Export limit exceeded: 76240 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (76240 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-20218 | 1 Redhat | 16 A-mq Online, Amq Online, Build Of Quarkus and 13 more | 2024-11-21 | 7.4 High |
| A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after. This flaw allows a malicious pod/container to cause applications using the fabric8 kubernetes-client `copy` command to extract files outside the working path. The highest threat from this vulnerability is to integrity and system availability. This has been fixed in kubernetes-client-4.13.2 kubernetes-client-5.0.2 kubernetes-client-4.11.2 kubernetes-client-4.7.2 | ||||
| CVE-2021-20217 | 1 Privoxy | 1 Privoxy | 2024-11-21 | 7.5 High |
| A flaw was found in Privoxy in versions before 3.0.31. An assertion failure triggered by a crafted CGI request may lead to denial of service. The highest threat from this vulnerability is to system availability. | ||||
| CVE-2021-20216 | 1 Privoxy | 1 Privoxy | 2024-11-21 | 7.5 High |
| A flaw was found in Privoxy in versions before 3.0.31. A memory leak that occurs when decompression fails unexpectedly may lead to a denial of service. The highest threat from this vulnerability is to system availability. | ||||
| CVE-2021-20215 | 1 Privoxy | 1 Privoxy | 2024-11-21 | 7.5 High |
| A flaw was found in Privoxy in versions before 3.0.29. Memory leaks in the show-status CGI handler when memory allocations fail can lead to a system crash. | ||||
| CVE-2021-20214 | 1 Privoxy | 1 Privoxy | 2024-11-21 | 7.5 High |
| A flaw was found in Privoxy in versions before 3.0.29. Memory leaks in the client-tags CGI handler when client tags are configured and memory allocations fail can lead to a system crash. | ||||
| CVE-2021-20213 | 1 Privoxy | 1 Privoxy | 2024-11-21 | 7.5 High |
| A flaw was found in Privoxy in versions before 3.0.29. Dereference of a NULL-pointer that could result in a crash if accept-intercepted-requests was enabled, Privoxy failed to get the request destination from the Host header and a memory allocation failed. | ||||
| CVE-2021-20212 | 1 Privoxy | 1 Privoxy | 2024-11-21 | 7.5 High |
| A flaw was found in Privoxy in versions before 3.0.29. Memory leak if multiple filters are executed and the last one is skipped due to a pcre error leading to a system crash. | ||||
| CVE-2021-20211 | 1 Privoxy | 1 Privoxy | 2024-11-21 | 7.5 High |
| A flaw was found in Privoxy in versions before 3.0.29. Memory leak when client tags are active can cause a system crash. | ||||
| CVE-2021-20210 | 1 Privoxy | 1 Privoxy | 2024-11-21 | 7.5 High |
| A flaw was found in Privoxy in versions before 3.0.29. Memory leak in the show-status CGI handler when no filter files are configured can lead to a system crash. | ||||
| CVE-2021-20209 | 1 Privoxy | 1 Privoxy | 2024-11-21 | 7.5 High |
| A memory leak vulnerability was found in Privoxy before 3.0.29 in the show-status CGI handler when no action files are configured. | ||||
| CVE-2021-20206 | 2 Linuxfoundation, Redhat | 3 Container Network Interface, Container Native Virtualization, Openshift | 2024-11-21 | 7.2 High |
| An improper limitation of path name flaw was found in containernetworking/cni in versions before 0.8.1. When specifying the plugin to load in the 'type' field in the network configuration, it is possible to use special elements such as "../" separators to reference binaries elsewhere on the system. This flaw allows an attacker to execute other existing binaries other than the cni plugins/types, such as 'reboot'. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. | ||||
| CVE-2021-20202 | 1 Redhat | 1 Keycloak | 2024-11-21 | 7.3 High |
| A flaw was found in keycloak. Directories can be created prior to the Java process creating them in the temporary directory, but with wider user permissions, allowing the attacker to have access to the contents that keycloak stores in this directory. The highest threat from this vulnerability is to data confidentiality and integrity. | ||||
| CVE-2021-20198 | 1 Redhat | 2 Openshift, Openshift Installer | 2024-11-21 | 8.1 High |
| A flaw was found in the OpenShift Installer before version v0.9.0-master.0.20210125200451-95101da940b0. During installation of OpenShift Container Platform 4 clusters, bootstrap nodes are provisioned with anonymous authentication enabled on kubelet port 10250. A remote attacker able to reach this port during installation can make unauthenticated `/exec` requests to execute arbitrary commands within running containers. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | ||||
| CVE-2021-20194 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Openshift Container Platform | 2024-11-21 | 7.8 High |
| There is a vulnerability in the linux kernel versions higher than 5.2 (if kernel compiled with config params CONFIG_BPF_SYSCALL=y , CONFIG_BPF=y , CONFIG_CGROUPS=y , CONFIG_CGROUP_BPF=y , CONFIG_HARDENED_USERCOPY not set, and BPF hook to getsockopt is registered). As result of BPF execution, the local user can trigger bug in __cgroup_bpf_run_filter_getsockopt() function that can lead to heap overflow (because of non-hardened usercopy). The impact of attack could be deny of service or possibly privileges escalation. | ||||
| CVE-2021-20188 | 2 Podman Project, Redhat | 5 Podman, Enterprise Linux, Openshift Container Platform and 2 more | 2024-11-21 | 7.0 High |
| A flaw was found in podman before 1.7.0. File permissions for non-root users running in a privileged container are not correctly checked. This flaw can be abused by a low-privileged user inside the container to access any other file in the container, even if owned by the root user inside the container. It does not allow to directly escape the container, though being a privileged container means that a lot of security features are disabled when running the container. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | ||||
| CVE-2021-20187 | 1 Moodle | 1 Moodle | 2024-11-21 | 7.2 High |
| It was found in Moodle before version 3.10.1, 3.9.4, 3.8.7 and 3.5.16 that it was possible for site administrators to execute arbitrary PHP scripts via a PHP include used during Shibboleth authentication. | ||||
| CVE-2021-20182 | 1 Redhat | 2 Openshift, Openshift Container Platform | 2024-11-21 | 8.8 High |
| A privilege escalation flaw was found in openshift4/ose-docker-builder. The build container runs with high privileges using a chrooted environment instead of runc. If an attacker can gain access to this build container, they can potentially utilize the raw devices of the underlying node, such as the network and storage devices, to at least escalate their privileges to that of the cluster admin. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | ||||
| CVE-2021-20181 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2024-11-21 | 7.5 High |
| A race condition flaw was found in the 9pfs server implementation of QEMU up to and including 5.2.0. This flaw allows a malicious 9p client to cause a use-after-free error, potentially escalating their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity as well as system availability. | ||||
| CVE-2021-20179 | 3 Dogtagpki, Fedoraproject, Redhat | 5 Dogtagpki, Fedora, Certificate System and 2 more | 2024-11-21 | 8.1 High |
| A flaw was found in pki-core. An attacker who has successfully compromised a key could use this flaw to renew the corresponding certificate over and over again, as long as it is not explicitly revoked. The highest threat from this vulnerability is to data confidentiality and integrity. | ||||
| CVE-2021-20175 | 1 Netgear | 2 R6700, R6700 Firmware | 2024-11-21 | 7.5 High |
| Netgear Nighthawk R6700 version 1.0.4.120 does not utilize secure communication methods to the SOAP interface. By default, all communication to/from the device's SOAP Interface (port 5000) is sent via HTTP, which causes potentially sensitive information (such as usernames and passwords) to be transmitted in cleartext | ||||