VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Redhat
> Software Collections
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2022-08-24
CVE-2021-4189
Unchecked Return Value vulnerability in multiple products
A flaw was found in Python, specifically in the FTP (File Transfer Protocol) client library in PASV (passive) mode.
network
low complexity
python
debian
redhat
netapp
CWE-252
5.3
5.3
2022-03-04
CVE-2021-3656
Missing Authorization vulnerability in multiple products
A flaw was found in the KVM's AMD code for supporting SVM nested virtualization.
local
low complexity
linux
fedoraproject
redhat
CWE-862
8.8
8.8
2022-03-04
CVE-2021-23214
When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL certificate verification and encryption.
network
high complexity
postgresql
fedoraproject
redhat
8.1
8.1
2022-03-02
CVE-2021-3677
A flaw was found in postgresql.
network
low complexity
postgresql
redhat
fedoraproject
6.5
6.5
2022-03-02
CVE-2022-0711
Infinite Loop vulnerability in multiple products
A flaw was found in the way HAProxy processed HTTP responses containing the "Set-Cookie2" header.
network
low complexity
haproxy
redhat
debian
CWE-835
7.5
7.5
2022-01-01
CVE-2021-41819
Reliance on Cookies without Validation and Integrity Checking vulnerability in multiple products
CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in cookie names.
network
low complexity
ruby-lang
redhat
debian
suse
opensuse
fedoraproject
CWE-565
7.5
7.5
2022-01-01
CVE-2021-41817
Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS (regular expression Denial of Service) via a long string.
network
low complexity
ruby-lang
redhat
fedoraproject
debian
suse
opensuse
7.5
7.5
2021-12-14
CVE-2021-4104
Deserialization of Untrusted Data vulnerability in multiple products
JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration.
network
high complexity
apache
fedoraproject
redhat
oracle
CWE-502
7.5
7.5
2021-10-04
CVE-2021-32672
Out-of-bounds Read vulnerability in multiple products
Redis is an open source, in-memory database that persists on disk.
network
low complexity
redis
redhat
debian
fedoraproject
netapp
oracle
CWE-125
4.3
4.3
2021-06-01
CVE-2021-32027
A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before 9.6.22.
network
low complexity
postgresql
redhat
8.8
8.8
«
Previous
1
2
(current)
3
4
5
...
13
14
»
Next