Vulnerabilities > Redhat > Storage > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-11-03 CVE-2023-3961 Path Traversal vulnerability in multiple products
A path traversal vulnerability was identified in Samba when processing client pipe names connecting to Unix domain sockets within a private directory.
network
low complexity
samba redhat fedoraproject CWE-22
critical
9.8
2022-03-21 CVE-2022-26148 Cleartext Storage of Sensitive Information vulnerability in multiple products
An issue was discovered in Grafana through 7.3.4, when integrated with Zabbix.
network
low complexity
grafana redhat CWE-312
critical
9.8
2012-10-22 CVE-2012-4406 Deserialization of Untrusted Data vulnerability in multiple products
OpenStack Object Storage (swift) before 1.7.0 uses the loads function in the pickle Python module unsafely when storing and loading metadata in memcached, which allows remote attackers to execute arbitrary code via a crafted pickle object.
network
low complexity
openstack fedoraproject redhat CWE-502
critical
9.8
2012-05-11 CVE-2012-1823 sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'd' case.
network
low complexity
php fedoraproject debian hp opensuse suse apple redhat
critical
9.8