ReportizFlow
Filtered by vendor Redhat
Subscriptions
Filtered by product Rhev Hypervisor
Subscriptions
Total
329 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-33910 | 5 Debian, Fedoraproject, Netapp and 2 more | 8 Debian Linux, Fedora, Hci Management Node and 5 more | 2024-11-21 | 5.5 Medium |
| basic/unit-name.c in systemd prior to 246.15, 247.8, 248.5, and 249.1 has a Memory Allocation with an Excessive Size Value (involving strdupa and alloca for a pathname controlled by a local attacker) that results in an operating system crash. | ||||
| CVE-2021-33909 | 7 Debian, Fedoraproject, Linux and 4 more | 16 Debian Linux, Fedora, Linux Kernel and 13 more | 2024-11-21 | 7.8 High |
| fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05. | ||||
| CVE-2021-33656 | 4 Debian, Huawei, Linux and 1 more | 6 Debian Linux, Openeuler, Linux Kernel and 3 more | 2024-11-21 | 6.8 Medium |
| When setting font with malicous data by ioctl cmd PIO_FONT,kernel will write memory out of bounds. | ||||
| CVE-2021-33655 | 3 Debian, Linux, Redhat | 5 Debian Linux, Linux Kernel, Enterprise Linux and 2 more | 2024-11-21 | 6.7 Medium |
| When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds. | ||||
| CVE-2021-33631 | 2 Huawei, Redhat | 5 Openeuler, Enterprise Linux, Logging and 2 more | 2024-11-21 | 5.5 Medium |
| Integer Overflow or Wraparound vulnerability in openEuler kernel on Linux (filesystem modules) allows Forced Integer Overflow.This issue affects openEuler kernel: from 4.19.90 before 4.19.90-2401.3, from 5.10.0-60.18.0 before 5.10.0-183.0.0. | ||||
| CVE-2021-33034 | 4 Debian, Fedoraproject, Linux and 1 more | 11 Debian Linux, Fedora, Linux Kernel and 8 more | 2024-11-21 | 7.8 High |
| In the Linux kernel before 5.12.4, net/bluetooth/hci_event.c has a use-after-free when destroying an hci_chan, aka CID-5c4c8c954409. This leads to writing an arbitrary value. | ||||
| CVE-2021-32399 | 4 Debian, Linux, Netapp and 1 more | 27 Debian Linux, Linux Kernel, Cloud Backup and 24 more | 2024-11-21 | 7.0 High |
| net/bluetooth/hci_request.c in the Linux kernel through 5.12.2 has a race condition for removal of the HCI controller. | ||||
| CVE-2021-30483 | 2 Isomorphic-git, Redhat | 3 Isomorphic-git, Rhev Hypervisor, Rhev Manager | 2024-11-21 | 5.3 Medium |
| isomorphic-git before 1.8.2 allows Directory Traversal via a crafted repository. | ||||
| CVE-2021-30002 | 3 Debian, Linux, Redhat | 5 Debian Linux, Linux Kernel, Enterprise Linux and 2 more | 2024-11-21 | 6.2 Medium |
| An issue was discovered in the Linux kernel before 5.11.3 when a webcam device exists. video_usercopy in drivers/media/v4l2-core/v4l2-ioctl.c has a memory leak for large arguments, aka CID-fb18802a338b. | ||||
| CVE-2021-27219 | 6 Broadcom, Debian, Fedoraproject and 3 more | 15 Brocade Fabric Operating System Firmware, Debian Linux, Fedora and 12 more | 2024-11-21 | 7.5 High |
| An issue was discovered in GNOME GLib before 2.66.6 and 2.67.x before 2.67.3. The function g_bytes_new has an integer overflow on 64-bit platforms due to an implicit cast from 64 bits to 32 bits. The overflow could potentially lead to memory corruption. | ||||
| CVE-2021-26341 | 2 Amd, Redhat | 255 A10-9600p, A10-9600p Firmware, A10-9630p and 252 more | 2024-11-21 | 6.5 Medium |
| Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage. | ||||
| CVE-2021-23337 | 5 Lodash, Netapp, Oracle and 2 more | 29 Lodash, Active Iq Unified Manager, Cloud Manager and 26 more | 2024-11-21 | 7.2 High |
| Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function. | ||||
| CVE-2021-22555 | 4 Brocade, Linux, Netapp and 1 more | 27 Fabric Operating System, Linux Kernel, Aff 500f and 24 more | 2024-11-21 | 8.3 High |
| A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space | ||||
| CVE-2021-22543 | 5 Debian, Fedoraproject, Linux and 2 more | 29 Debian Linux, Fedora, Linux Kernel and 26 more | 2024-11-21 | 7.8 High |
| An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allows users with the ability to start and control a VM to read/write random pages of memory and can result in local privilege escalation. | ||||
| CVE-2021-20228 | 2 Debian, Redhat | 6 Debian Linux, Ansible Automation Platform, Ansible Engine and 3 more | 2024-11-21 | 7.5 High |
| A flaw was found in the Ansible Engine 2.9.18, where sensitive info is not masked by default and is not protected by the no_log feature when using the sub-option feature of the basic.py module. This flaw allows an attacker to obtain sensitive information. The highest threat from this vulnerability is to confidentiality. | ||||
| CVE-2021-20191 | 2 Oracle, Redhat | 12 Virtualization, Ansible, Ansible Automation Platform and 9 more | 2024-11-21 | 5.5 Medium |
| A flaw was found in ansible. Credentials, such as secrets, are being disclosed in console log by default and not protected by no_log feature when using those modules. An attacker can take advantage of this information to steal those credentials. The highest threat from this vulnerability is to data confidentiality. Versions before ansible 2.9.18 are affected. | ||||
| CVE-2021-20180 | 1 Redhat | 5 Ansible, Ansible Automation Platform, Ansible Engine and 2 more | 2024-11-21 | 5.5 Medium |
| A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality. | ||||
| CVE-2021-20178 | 2 Fedoraproject, Redhat | 7 Fedora, Ansible, Ansible Automation Platform and 4 more | 2024-11-21 | 5.5 Medium |
| A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality. | ||||
| CVE-2021-0920 | 3 Debian, Google, Redhat | 10 Debian Linux, Android, Enterprise Linux and 7 more | 2024-11-21 | 6.4 Medium |
| In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-196926917References: Upstream kernel | ||||
| CVE-2021-0512 | 2 Google, Redhat | 4 Android, Enterprise Linux, Rhel Eus and 1 more | 2024-11-21 | 7.8 High |
| In __hidinput_change_resolution_multipliers of hid-input.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-173843328References: Upstream kernel | ||||