Filtered by vendor Redhat
Subscriptions
Filtered by product Virtualization
Subscriptions
Total
128 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2017-5973 | 3 Debian, Qemu, Redhat | 5 Debian Linux, Qemu, Enterprise Linux and 2 more | 2024-08-05 | 5.5 Medium |
The xhci_kick_epctx function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (infinite loop and QEMU process crash) via vectors related to control transfer descriptor sequence. | ||||
CVE-2018-1000180 | 5 Bouncycastle, Debian, Netapp and 2 more | 24 Fips Java Api, Legion-of-the-bouncy-castle-java-crytography-api, Debian Linux and 21 more | 2024-08-05 | N/A |
Bouncy Castle BC 1.54 - 1.59, BC-FJA 1.0.0, BC-FJA 1.0.1 and earlier have a flaw in the Low-level interface to RSA key pair generator, specifically RSA Key Pairs generated in low-level API with added certainty may have less M-R tests than expected. This appears to be fixed in versions BC 1.60 beta 4 and later, BC-FJA 1.0.2 and later. | ||||
CVE-2018-17958 | 4 Canonical, Debian, Qemu and 1 more | 8 Ubuntu Linux, Debian Linux, Qemu and 5 more | 2024-08-05 | 7.5 High |
Qemu has a Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c because an incorrect integer data type is used. | ||||
CVE-2018-17963 | 4 Canonical, Debian, Qemu and 1 more | 8 Ubuntu Linux, Debian Linux, Qemu and 5 more | 2024-08-05 | 9.8 Critical |
qemu_deliver_packet_iov in net/net.c in Qemu accepts packet sizes greater than INT_MAX, which allows attackers to cause a denial of service or possibly have unspecified other impact. | ||||
CVE-2018-16881 | 3 Debian, Redhat, Rsyslog | 14 Debian Linux, Enterprise Linux, Enterprise Linux Desktop and 11 more | 2024-08-05 | 7.5 High |
A denial of service vulnerability was found in rsyslog in the imptcp module. An attacker could send a specially crafted message to the imptcp socket, which would cause rsyslog to crash. Versions before 8.27.0 are vulnerable. | ||||
CVE-2018-14659 | 2 Debian, Redhat | 7 Debian Linux, Enterprise Linux, Enterprise Linux Server and 4 more | 2024-08-05 | 6.5 Medium |
The Gluster file system through versions 4.1.4 and 3.1.2 is vulnerable to a denial of service attack via use of the 'GF_XATTR_IOSTATS_DUMP_KEY' xattr. A remote, authenticated attacker could exploit this by mounting a Gluster volume and repeatedly calling 'setxattr(2)' to trigger a state dump and create an arbitrary number of files in the server's runtime directory. | ||||
CVE-2018-14654 | 2 Debian, Redhat | 8 Debian Linux, Enterprise Linux, Enterprise Linux Server and 5 more | 2024-08-05 | 6.5 Medium |
The Gluster file system through version 4.1.4 is vulnerable to abuse of the 'features/index' translator. A remote attacker with access to mount volumes could exploit this via the 'GF_XATTROP_ENTRY_IN_KEY' xattrop to create arbitrary, empty files on the target server. | ||||
CVE-2018-14661 | 3 Debian, Gluster, Redhat | 7 Debian Linux, Glusterfs, Enterprise Linux and 4 more | 2024-08-05 | 6.5 Medium |
It was found that usage of snprintf function in feature/locks translator of glusterfs server 3.8.4, as shipped with Red Hat Gluster Storage, was vulnerable to a format string attack. A remote, authenticated attacker could use this flaw to cause remote denial of service. | ||||
CVE-2018-14660 | 3 Debian, Gluster, Redhat | 7 Debian Linux, Glusterfs, Enterprise Linux and 4 more | 2024-08-05 | 6.5 Medium |
A flaw was found in glusterfs server through versions 4.1.4 and 3.1.2 which allowed repeated usage of GF_META_LOCK_KEY xattr. A remote, authenticated attacker could use this flaw to create multiple locks for single inode by using setxattr repetitively resulting in memory exhaustion of glusterfs server node. | ||||
CVE-2018-13405 | 6 Canonical, Debian, F5 and 3 more | 34 Ubuntu Linux, Debian Linux, Big-ip Access Policy Manager and 31 more | 2024-08-05 | 7.8 High |
The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. Here, the non-member can trigger creation of a plain file whose group ownership is that group. The intended behavior was that the non-member can trigger creation of a directory (but not a plain file) whose group ownership is that group. The non-member can escalate privileges by making the plain file executable and SGID. | ||||
CVE-2018-11806 | 4 Canonical, Debian, Qemu and 1 more | 12 Ubuntu Linux, Debian Linux, Qemu and 9 more | 2024-08-05 | 8.2 High |
m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow via incoming fragmented datagrams. | ||||
CVE-2018-10915 | 4 Canonical, Debian, Postgresql and 1 more | 12 Ubuntu Linux, Debian Linux, Postgresql and 9 more | 2024-08-05 | N/A |
A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If an affected version of libpq was used with "host" or "hostaddr" connection parameters from untrusted input, attackers could bypass client-side connection security features, obtain access to higher privileged connections or potentially cause other impact through SQL injection, by causing the PQescape() functions to malfunction. Postgresql versions before 10.5, 9.6.10, 9.5.14, 9.4.19, and 9.3.24 are affected. | ||||
CVE-2018-10930 | 4 Debian, Gluster, Opensuse and 1 more | 8 Debian Linux, Glusterfs, Leap and 5 more | 2024-08-05 | 6.5 Medium |
A flaw was found in RPC request using gfs3_rename_req in glusterfs server. An authenticated attacker could use this flaw to write to a destination outside the gluster volume. | ||||
CVE-2018-10908 | 2 Ovirt, Redhat | 3 Vdsm, Enterprise Linux, Virtualization | 2024-08-05 | N/A |
It was found that vdsm before version 4.20.37 invokes qemu-img on untrusted inputs without limiting resources. By uploading a specially crafted image, an attacker could cause the qemu-img process to consume unbounded amounts of memory of CPU time, causing a denial of service condition that could potentially impact other users of the host. | ||||
CVE-2018-10897 | 2 Redhat, Rpm | 6 Enterprise Linux, Enterprise Linux Desktop, Enterprise Linux Server and 3 more | 2024-08-05 | 8.1 High |
A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. If reposync is running with heightened privileges on a targeted system, this flaw could potentially result in system compromise via the overwriting of critical system files. Version 1.1.31 and older are believed to be affected. | ||||
CVE-2018-10875 | 4 Canonical, Debian, Redhat and 1 more | 12 Ubuntu Linux, Debian Linux, Ansible Engine and 9 more | 2024-08-05 | 7.8 High |
A flaw was found in ansible. ansible.cfg is read from the current working directory which can be altered to make it point to a plugin or a module path under the control of an attacker, thus allowing the attacker to execute arbitrary code. | ||||
CVE-2018-10862 | 1 Redhat | 8 Enterprise Linux, Jboss Data Grid, Jboss Enterprise Application Platform and 5 more | 2024-08-05 | N/A |
WildFly Core before version 6.0.0.Alpha3 does not properly validate file paths in .war archives, allowing for the extraction of crafted .war archives to overwrite arbitrary files. This is an instance of the 'Zip Slip' vulnerability. | ||||
CVE-2018-10855 | 3 Canonical, Debian, Redhat | 8 Ubuntu Linux, Debian Linux, Ansible Engine and 5 more | 2024-08-05 | 5.9 Medium |
Ansible 2.5 prior to 2.5.5, and 2.4 prior to 2.4.5, do not honor the no_log task flag for failed tasks. When the no_log flag has been used to protect sensitive data passed to a task from being logged, and that task does not run successfully, Ansible will expose sensitive data in log files and on the terminal of the user running Ansible. | ||||
CVE-2018-10873 | 4 Canonical, Debian, Redhat and 1 more | 12 Ubuntu Linux, Debian Linux, Enterprise Linux and 9 more | 2024-08-05 | N/A |
A vulnerability was discovered in SPICE before version 0.14.1 where the generated code used for demarshalling messages lacked sufficient bounds checks. A malicious client or server, after authentication, could send specially crafted messages to its peer which would result in a crash or, potentially, other impacts. | ||||
CVE-2018-10874 | 1 Redhat | 5 Ansible Engine, Enterprise Linux, Openstack and 2 more | 2024-08-05 | N/A |
In ansible it was found that inventory variables are loaded from current working directory when running ad-hoc command which are under attacker's control, allowing to run arbitrary code as a result. |