redhat/amq_online Vulnerability Summary Vendor name: redhat Product name: amq_online Total vulnerabilities: 2 (as 2023-05-04) redhat/amq_online Vulnerability List CVE-2020-14348: It was found in AMQ Online before 1.5.2 that injecting an invalid field to a user’s AddressSpace… Published: 2020-09-16T18:15:00 Last Modified: 2020-09-23T16:58:00
Summary
It was found in AMQ Online before 1.5.2 that injecting an invalid field to a user’s AddressSpace configuration of the user namespace puts AMQ Online in an inconsistent state, where the AMQ Online components do not operate properly, such as the failure of provisioning and the failure of creating addresses, though this does not impact upon already existing messaging clients or brokers.
redhat/amq Vulnerability Summary Vendor name: redhat Product name: amq Total vulnerabilities: 7 (as 2023-05-04) redhat/amq Vulnerability List CVE-2020-14348: It was found in AMQ Online before 1.5.2 that injecting an invalid field to a user’s AddressSpace… Published: 2020-09-16T18:15:00 Last Modified: 2020-09-23T16:58:00
Summary
It was found in AMQ Online before 1.5.2 that injecting an invalid field to a user’s AddressSpace configuration of the user namespace puts AMQ Online in an inconsistent state, where the AMQ Online components do not operate properly, such as the failure of provisioning and the failure of creating addresses, though this does not impact upon already existing messaging clients or brokers.
redhat/ansible_engine Vulnerability Summary Vendor name: redhat Product name: ansible_engine Total vulnerabilities: 26 (as 2023-05-04) redhat/ansible_engine Vulnerability List CVE-2021-3583: A flaw was found in Ansible, where a user’s controller is vulnerable to template injection. This… Published: 2021-09-22T12:15:00 Last Modified: 2021-10-05T16:12:00
Summary
A flaw was found in Ansible, where a user’s controller is vulnerable to template injection. This issue can occur through facts used in the template if the user is trying to put templates in multi-line YAML strings and the facts being handled do not routinely include special template characters.
redhat/ansible_tower Vulnerability Summary Vendor name: redhat Product name: ansible_tower Total vulnerabilities: 65 (as 2023-05-04) redhat/ansible_tower Vulnerability List CVE-2021-3583: A flaw was found in Ansible, where a user’s controller is vulnerable to template injection. This… Published: 2021-09-22T12:15:00 Last Modified: 2021-10-05T16:12:00
Summary
A flaw was found in Ansible, where a user’s controller is vulnerable to template injection. This issue can occur through facts used in the template if the user is trying to put templates in multi-line YAML strings and the facts being handled do not routinely include special template characters.
redhat/ansible Vulnerability Summary Vendor name: redhat Product name: ansible Total vulnerabilities: 105 (as 2023-05-04) redhat/ansible Vulnerability List CVE-2021-3583: A flaw was found in Ansible, where a user’s controller is vulnerable to template injection. This… Published: 2021-09-22T12:15:00 Last Modified: 2021-10-05T16:12:00
Summary
A flaw was found in Ansible, where a user’s controller is vulnerable to template injection. This issue can occur through facts used in the template if the user is trying to put templates in multi-line YAML strings and the facts being handled do not routinely include special template characters.
redhat/enterprise_linux Vulnerability Summary Vendor name: redhat Product name: enterprise_linux Total vulnerabilities: 2390 (as 2023-05-04) redhat/enterprise_linux Vulnerability List CVE-2022-0487: A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove in… Published: 2022-02-04T23:15:00 Last Modified: 2022-02-09T20:00:00
Summary
A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove in drivers/memstick/host/rtsx_usb_ms.c in memstick in the Linux kernel. In this flaw, a local attacker with a user privilege may impact system Confidentiality. This flaw affects kernel versions prior to 5.14 rc1.
redhat/etcd Vulnerability Summary Vendor name: redhat Product name: etcd Total vulnerabilities: 6 (as 2023-05-04) redhat/etcd Vulnerability List CVE-2020-15114: In etcd before versions 3.3.23 and 3.4.10, the etcd gateway is a simple TCP proxy to allow for… Published: 2020-08-06T23:15:00 Last Modified: 2021-11-18T18:31:00
Summary
In etcd before versions 3.3.23 and 3.4.10, the etcd gateway is a simple TCP proxy to allow for basic service discovery and access. However, it is possible to include the gateway address as an endpoint.
redhat/fedora_core Vulnerability Summary Vendor name: redhat Product name: fedora_core Total vulnerabilities: 83 (as 2023-05-04) redhat/fedora_core Vulnerability List CVE-2008-2944: Double free vulnerability in the utrace support in the Linux kernel, probably 2.6.18, in Red Hat… Published: 2008-06-30T21:41:00 Last Modified: 2022-02-07T19:50:00
Summary
Double free vulnerability in the utrace support in the Linux kernel, probably 2.6.18, in Red Hat Enterprise Linux (RHEL) 5 and Fedora Core 6 (FC6) allows local users to cause a denial of service (oops), as demonstrated by a crash when running the GNU GDB testsuite, a different vulnerability than CVE-2008-2365.
redhat/fedora Vulnerability Summary Vendor name: redhat Product name: fedora Total vulnerabilities: 526 (as 2023-05-04) redhat/fedora Vulnerability List CVE-2021-45417: AIDE before 0.17.4 allows local users to obtain root privileges via crafted file metadata (such… Published: 2022-01-20T18:15:00 Last Modified: 2022-01-26T19:49:00
Summary
AIDE before 0.17.4 allows local users to obtain root privileges via crafted file metadata (such as XFS extended attributes or tmpfs ACLs), because of a heap-based buffer overflow.
Common Weakness Enumeration (CWE): CWE-787: Out-of-bounds Write CWE Description: The software writes data past the end, or before the beginning, of the intended buffer.
redhat/openssl Vulnerability Summary Vendor name: redhat Product name: openssl Total vulnerabilities: 28 (as 2023-05-04) redhat/openssl Vulnerability List CVE-2018-16395: An issue was discovered in the OpenSSL library in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x… Published: 2018-11-16T18:29:00 Last Modified: 2019-10-03T00:03:00
Summary
An issue was discovered in the OpenSSL library in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. When two OpenSSL::X509::Name objects are compared using ==, depending on the ordering, non-equal objects may return true.
The latest CVE Vulnerability list for popular products of redhat redhat/amq redhat/amq_online redhat/ansible redhat/ansible_engine redhat/ansible_tower redhat/enterprise_linux redhat/etcd redhat/fedora redhat/fedora_core redhat/openssl See also: All the last popular products CVE vulnerabilities
redhat/analog_real-time_synthesizer Vulnerability Summary Vendor name: redhat Product name: analog_real-time_synthesizer Total vulnerabilities: 1 (as 2023-04-30) redhat/analog_real-time_synthesizer Vulnerability List CVE-2003-0459: KDE Konqueror for KDE 3.1.2 and earlier does not remove authentication credentials from URLs of… Published: 2003-08-27T04:00:00 Last Modified: 2017-10-11T01:29:00
Summary
KDE Konqueror for KDE 3.1.2 and earlier does not remove authentication credentials from URLs of the “user:password@host” form in the HTTP-Referer header, which could allow remote web sites to steal the credentials for pages that link to the sites.
redhat/fedora_8 Vulnerability Summary Vendor name: redhat Product name: fedora_8 Total vulnerabilities: 1 (as 2023-04-30) redhat/fedora_8 Vulnerability List CVE-2008-2359: The default configuration of consolehelper in system-config-network before 1.5.10-1 on Fedora 8… Published: 2008-06-02T21:30:00 Last Modified: 2017-08-08T01:30:00
Summary
The default configuration of consolehelper in system-config-network before 1.5.10-1 on Fedora 8 lacks the USER=root directive, which allows local users of the workstation console to gain privileges and change the network configuration.
Common Weakness Enumeration (CWE): CWE-16 Scores