MEDIUM |
| A flaw was found in openshift-logging LokiStack. The key used for caching is just the token, which is too broad. This issue allows a user with a token valid for one action to execute other actions as long as the authorization allowing the original action is still cached. | |||||
| CVE-2023-32573 | 2 Qt, Redhat | 2 Qt, Enterprise Linux | 2023-08-23 | N/A | 6.5 MEDIUM |
| In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont m_unitsPerEm initialization is mishandled. | |||||
| CVE-2022-40982 | 5 Debian, Intel, Netapp and 2 more | 1052 Debian Linux, Celeron 5205u, Celeron 5205u Firmware and 1049 more | 2023-08-22 | N/A | 6.5 MEDIUM |
| Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | |||||
| CVE-2023-4194 | 3 Fedoraproject, Linux, Redhat | 3 Fedora, Linux Kernel, Enterprise Linux | 2023-08-19 | N/A | 5.5 MEDIUM |
| A flaw was found in the Linux kernel's TUN/TAP functionality. This issue could allow a local user to bypass network filters and gain unauthorized access to some resources. The original patches fixing CVE-2023-1076 are incorrect or incomplete. The problem is that the following upstream commits - a096ccca6e50 ("tun: tun_chr_open(): correctly initialize socket uid"), - 66b2c338adce ("tap: tap_open(): correctly initialize socket uid"), pass "inode->i_uid" to sock_init_data_uid() as the last parameter and that turns out to not be accurate. | |||||
| CVE-2023-4273 | 3 Fedoraproject, Linux, Redhat | 3 Fedora, Linux Kernel, Enterprise Linux | 2023-08-19 | N/A | 6.7 MEDIUM |
| A flaw was found in the exFAT driver of the Linux kernel. The vulnerability exists in the implementation of the file name reconstruction function, which is responsible for reading file name entries from a directory index and merging file name parts belonging to one file into a single long file name. Since the file name characters are copied into a stack variable, a local privileged attacker could use this flaw to overflow the kernel stack. | |||||
| CVE-2023-2977 | 2 Opensc Project, Redhat | 2 Opensc, Enterprise Linux | 2023-08-17 | N/A | 7.1 HIGH |
| A vulnerbility was found in OpenSC. This security flaw cause a buffer overrun vulnerability in pkcs15 cardos_have_verifyrc_package. The attacker can supply a smart card package with malformed ASN1 context. The cardos_have_verifyrc_package function scans the ASN1 buffer for 2 tags, where remaining length is wrongly caculated due to moved starting pointer. This leads to possible heap-based buffer oob read. In cases where ASAN is enabled while compiling this causes a crash. Further info leak or more damage is possible. | |||||
| CVE-2023-3618 | 3 Debian, Libtiff, Redhat | 3 Debian Linux, Libtiff, Enterprise Linux | 2023-08-16 | N/A | 6.5 MEDIUM |
| A flaw was found in libtiff. A specially crafted tiff file can lead to a segmentation fault due to a buffer overflow in the Fax3Encode function in libtiff/tif_fax3.c, resulting in a denial of service. | |||||
| CVE-2018-14468 | 7 Apple, Debian, F5 and 4 more | 23 Mac Os X, Debian Linux, Big-ip Access Policy Manager and 20 more | 2023-08-16 | 5.0 MEDIUM | 7.5 HIGH |
| The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print(). | |||||
| CVE-2018-14462 | 7 Apple, Debian, F5 and 4 more | 7 Mac Os X, Debian Linux, Traffix Signaling Delivery Controller and 4 more | 2023-08-16 | 5.0 MEDIUM | 7.5 HIGH |
| The ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:icmp_print(). | |||||
| CVE-2018-14465 | 7 Apple, Debian, F5 and 4 more | 7 Mac Os X, Debian Linux, Traffix Signaling Delivery Controller and 4 more | 2023-08-16 | 5.0 MEDIUM | 7.5 HIGH |
| The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print(). | |||||
| CVE-2018-14469 | 7 Apple, Debian, F5 and 4 more | 7 Mac Os X, Debian Linux, Traffix Signaling Delivery Controller and 4 more | 2023-08-16 | 5.0 MEDIUM | 7.5 HIGH |
| The IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in print-isakmp.c:ikev1_n_print(). | |||||
| CVE-2019-11477 | 5 Canonical, F5, Linux and 2 more | 24 Ubuntu Linux, Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager and 21 more | 2023-08-16 | 7.8 HIGH | 7.5 HIGH |
| Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit 3b4929f65b0d8249f19a50245cd88ed1a2f78cff. | |||||
| CVE-2018-14879 | 7 Apple, Debian, F5 and 4 more | 7 Mac Os X, Debian Linux, Traffix Signaling Delivery Controller and 4 more | 2023-08-16 | 5.1 MEDIUM | 7.0 HIGH |
| The command-line argument parser in tcpdump before 4.9.3 has a buffer overflow in tcpdump.c:get_next_file(). | |||||
| CVE-2019-11478 | 5 Canonical, F5, Linux and 2 more | 24 Ubuntu Linux, Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager and 21 more | 2023-08-16 | 5.0 MEDIUM | 7.5 HIGH |
| Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit f070ef2ac66716357066b683fb0baf55f8191a2e. | |||||
| CVE-2018-14463 | 7 Apple, Debian, F5 and 4 more | 7 Mac Os X, Debian Linux, Traffix Signaling Delivery Controller and 4 more | 2023-08-16 | 5.0 MEDIUM | 7.5 HIGH |
| The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 2, a different vulnerability than CVE-2019-15167. | |||||
| CVE-2018-16229 | 7 Apple, Debian, F5 and 4 more | 7 Mac Os X, Debian Linux, Traffix Signaling Delivery Controller and 4 more | 2023-08-16 | 5.0 MEDIUM | 7.5 HIGH |
| The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option(). | |||||
| CVE-2019-11479 | 4 Canonical, F5, Linux and 1 more | 21 Ubuntu Linux, Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager and 18 more | 2023-08-16 | 5.0 MEDIUM | 7.5 HIGH |
| Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commits 967c05aee439e6e5d7d805e195b3a20ef5c433d6 and 5f3e2bf008c2221478101ee72f5cb4654b9fc363. | |||||
| CVE-2018-14882 | 7 Apple, Debian, F5 and 4 more | 7 Mac Os X, Debian Linux, Traffix Signaling Delivery Controller and 4 more | 2023-08-16 | 5.0 MEDIUM | 7.5 HIGH |
| The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c. | |||||
| CVE-2018-14880 | 7 Apple, Debian, F5 and 4 more | 23 Mac Os X, Debian Linux, Big-ip Access Policy Manager and 20 more | 2023-08-16 | 5.0 MEDIUM | 7.5 HIGH |
| The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6_print_lshdr(). | |||||
| CVE-2019-19921 | 5 Canonical, Debian, Linuxfoundation and 2 more | 5 Ubuntu Linux, Debian Linux, Runc and 2 more | 2023-08-16 | 4.4 MEDIUM | 7.0 HIGH |
| runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. (This vulnerability does not affect Docker due to an implementation detail that happens to block the attack.) | |||||
| CVE-2023-27561 | 3 Debian, Linuxfoundation, Redhat | 4 Debian Linux, Runc, Enterprise Linux and 1 more | 2023-08-16 | N/A | 7.0 HIGH |
| runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. NOTE: this issue exists because of a CVE-2019-19921 regression. | |||||
| CVE-2023-3347 | 3 Fedoraproject, Redhat, Samba | 4 Fedora, Enterprise Linux, Storage and 1 more | 2023-08-15 | N/A | 5.9 MEDIUM |
| A vulnerability was found in Samba's SMB2 packet signing mechanism. The SMB2 packet signing is not enforced if an admin configured "server signing = required" or for SMB2 connections to Domain Controllers where SMB2 packet signing is mandatory. This flaw allows an attacker to perform attacks, such as a man-in-the-middle attack, by intercepting the network traffic and modifying the SMB2 messages between client and server, affecting the integrity of the data. | |||||
| CVE-2023-0264 | 1 Redhat | 6 Enterprise Linux, Keycloak, Openshift Container Platform and 3 more | 2023-08-14 | N/A | 5.0 MEDIUM |
| A flaw was found in Keycloaks OpenID Connect user authentication, which may incorrectly authenticate requests. An authenticated attacker who could obtain information from a user request within the same realm could use that data to impersonate the victim and generate new session tokens. This issue could impact confidentiality, integrity, and availability. | |||||
| CVE-2023-32627 | 3 Fedoraproject, Redhat, Sox Project | 4 Extra Packages For Enterprise Linux, Fedora, Enterprise Linux and 1 more | 2023-08-13 | N/A | 5.5 MEDIUM |
| A floating point exception vulnerability was found in sox, in the read_samples function at sox/src/voc.c:334:18. This flaw can lead to a denial of service. | |||||
| CVE-2019-11811 | 3 Linux, Opensuse, Redhat | 9 Linux Kernel, Leap, Enterprise Linux and 6 more | 2023-08-11 | 6.9 MEDIUM | 7.0 HIGH |
| An issue was discovered in the Linux kernel before 5.0.4. There is a use-after-free upon attempted read access to /proc/ioports after the ipmi_si module is removed, related to drivers/char/ipmi/ipmi_si_intf.c, drivers/char/ipmi/ipmi_si_mem_io.c, and drivers/char/ipmi/ipmi_si_port_io.c. | |||||
| CVE-2021-3609 | 3 Linux, Netapp, Redhat | 43 Linux Kernel, H300e, H300e Firmware and 40 more | 2023-08-11 | 6.9 MEDIUM | 7.0 HIGH |
| .A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege escalation to root. | |||||
| CVE-2018-10878 | 4 Canonical, Debian, Linux and 1 more | 6 Ubuntu Linux, Debian Linux, Linux Kernel and 3 more | 2023-08-11 | 6.1 MEDIUM | 7.8 HIGH |
| A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bounds write and a denial of service or unspecified other impact is possible by mounting and operating a crafted ext4 filesystem image. | |||||
| CVE-2018-16884 | 4 Canonical, Debian, Linux and 1 more | 5 Ubuntu Linux, Debian Linux, Linux Kernel and 2 more | 2023-08-11 | 6.7 MEDIUM | 8.0 HIGH |
| A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out. | |||||
| CVE-2023-0179 | 4 Canonical, Fedoraproject, Linux and 1 more | 14 Ubuntu Linux, Fedora, Linux Kernel and 11 more | 2023-08-11 | N/A | 7.8 HIGH |
| A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue could allow the leakage of both stack and heap addresses, and potentially allow Local Privilege Escalation to the root user via arbitrary code execution. | |||||
| CVE-2023-4133 | 3 Fedoraproject, Linux, Redhat | 3 Fedora, Linux Kernel, Enterprise Linux | 2023-08-08 | N/A | 5.5 MEDIUM |
| A use-after-free vulnerability was found in the cxgb4 driver in the Linux kernel. The bug occurs when the cxgb4 device is detaching due to a possible rearming of the flower_stats_timer from the work queue. This flaw allows a local user to crash the system, causing a denial of service condition. | |||||
| CVE-2021-41817 | 6 Debian, Fedoraproject, Opensuse and 3 more | 9 Debian Linux, Fedora, Factory and 6 more | 2023-08-08 | 5.0 MEDIUM | 7.5 HIGH |
| Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS (regular expression Denial of Service) via a long string. The fixed versions are 3.2.1, 3.1.2, 3.0.2, and 2.0.1. | |||||
| CVE-2022-43922 | 2 Ibm, Redhat | 2 App Connect Enterprise Certified Container, Openshift | 2023-08-08 | N/A | 6.5 MEDIUM |
| IBM App Connect Enterprise Certified Container 4.1, 4.2, 5.0, 5.1, 5.2, 6.0, 6.1, and 6.2 could disclose sensitive information to an attacker due to a weak hash of an API Key in the configuration. IBM X-Force ID: 241583. | |||||
| CVE-2022-1949 | 3 Fedoraproject, Port389, Redhat | 4 Fedora, 389-ds-base, Directory Server and 1 more | 2023-08-08 | 5.0 MEDIUM | 7.5 HIGH |
| An access control bypass vulnerability found in 389-ds-base. That mishandling of the filter that would yield incorrect results, but as that has progressed, can be determined that it actually is an access control bypass. This may allow any remote unauthenticated user to issue a filter that allows searching for database items they do not have access to, including but not limited to potentially userPassword hashes and other sensitive data. | |||||
| CVE-2022-42442 | 2 Ibm, Redhat | 2 Robotic Process Automation For Cloud Pak, Openshift Container Platform | 2023-08-08 | N/A | 3.3 LOW |
| IBM Robotic Process Automation for Cloud Pak 21.0.1, 21.0.2, 21.0.3, 21.0.4, and 21.0.5 is vulnerable to exposure of the first tenant owner e-mail address to users with access to the container platform. IBM X-Force ID: 238214. | |||||
| CVE-2022-27191 | 3 Fedoraproject, Golang, Redhat | 5 Extra Packages For Enterprise Linux, Fedora, Ssh and 2 more | 2023-08-08 | 4.3 MEDIUM | 7.5 HIGH |
| The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey. | |||||
| CVE-2021-1081 | 7 Citrix, Linux, Microsoft and 4 more | 7 Hypervisor, Linux Kernel, Windows and 4 more | 2023-08-08 | 4.6 MEDIUM | 7.8 HIGH |
| NVIDIA vGPU software contains a vulnerability in the guest kernel mode driver and Virtual GPU manager (vGPU plugin), in which an input length is not validated, which may lead to information disclosure, tampering of data, or denial of service. This affects vGPU version 12.x (prior to 12.2), version 11.x (prior to 11.4) and version 8.x (prior 8.7). | |||||
| CVE-2022-0996 | 2 Fedoraproject, Redhat | 3 Fedora, 389 Directory Server, Enterprise Linux | 2023-08-08 | 4.0 MEDIUM | 6.5 MEDIUM |
| A vulnerability was found in the 389 Directory Server that allows expired passwords to access the database to cause improper authentication. | |||||
| CVE-2022-28796 | 4 Fedoraproject, Linux, Netapp and 1 more | 24 Fedora, Linux Kernel, Active Iq Unified Manager and 21 more | 2023-08-08 | 6.9 MEDIUM | 7.0 HIGH |
| jbd2_journal_wait_updates in fs/jbd2/transaction.c in the Linux kernel before 5.17.1 has a use-after-free caused by a transaction_t race condition. | |||||
| CVE-2021-1083 | 6 Citrix, Linux, Microsoft and 3 more | 6 Hypervisor, Linux Kernel, Windows and 3 more | 2023-08-08 | 4.6 MEDIUM | 7.8 HIGH |
| NVIDIA vGPU software contains a vulnerability in the guest kernel mode driver and Virtual GPU Manager (vGPU plugin), in which an input length is not validated, which may lead to information disclosure, tampering of data, or denial of service. This affects vGPU version 12.x (prior to 12.2) and version 11.x (prior to 11.4). | |||||
| CVE-2021-1058 | 7 Citrix, Linux, Microsoft and 4 more | 7 Hypervisor, Linux Kernel, Windows and 4 more | 2023-08-08 | 3.6 LOW | 7.1 HIGH |
| NVIDIA vGPU software contains a vulnerability in the guest kernel mode driver and vGPU plugin, in which an input data size is not validated, which may lead to tampering of data or denial of service. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to 11.3). | |||||
| CVE-2022-4116 | 2 Quarkus, Redhat | 2 Quarkus, Build Of Quarkus | 2023-08-08 | N/A | 9.8 CRITICAL |
| A vulnerability was found in quarkus. This security flaw happens in Dev UI Config Editor which is vulnerable to drive-by localhost attacks leading to remote code execution. | |||||
| CVE-2021-1062 | 5 Citrix, Nutanix, Nvidia and 2 more | 5 Hypervisor, Ahv, Virtual Gpu Manager and 2 more | 2023-08-08 | 3.6 LOW | 7.1 HIGH |
| NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which an input data length is not validated, which may lead to tampering of data or denial of service. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to 11.3). | |||||
| CVE-2021-1082 | 5 Citrix, Nutanix, Nvidia and 2 more | 5 Hypervisor, Ahv, Virtual Gpu Manager and 2 more | 2023-08-08 | 4.6 MEDIUM | 7.8 HIGH |
| NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), in which an input length is not validated, which may lead to information disclosure, tampering of data, or denial of service. vGPU version 12.x (prior to 12.2), version 11.x (prior to 11.4) and version 8.x (prior to 8.7) | |||||
| CVE-2023-4010 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2023-08-04 | N/A | 4.6 MEDIUM |
| A flaw was found in the USB Host Controller Driver framework in the Linux kernel. The usb_giveback_urb function has a logic loophole in its implementation. Due to the inappropriate judgment condition of the goto statement, the function cannot return under the input of a specific malformed descriptor file, so it falls into an endless loop, resulting in a denial of service. | |||||
| CVE-2023-3384 | 1 Redhat | 1 Quay | 2023-08-02 | N/A | 5.4 MEDIUM |
| A flaw was found in the Quay registry. While the image labels created through Quay undergo validation both in the UI and backend by applying a regex (validation.py), the same validation is not performed when the label comes from an image. This flaw allows an attacker to publish a malicious image to a public registry containing a script that can be executed via Cross-site scripting (XSS). | |||||
| CVE-2023-1055 | 2 Fedoraproject, Redhat | 2 Fedora, Directory Server | 2023-08-02 | N/A | 5.5 MEDIUM |
| A flaw was found in RHDS 11 and RHDS 12. While browsing entries LDAP tries to decode the userPassword attribute instead of the userCertificate attribute which could lead into sensitive information leaked. An attacker with a local account where the cockpit-389-ds is running can list the processes and display the hashed passwords. The highest threat from this vulnerability is to data confidentiality. | |||||
| CVE-2023-2156 | 3 Fedoraproject, Linux, Redhat | 3 Fedora, Linux Kernel, Enterprise Linux | 2023-08-02 | N/A | 7.5 HIGH |
| A flaw was found in the networking subsystem of the Linux kernel within the handling of the RPL protocol. This issue results from the lack of proper handling of user-supplied data, which can lead to an assertion failure. This may allow an unauthenticated remote attacker to create a denial of service condition on the system. | |||||