Redhat Virtualization_host
84 CVEs affecting Redhat Virtualization_host. Latest disclosed: 2024-04-18. Critical: 5, High: 45.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2019-3888 | Critical | 9.8 | 2019-06-12 | A vulnerability was found in Undertow web server before 2.0.21. An information exposure of plain text credentials through log files because Connectors.executeR… |
CVE-2018-11236 | Critical | 9.8 | 2018-05-18 | stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath function, could… |
CVE-2018-8088 | Critical | 9.8 | 2018-03-20 | org.slf4j.ext.EventData in the slf4j-ext module in QOS.CH SLF4J before 1.8.0-beta2 allows remote attackers to bypass intended access restrictions via crafted d… |
CVE-2017-7525 | Critical | 9.8 | 2018-02-06 | A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an unauthenticated user to perform… |
CVE-2018-6485 | Critical | 9.8 | 2018-02-01 | An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause th… |
CVE-2022-0435 | High | 8.8 | 2022-03-25 | A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of d… |
CVE-2021-3656 | High | 8.8 | 2022-03-04 | A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provi… |
CVE-2021-44142 | High | 8.8 | 2022-02-21 | The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide "...enhanced compatibility with Apple SMB clients and interoperability with a N… |
CVE-2021-3621 | High | 8.8 | 2021-12-23 | A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. This flaw allows… |
CVE-2019-14821 | High | 8.8 | 2019-09-19 | An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO w… |
CVE-2018-1000805 | High | 8.8 | 2018-10-08 | Paramiko version 2.4.1, 2.3.2, 2.2.3, 2.1.5, 2.0.8, 1.18.5, 1.17.6 contains a Incorrect Access Control vulnerability in SSH server that can result in RCE. This… |
CVE-2018-10929 | High | 8.8 | 2018-09-04 | A flaw was found in RPC request using gfs2_create_req in glusterfs server. An authenticated attacker could use this flaw to create arbitrary files and execute… |
CVE-2018-10928 | High | 8.8 | 2018-09-04 | A flaw was found in RPC request using gfs3_symlink_req in glusterfs server which allows symlink destinations to point to file paths outside of the gluster volu… |
CVE-2018-10926 | High | 8.8 | 2018-09-04 | A flaw was found in RPC request using gfs3_mknod_req supported by glusterfs server. An authenticated attacker could use this flaw to write files to an arbitrar… |
CVE-2018-10907 | High | 8.8 | 2018-09-04 | It was found that glusterfs server is vulnerable to multiple stack based buffer overflows due to functions in server-rpc-fopc.c allocating fixed size buffers u… |
CVE-2018-10904 | High | 8.8 | 2018-09-04 | It was found that glusterfs server does not properly sanitize file paths in the "trusted.io-stats-dump" extended attribute which is used by the "debug/io-stats… |
CVE-2018-10873 | High | 8.3 | 2018-08-17 | A vulnerability was discovered in SPICE before version 0.14.1 where the generated code used for demarshalling messages lacked sufficient bounds checks. A malic… |
CVE-2020-25717 | High | 8.1 | 2022-02-18 | A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible privilege escalation. |
CVE-2018-18559 | High | 8.1 | 2018-10-22 | In the Linux kernel through 4.19, a use-after-free can occur due to a race condition between fanout_add from setsockopt and bind on an AF_PACKET socket. This i… |
CVE-2018-10927 | High | 8.1 | 2018-09-04 | A flaw was found in RPC request using gfs3_lookup_req in glusterfs server. An authenticated attacker could use this flaw to leak information and execute remote… |