redhat

5,768 tracked vulnerabilities.

CVE-2017-12196 MEDIUM
undertow <1.4.18.SP1-2.0.2.Final - SSRF
Apr 18, 2018
CVSS 4.8
EPSS 0.02
CVE-2017-7534 MEDIUM
OpenShift Enterprise 3.x - Stored Cross-Site Scripting via Pod Log Viewer
Apr 11, 2018
CVSS 5.4
EPSS 0.01
CVE-2017-7000 HIGH
iPhone OS < 10.3.2 and macOS < 10.12.5 - Remote Code Execution via SQLite Memory Corruption
Apr 03, 2018
CVSS 8.8
EPSS 0.03
CVE-2017-15715 HIGH NUCLEI
Apache httpd <=2.4.29 - Arbitrary File Upload
Mar 26, 2018
CVSS 8.1
EPSS 0.86
CVE-2017-15710 HIGH
Apache HTTP Server 2.0.23-2.0.65, 2.2.0-2.2.34, 2.4.0-2.4.29 - Out-of-bounds Write in mod_authnz_ldap
Mar 26, 2018
CVSS 7.5
EPSS 0.18
CVE-2017-2667 HIGH
Hammer CLI < 0.10.0 - Improper Certificate Validation
Mar 12, 2018
CVSS 8.1
EPSS 0.01
CVE-2017-2619 HIGH
Samba < 4.4.12 - Symlink Race Condition
Mar 12, 2018
CVSS 7.5
EPSS 0.11
CVE-2017-2585 MEDIUM
Red Hat Keycloak < 2.5.1 - Timing Attack via Non-Constant Time HMAC Verification
Mar 12, 2018
CVSS 5.9
EPSS 0.02
CVE-2017-12174 HIGH
Apache ActiveMQ Artemis and HornetQ < 2.4.0 - Uncontrolled Resource Consumption via UDP Discovery
Mar 07, 2018
CVSS 7.5
EPSS 0.06
CVE-2017-15134 HIGH
389 Directory Server 1.3.6.1-1.3.6.12, 1.3.7.1-1.3.7.8, 1.4.0-1.4.0.4 - DoS via LDAP Search Filter
Mar 01, 2018
CVSS 7.5
EPSS 0.04
CVE-2017-12191 HIGH
Red Hat CloudForms - Improper Access Control via VMware Shared Account
Feb 28, 2018
CVSS 7.4
EPSS 0.01
CVE-2017-15136 LOW
Red Hat Satellite 6 - Denial of Service via Hostname Reset
Feb 27, 2018
CVSS 2.7
EPSS 0.01
CVE-2017-18191 HIGH
OpenStack Nova 15.0.0-15.1.0 and 16.0.0-16.1.1 - Denial of Service via Encrypted Volume Detach/Reattach
Feb 19, 2018
CVSS 7.5
EPSS 0.04
CVE-2017-10690 MEDIUM
Puppet Agent < 5.3.4 and Puppet Enterprise < 2017.3.4 - Improper Privilege Management
Feb 09, 2018
CVSS 6.5
EPSS 0.01
CVE-2017-10689 MEDIUM
Puppet < 5.3.4 and Puppet Enterprise < 2016.4.10 - Improper Privilege Management
Feb 09, 2018
CVSS 5.5
EPSS 0.00
CVE-2017-7525 CRITICAL
jackson-databind <2.6.7.1, <2.7.9.1, <2.8.9 - Code Injection
Feb 06, 2018
CVSS 9.8
EPSS 0.38
CVE-2017-15095 CRITICAL
jackson-databind <2.8.10, 2.9.1 - Code Injection
Feb 06, 2018
CVSS 9.8
EPSS 0.08
CVE-2017-12197 MEDIUM
libpam4j <= 1.8 - Authentication Bypass via Disabled Account Validation
Jan 18, 2018
CVSS 6.5
EPSS 0.02
CVE-2017-15128 MEDIUM
Linux Kernel < 4.13.12 - Denial of Service via hugetlb_mcopy_atomic_pte Size Check
Jan 14, 2018
CVSS 5.5
EPSS 0.00
CVE-2017-15127 MEDIUM
Linux Kernel < 4.13 - Denial of Service via Implicit Page Unlock in hugetlb_mcopy_atomic_pte
Jan 14, 2018
CVSS 5.5
EPSS 0.00
CVE-2017-12189 HIGH
Red Hat JBoss EAP 7.0.7.GA - Local Privilege Escalation via Init Script
Jan 10, 2018
CVSS 7.8
EPSS 0.00
CVE-2017-17485 CRITICAL
jackson-databind < 2.6.7.3, 2.9.0-2.9.3 - Unauthenticated Remote Code Execution via Malicious JSON Input
Jan 10, 2018
CVSS 9.8
EPSS 0.50
CVE-2017-7559 MEDIUM
Undertow <2.0.0.Alpha2,<1.4.17.Final,<1.3.31.Final - SSRF
Jan 10, 2018
CVSS 6.1
EPSS 0.02
CVE-2017-7536 HIGH
Hibernate Validator <5.2.5-5.4.x - Privilege Escalation
Jan 10, 2018
CVSS 7.0
EPSS 0.00
CVE-2017-15131 HIGH
xdg-user-dirs < 0.15.5 - Improper Access Control via Umask Policy Bypass
Jan 09, 2018
CVSS 7.8
EPSS 0.00