Vulnerabilidades en RED HAT
1478 resultadosCVE-2012-5571MEDIUMOpenstack keystone: openstack keystone: authorization bypass via improper ec2 token handlingEPSS 2.0%CVE-2024-8698HIGHKeycloak-saml-core: improper verification of saml responses leading to privilege escalation in keycloakEPSS 2.0%CVE-2020-1695HIGHA flaw was found in all resteasy 3.x.x versions prior to 3.12.0.Final and all resteasy 4.x.x versions prior to 4.6.0.Final, where an impropeEPSS 2.0%CVE-2023-5157HIGHMariadb: node crashes with transport endpoint is not connected mysqld got signal 6EPSS 2.0%CVE-2024-0565MEDIUMKernel: cifs filesystem decryption improper input validation remote code execution vulnerability in function receive_encrypted_standard of clientEPSS 2.0%CVE-2019-14862MEDIUMThere is a vulnerability in knockout before version 3.5.0-beta, where after escaping the context of the web application, the web applicationEPSS 2.0%CVE-2020-10700MEDIUMA use-after-free flaw was found in the way samba AD DC LDAP servers, handled 'Paged Results' control is combined with the 'ASQ' control. A mEPSS 2.0%CVE-2024-8883MEDIUMKeycloak: vulnerable redirect uri validation results in open redirecEPSS 2.0%CVE-2019-10158MEDIUMA flaw was found in Infinispan through version 9.4.14.Final. An improper implementation of the session fixation protection in the Spring SesEPSS 2.0%CVE-2018-14632HIGHAn out of bound write can occur when patching an Openshift object using the 'oc patch' functionality in OpenShift Container Platform before EPSS 1.9%CVE-2016-8653MEDIUMIt was found that the JMX endpoint of Red Hat JBoss Fuse 6, and Red Hat A-MQ 6 deserializes the credentials passed to it. An attacker could EPSS 1.9%CVE-2019-10135HIGHA flaw was found in the yaml.load() function in the osbs-client versions since 0.46 before 0.56.1. Insecure use of the yaml.load() function EPSS 1.9%CVE-2018-10924MEDIUMIt was discovered that fsync(2) system call in glusterfs client code leaks memory. An authenticated attacker could use this flaw to launch aEPSS 1.9%CVE-2024-3653MEDIUMUndertow: learningpushhandler can lead to remote memory dos attacksEPSS 1.9%CVE-2017-12165LOWIt was discovered that Undertow before 1.4.17, 1.3.31 and 2.0.0 processes http request headers with unusual whitespaces which can cause possEPSS 1.9%CVE-2019-14864MEDIUMAnsible, versions 2.9.x before 2.9.1, 2.8.x before 2.8.7 and Ansible versions 2.7.x before 2.7.15, is not respecting the flag no_log set it EPSS 1.9%CVE-2017-2646HIGHIt was found that when Keycloak before 2.5.5 receives a Logout request with a Extensions in the middle of the request, the SAMLSloRequestParEPSS 1.9%CVE-2018-10935MEDIUMA flaw was found in the 389 Directory Server that allows users to cause a crash in the LDAP server using ldapsearch with server side sort.EPSS 1.8%CVE-2017-7543MEDIUMA race-condition flaw was discovered in openstack-neutron before 7.2.0-12.1, 8.x before 8.3.0-11.1, 9.x before 9.3.1-2.1, and 10.x before 10EPSS 1.8%CVE-2024-31083HIGHXorg-x11-server: use-after-free in procrenderaddglyphsEPSS 1.8%