Filtered by vendor Redhat
Subscribe
Total
5151 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-0171 | 3 Debian, Linux, Redhat | 3 Debian Linux, Linux Kernel, Enterprise Linux | 2022-12-02 | N/A | 5.5 MEDIUM |
A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root (host) user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization (SEV). | |||||
CVE-2020-10737 | 1 Redhat | 1 Oddjob | 2022-12-02 | 3.7 LOW | 6.3 MEDIUM |
A race condition was found in the mkhomedir tool shipped with the oddjob package in versions before 0.34.5 and 0.34.6 wherein, during the home creation, mkhomedir copies the /etc/skel directory into the newly created home and changes its ownership to the home's user without properly checking the homedir path. This flaw allows an attacker to leverage this issue by creating a symlink point to a target folder, which then has its ownership transferred to the new home directory's unprivileged user. | |||||
CVE-2021-3948 | 2 Konveyor, Redhat | 3 Mig-controller, Enterprise Linux, Migration Toolkit | 2022-12-02 | 6.5 MEDIUM | 6.3 MEDIUM |
An incorrect default permissions vulnerability was found in the mig-controller. Due to an incorrect cluster namespaces handling an attacker may be able to migrate a malicious workload to the target cluster, impacting confidentiality, integrity, and availability of the services located on that cluster. | |||||
CVE-2019-3837 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2022-12-02 | 4.9 MEDIUM | 6.1 MEDIUM |
It was found that the net_dma code in tcp_recvmsg() in the 2.6.32 kernel as shipped in RHEL6 is thread-unsafe. So an unprivileged multi-threaded userspace application calling recvmsg() for the same network socket in parallel executed on ioatdma-enabled hardware with net_dma enabled can leak the memory, crash the host leading to a denial-of-service or cause a random memory corruption. | |||||
CVE-2022-3821 | 3 Fedoraproject, Redhat, Systemd Project | 3 Fedora, Enterprise Linux, Systemd | 2022-12-02 | N/A | 5.5 MEDIUM |
An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service. | |||||
CVE-2022-2625 | 3 Fedoraproject, Postgresql, Redhat | 3 Fedora, Postgresql, Enterprise Linux | 2022-12-02 | N/A | 8.0 HIGH |
A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the ability to lure or wait for an administrator to create or update an affected extension in that schema, and the ability to lure or wait for a victim to use the object targeted in CREATE OR REPLACE or CREATE IF NOT EXISTS. Given all three prerequisites, this flaw allows an attacker to run arbitrary code as the victim role, which may be a superuser. | |||||
CVE-2020-35501 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2022-12-02 | 3.6 LOW | 3.4 LOW |
A flaw was found in the Linux kernels implementation of audit rules, where a syscall can unexpectedly not be correctly not be logged by the audit subsystem | |||||
CVE-2021-4091 | 2 Port389, Redhat | 8 389-ds-base, Enterprise Linux Desktop, Enterprise Linux For Ibm Z Systems and 5 more | 2022-12-02 | 5.0 MEDIUM | 7.5 HIGH |
A double-free was found in the way 389-ds-base handles virtual attributes context in persistent searches. An attacker could send a series of search requests, forcing the server to behave unexpectedly, and crash. | |||||
CVE-2021-26252 | 3 Fedoraproject, Htmldoc Project, Redhat | 3 Fedora, Htmldoc, Enterprise Linux | 2022-12-02 | 6.8 MEDIUM | 7.8 HIGH |
A flaw was found in htmldoc in v1.9.12. Heap buffer overflow in pspdf_prepare_page(),in ps-pdf.cxx may lead to execute arbitrary code and denial of service. | |||||
CVE-2019-14379 | 7 Apple, Debian, Fasterxml and 4 more | 25 Xcode, Debian Linux, Jackson-databind and 22 more | 2022-12-02 | 7.5 HIGH | 9.8 CRITICAL |
SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles default typing when ehcache is used (because of net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup), leading to remote code execution. | |||||
CVE-2022-4116 | 2 Quarkus, Redhat | 2 Quarkus, Build Of Quarkus | 2022-12-02 | N/A | 9.8 CRITICAL |
A vulnerability was found in quarkus. This security flaw happens in Dev UI Config Editor which is vulnerable to drive-by localhost attacks leading to remote code execution. | |||||
CVE-2022-0485 | 1 Redhat | 2 Enterprise Linux, Libnbd | 2022-12-01 | N/A | 4.8 MEDIUM |
A flaw was found in the copying tool `nbdcopy` of libnbd. When performing multi-threaded copies using asynchronous nbd calls, nbdcopy was blindly treating the completion of an asynchronous command as successful, rather than checking the *error parameter. This could result in the silent creation of a corrupted destination image. | |||||
CVE-2020-35509 | 1 Redhat | 1 Keycloak | 2022-12-01 | N/A | 5.4 MEDIUM |
A flaw was found in keycloak affecting versions 11.0.3 and 12.0.0. An expired certificate would be accepted by the direct-grant authenticator because of missing time stamp validations. The highest threat from this vulnerability is to data confidentiality and integrity. | |||||
CVE-2019-3893 | 2 Redhat, Theforeman | 2 Satellite, Foreman | 2022-11-30 | 4.0 MEDIUM | 4.9 MEDIUM |
In Foreman it was discovered that the delete compute resource operation, when executed from the Foreman API, leads to the disclosure of the plaintext password or token for the affected compute resource. A malicious user with the "delete_compute_resource" permission can use this flaw to take control over compute resources managed by foreman. Versions before 1.20.3, 1.21.1, 1.22.0 are vulnerable. | |||||
CVE-2019-14842 | 1 Redhat | 1 Libnbd | 2022-11-30 | 7.5 HIGH | 9.8 CRITICAL |
Structured reply is a feature of the newstyle NBD protocol allowing the server to send a reply in chunks. A bounds check which was supposed to test for chunk offsets smaller than the beginning of the request did not work because of signed/unsigned confusion. If one of these chunks contains a negative offset then data under control of the server is written to memory before the read buffer supplied by the client. If the read buffer is located on the stack then this allows the stack return address from nbd_pread() to be trivially modified, allowing arbitrary code execution under the control of the server. If the buffer is located on the heap then other memory objects before the buffer can be overwritten, which again would usually lead to arbitrary code execution. | |||||
CVE-2019-10171 | 2 Fedoraproject, Redhat | 2 389 Directory Server, Enterprise Linux Server Eus | 2022-11-30 | 7.8 HIGH | 7.5 HIGH |
It was found that the fix for CVE-2018-14648 in 389-ds-base, versions 1.4.0.x before 1.4.0.17, was incorrectly applied in RHEL 7.5. An attacker would still be able to provoke excessive CPU consumption leading to a denial of service. | |||||
CVE-2021-3827 | 1 Redhat | 4 Enterprise Linux, Keycloak, Openshift Container Platform and 1 more | 2022-11-30 | N/A | 6.8 MEDIUM |
A flaw was found in keycloak, where the default ECP binding flow allows other authentication flows to be bypassed. By exploiting this behavior, an attacker can bypass the MFA authentication by sending a SOAP request with an AuthnRequest and Authorization header with the user's credentials. The highest threat from this vulnerability is to confidentiality and integrity. | |||||
CVE-2021-35938 | 3 Fedoraproject, Redhat, Rpm | 3 Fedora, Enterprise Linux, Rpm | 2022-11-29 | N/A | 6.7 MEDIUM |
A symbolic link issue was found in rpm. It occurs when rpm sets the desired permissions and credentials after installing a file. A local unprivileged user could use this flaw to exchange the original file with a symbolic link to a security-critical file and escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | |||||
CVE-2021-3623 | 3 Fedoraproject, Libtpms Project, Redhat | 3 Fedora, Libtpms, Enterprise Linux | 2022-11-29 | 3.6 LOW | 6.1 MEDIUM |
A flaw was found in libtpms. The flaw can be triggered by specially-crafted TPM 2 command packets containing illegal values and may lead to an out-of-bounds access when the volatile state of the TPM 2 is marshalled/written or unmarshalled/read. The highest threat from this vulnerability is to system availability. | |||||
CVE-2020-1712 | 3 Debian, Redhat, Systemd Project | 7 Debian Linux, Ceph Storage, Discovery and 4 more | 2022-11-29 | 4.6 MEDIUM | 7.8 HIGH |
A heap use-after-free vulnerability was found in systemd before version v245-rc1, where asynchronous Polkit queries are performed while handling dbus messages. A local unprivileged attacker can abuse this flaw to crash systemd services or potentially execute code and elevate their privileges, by sending specially crafted dbus messages. |