Filter
AND
AND

Redhat Openshift Container PlatformGraphql: information disclosure via graphql introspection in openshift

First published (updated )

Redhat Openshift Container PlatformOpenshift-console: unauthenticated installation of helm charts

EPSS
0.05%
First published (updated )

FreeBSD FreeBSDOpenSSH regreSSHion Attack (CVE-2024-6387)

8.1
EPSS
71.47%
First published (updated )

Redhat Openshift Container PlatformCri-o: malicious container can create symlink on host

8.1
EPSS
0.04%
First published (updated )

CVE-2024-5037Openshift/telemeter: iss check during jwt authentication can be bypassed

7.5
EPSS
0.07%
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Redhat Enterprise LinuxPodman: kernel: containers in shared ipc namespace are vulnerable to denial of service attack

7.7
First published (updated )

Redhat Openstack PlatformImpact of Terrapin SSH Attack (Severity: MEDIUM)

First published (updated )

Apache Tomcat- Rapid Reset HTTP/2 vulnerability

First published (updated )

Ovn Open Virtual NetworkService monitor mac flow is not rate limited

First published (updated )

ubuntu/docker-registryInput Validation

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Redhat Enterprise LinuxLast updated 24 July 2024

First published (updated )

Redhat Openshift OsinOpenShift OSIN CheckClientSecret timing discrepancy

First published (updated )

Redhat Openshift Container PlatformContent spoofing

First published (updated )

Cloudbase Open VswitchA flaw was found in openvswitch (OVS). When processing an IP packet with protocol 0, OVS will instal…

8.2
First published (updated )

Redhat Enterprise LinuxAn incorrect handling of the supplementary groups in the Podman container engine might lead to the s…

7.1
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Redhat Enterprise LinuxAn incorrect handling of the supplementary groups in the Buildah container engine might lead to the …

7.1
First published (updated )

redhat/dpdkA permissive list of allowed inputs flaw was found in DPDK. This issue allows a remote attacker to c…

8.6
First published (updated )

redhat/cri-oA vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyon…

7.8
First published (updated )

Fedoraproject FedoraA vulnerability was found in Ignition, where ignition configs are accessible from unprivileged conta…

7.5
First published (updated )

Fedoraproject FedoraAn Improper Certificate Validation attack was found in Openshift. A re-encrypt Route with destinatio…

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Redhat Advanced Cluster Management For KubernetesOpenshift api admission checks does not enforce "custom-host" permissions

7.5
First published (updated )

Crun Project CrunA flaw was found in crun where containers were incorrectly started with non-empty default permission…

7.5
First published (updated )

redhat/cri-oA flaw was found in cri-o, where containers were incorrectly started with non-empty default permissi…

First published (updated )

Fedoraproject FedoraA flaw was found in Podman, where containers were started incorrectly with non-empty default permiss…

7.5
First published (updated )

Openstack Oslo.utilsmask_passwords doesn't mask characters following a " so if a user has a password containing a " in t…

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Dpdk Data Plane Development KitA flaw was found in dpdk. This flaw allows a malicious vhost-user master to attach an unexpected num…

First published (updated )

redhat/haproxyA flaw was found in haproxy. Anybody who can add a "set-cookie2 X=Y" header into the return path fro…

7.5
First published (updated )

redhat/cri-oAn incorrect sysctls validation vulnerability was found in CRI-O. The sysctls from the list of "safe…

First published (updated )

ubuntu/openvswitchOpenvswitch don't match packets on nd_target field

7.1
First published (updated )

redhat/podmanA privilege escalation flaw was found in Podman. This flaw allows an attacker to publish a malicious…

8.8
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Redhat Noobaa-operatorXSS

7.1
First published (updated )

GNOME NetworkManagerInput Validation

First published (updated )

Fedoraproject FedoraThe decompression functionality of github.com/containers/storage in all versions starting from v1.23…

7.1
First published (updated )

Redhat Openshift Container PlatformWhen running OpenShift with Red Hat supported network types, applications in the cluster are blocked…

First published (updated )

redhat/openvswitchA flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets can cause memor…

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

redhat/grafanaA signature verification vulnerability exists in crewjam/saml. This flaw allows an attacker to bypas…

First published (updated )

ubuntu/pygmentsAn infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when pe…

7.5
First published (updated )

redhat/elasticsearch-operator-containerThe elasticsearch-operator does not validate the namespace where kibana logging resource is created …

First published (updated )

Redhat CephUser credentials can be manipulated and stolen by Native CephFS consumers of OpenStack Manila. An Op…

7.1
First published (updated )

redhat/cephLast updated 24 July 2024

8.8
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

redhat/grub2GRUB2 contained integer overflows when handling the initrd command, leading to a heap-based buffer overflow.

First published (updated )

redhat/grub2GRUB2 contains a race condition leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing.

First published (updated )

redhat/grub2GRUB2: avoid loading unsigned kernels when GRUB is booted directly under secureboot without shim

First published (updated )

Redhat Openshift Container PlatformCVE-2020-10752

7.5
First published (updated )

redhat/heketiWhile requesting a new block volume creation, at Heketi we dump the sensitive gluster-block volumes …

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

redhat/kibanaCode Injection

7.2
First published (updated )

redhat/containernetworking-pluginsCNI network plugins create network bridges that IPv6 router advertisements by default. An attacker a…

First published (updated )

ubuntu/haproxyIn hpack_dht_insert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a r…

8.8
First published (updated )

Systemd Project SystemdUse After Free

7.8
First published (updated )

Redhat Openshift Container PlatformAn insecure modification vulnerability in the /etc/passwd file was found in the operator-framework/p…

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203