Redhat Storage
15 CVEs affecting Redhat Storage. Latest disclosed: 2023-12-18. Critical: 1, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2012-4406 | Critical | 9.8 | 2012-10-22 | OpenStack Object Storage (swift) before 1.7.0 uses the loads function in the pickle Python module unsafely when storing and loading metadata in memcached, whic… |
CVE-2012-0247 | High | 8.8 | 2012-06-05 | ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset… |
CVE-2011-3045 | High | 8.8 | 2012-03-22 | Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other product… |
CVE-2014-0224 | High | 7.4 | 2014-06-05 | OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-th… |
CVE-2012-0037 | Medium | 6.5 | 2012-06-17 | Redland Raptor (aka libraptor) before 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice before 3.4.6 and 3.5.x before 3.5.1, and other products, allow… |
CVE-2012-1798 | Medium | 6.5 | 2012-06-05 | The TIFFGetEXIFProperties function in coders/tiff.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (out-of-bounds read and… |
CVE-2012-0260 | Medium | 6.5 | 2012-06-05 | The JPEGWarningHandler function in coders/jpeg.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (memory consumption) via a… |
CVE-2023-48795 | Medium | 5.9 | 2023-12-18 | The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks… |
CVE-2012-0248 | Medium | 5.5 | 2012-06-05 | ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted image whose IFD contains IOP tags t… |
CVE-2014-3470 | | 2014-06-05 | The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when an anonymous ECDH cipher… | |
CVE-2014-0221 | | 2014-06-05 | The dtls1_get_message_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a… | |
CVE-2012-0876 | | 2012-07-03 | The XML parser (xmlparse.c) in expat before 2.1.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows con… | |
CVE-2012-1938 | | 2012-06-05 | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 13.0, Thunderbird before 13.0, and SeaMonkey before 2.10 allow remote atta… | |
CVE-2012-0053 | | 2012-01-28 | protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request (aka 400) error docu… | |
CVE-2012-0031 | | 2012-01-18 | scoreboard.c in the Apache HTTP Server 2.2.21 and earlier might allow local users to cause a denial of service (daemon crash during shutdown) or possibly have… |