Vulnerabilidades em RED HAT
1.478 resultadosCVE-2018-1114MEDIUMIt was found that URLResource.getLastModified() in Undertow closes the file descriptors only when they are finalized which can cause file deEPSS 2.3%CVE-2024-7387CRITICALOpenshift/builder: path traversal allows command injection in privileged buildcontainer using docker build strategyEPSS 2.3%CVE-2016-8626MEDIUMA flaw was found in Red Hat Ceph before 0.94.9-8. The way Ceph Object Gateway handles POST object requests permits an authenticated attackerEPSS 2.3%CVE-2019-14861MEDIUMAll Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue, where the (poorly named) dnsserver RPCEPSS 2.3%CVE-2023-6710MEDIUMMod_cluster/mod_proxy_cluster: stored cross site scriptingEPSS 2.2%CVE-2024-12087MEDIUMRsync: path traversal vulnerability in rsyncEPSS 2.2%CVE-2016-7071HIGHIt was found that the CloudForms before 5.6.2.2, and 5.7.0.7 did not properly apply permissions controls to VM IDs passed by users. A remoteEPSS 2.2%CVE-2023-52356HIGHLibtiff: segment fault in libtiff in tiffreadrgbatileext() leading to denial of serviceEPSS 2.2%CVE-2022-3874HIGHOs command injection via ct_command and fcct_commandEPSS 2.2%CVE-2025-9784HIGHUndertow: undertow madeyoureset http/2 ddos vulnerabilityEPSS 2.2%CVE-2023-6200HIGHKernel: icmpv6 router advertisement packets, aka linux tcp/ip remote code execution vulnerabilityEPSS 2.1%CVE-2019-14888HIGHA vulnerability was found in the Undertow HTTP server in versions before 2.0.28.SP1 when listening on HTTPS. An attacker can target the HTTPEPSS 2.1%CVE-2018-14642MEDIUMAn information leak vulnerability was found in Undertow. If all headers are not written out in the first write() call then the code that hanEPSS 2.1%CVE-2018-10930MEDIUMA flaw was found in RPC request using gfs3_rename_req in glusterfs server. An authenticated attacker could use this flaw to write to a destiEPSS 2.1%CVE-2023-6816CRITICALXorg-x11-server: heap buffer overflow in devicefocusevent and procxiquerypointerEPSS 2.1%CVE-2012-4550MEDIUMJboss enterprise application platform: jboss eap: jbeap: jboss enterprise application platform: unauthorized ejb access via authorization module bypassEPSS 2.1%CVE-2018-10913LOWAn information disclosure vulnerability was discovered in glusterfs server. An attacker could issue a xattr request via glusterfs FUSE to deEPSS 2.1%CVE-2024-3183HIGHFreeipa: user can obtain a hash of the passwords of all domain users and perform offline brute forceEPSS 2.1%CVE-2011-2920MEDIUMSpacewalk: spacewalk: cross-site scripting vulnerability allows arbitrary web script execution.EPSS 2.0%CVE-2023-3223HIGHUndertow: outofmemoryerror due to @multipartconfig handlingEPSS 2.0%