Vulnerabilities > Redhat

DATE	CVE	VULNERABILITY TITLE	RISK
2019-04-09	CVE-2019-3887	Incorrect Authorization vulnerability in multiple products A flaw was found in the way KVM hypervisor handled x2APIC Machine Specific Rregister (MSR) access with nested(=1) virtualization enabled. local high complexity linux fedoraproject canonical redhat CWE-863	5.6
2019-04-09	CVE-2019-3880	Path Traversal vulnerability in multiple products A flaw was found in the way samba implemented an RPC endpoint emulating the Windows registry service API. network low complexity samba debian redhat fedoraproject opensuse CWE-22	5.4
2019-04-09	CVE-2019-0757	A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated attacker to modify a NuGet package's folder structure, aka 'NuGet Package Manager Tampering Vulnerability'. network low complexity microsoft mono-project redhat	4.0
2019-04-08	CVE-2019-0217	Race Condition vulnerability in multiple products In Apache HTTP Server 2.4 release 2.4.38 and prior, a race condition in mod_auth_digest when running in a threaded server could allow a user with valid credentials to authenticate using another username, bypassing configured access control restrictions. network high complexity apache debian fedoraproject canonical redhat opensuse netapp oracle CWE-362	7.5
2019-04-07	CVE-2019-10906	In Pallets Jinja before 2.10.1, str.format_map allows a sandbox escape. network low complexity palletsprojects fedoraproject canonical redhat opensuse	8.6
2019-04-05	CVE-2019-10876	An issue was discovered in OpenStack Neutron 11.x before 11.0.7, 12.x before 12.0.6, and 13.x before 13.0.3. network low complexity openstack redhat	4.0
2019-04-04	CVE-2019-3886	Missing Authorization vulnerability in multiple products An incorrect permissions check was discovered in libvirt 4.8.0 and above. low complexity redhat opensuse fedoraproject CWE-862	5.4
2019-04-01	CVE-2019-3876	Cross-Site Request Forgery (CSRF) vulnerability in Redhat Openshift Container Platform A flaw was found in the /oauth/token/request custom endpoint of the OpenShift OAuth server allowing for XSS generation of CLI tokens due to missing X-Frame-Options and CSRF protections. network low complexity redhat CWE-352	6.3
2019-04-01	CVE-2019-1002101	Link Following vulnerability in multiple products The kubectl cp command allows copying files between containers and the user machine. local low complexity kubernetes redhat CWE-59	5.5
2019-04-01	CVE-2019-1002100	Allocation of Resources Without Limits or Throttling vulnerability in multiple products In all Kubernetes versions prior to v1.11.8, v1.12.6, and v1.13.4, users that are authorized to make patch requests to the Kubernetes API Server can send a specially crafted patch of type "json-patch" (e.g. network low complexity kubernetes redhat CWE-770	6.5

Vulnerabilities > Redhat {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Redhat"}]}

Vulnerabilities > Redhat