Export limit exceeded: 23293 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (23293 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-7348 | 2 Postgresql, Redhat | 7 Postgresql, Enterprise Linux, Rhel Aus and 4 more | 2024-11-21 | 8.8 High |
| Time-of-check Time-of-use (TOCTOU) race condition in pg_dump in PostgreSQL allows an object creator to execute arbitrary SQL functions as the user running pg_dump, which is often a superuser. The attack involves replacing another relation type with a view or foreign table. The attack requires waiting for pg_dump to start, but winning the race condition is trivial if the attacker retains an open transaction. Versions before PostgreSQL 16.4, 15.8, 14.13, 13.16, and 12.20 are affected. | ||||
| CVE-2024-6104 | 2 Hashicorp, Redhat | 13 Retryablehttp, Advanced Cluster Security, Ceph Storage and 10 more | 2024-11-21 | 6 Medium |
| go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp 0.7.7. | ||||
| CVE-2024-5891 | 1 Redhat | 1 Quay | 2024-11-21 | 4.2 Medium |
| A vulnerability was found in Quay. If an attacker can obtain the client ID for an application, they can use an OAuth token to authenticate despite not having access to the organization from which the application was created. This issue is limited to authentication and not authorization. However, in configurations where endpoints rely only on authentication, a user may authenticate to applications they otherwise have no access to. | ||||
| CVE-2024-5321 | 1 Redhat | 1 Openshift | 2024-11-21 | 6.1 Medium |
| A security issue was discovered in Kubernetes clusters with Windows nodes where BUILTIN\Users may be able to read container logs and NT AUTHORITY\Authenticated Users may be able to modify container logs. | ||||
| CVE-2024-51127 | 1 Redhat | 2 Hornetq, Jboss Enterprise Application Platform | 2024-11-21 | 9.1 Critical |
| An issue in the createTempFile method of hornetq v2.4.9 allows attackers to arbitrarily overwrite files or access sensitive information. | ||||
| CVE-2024-4603 | 2 Openssl, Redhat | 2 Openssl, Enterprise Linux | 2024-11-21 | 5.3 Medium |
| Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the functions EVP_PKEY_param_check() or EVP_PKEY_public_check() to check a DSA public key or DSA parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. The functions EVP_PKEY_param_check() or EVP_PKEY_public_check() perform various checks on DSA parameters. Some of those computations take a long time if the modulus (`p` parameter) is too large. Trying to use a very large modulus is slow and OpenSSL will not allow using public keys with a modulus which is over 10,000 bits in length for signature verification. However the key and parameter check functions do not limit the modulus size when performing the checks. An application that calls EVP_PKEY_param_check() or EVP_PKEY_public_check() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. These functions are not called by OpenSSL itself on untrusted DSA keys so only applications that directly call these functions may be vulnerable. Also vulnerable are the OpenSSL pkey and pkeyparam command line applications when using the `-check` option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue. | ||||
| CVE-2024-49769 | 3 Agendaless, Pylons, Redhat | 4 Waitress, Waitress, Openshift Ironic and 1 more | 2024-11-21 | 7.5 High |
| Waitress is a Web Server Gateway Interface server for Python 2 and 3. When a remote client closes the connection before waitress has had the opportunity to call getpeername() waitress won't correctly clean up the connection leading to the main thread attempting to write to a socket that no longer exists, but not removing it from the list of sockets to attempt to process. This leads to a busy-loop calling the write function. A remote attacker could run waitress out of available sockets with very little resources required. Waitress 3.0.1 contains fixes that remove the race condition. | ||||
| CVE-2024-47561 | 2 Apache, Redhat | 8 Avro, Apache Camel Spring Boot, Apicurio Registry and 5 more | 2024-11-21 | 7.3 High |
| Schema parsing in the Java SDK of Apache Avro 1.11.3 and previous versions allows bad actors to execute arbitrary code. Users are recommended to upgrade to version 1.11.4 or 1.12.0, which fix this issue. | ||||
| CVE-2024-47211 | 1 Redhat | 2 Openshift, Openstack | 2024-11-21 | 5.3 Medium |
| In OpenStack Ironic before 21.4.4, 22.x and 23.x before 23.0.3, 23.x and 24.x before 24.1.3, and 25.x and 26.x before 26.1.0, there is a lack of checksum validation of supplied image_source URLs when configured to convert images to a raw format for streaming. | ||||
| CVE-2024-41184 | 2 Acassen, Redhat | 3 Keepalived, Ceph Storage, Enterprise Linux | 2024-11-21 | 9.8 Critical |
| In the vrrp_ipsets_handler handler (fglobal_parser.c) of keepalived through 2.3.1, an integer overflow can occur. NOTE: this CVE Record might not be worthwhile because an empty ipset name must be configured by the user. | ||||
| CVE-2024-41172 | 2 Apache, Redhat | 3 Cxf, Camel Quarkus, Jboss Enterprise Application Platform | 2024-11-21 | 7.5 High |
| In versions of Apache CXF before 3.6.4 and 4.0.5 (3.5.x and lower versions are not impacted), a CXF HTTP client conduit may prevent HTTPClient instances from being garbage collected and it is possible that memory consumption will continue to increase, eventually causing the application to run out of memory | ||||
| CVE-2024-40898 | 3 Apache, Microsoft, Redhat | 3 Http Server, Windows, Jboss Core Services | 2024-11-21 | 7.5 High |
| SSRF in Apache HTTP Server on Windows with mod_rewrite in server/vhost context, allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests. Users are recommended to upgrade to version 2.4.62 which fixes this issue. | ||||
| CVE-2024-40094 | 1 Redhat | 3 Cryostat, Openshift Serverless, Quarkus | 2024-11-21 | 5.3 Medium |
| GraphQL Java (aka graphql-java) before 21.5 does not properly consider ExecutableNormalizedFields (ENFs) as part of preventing denial of service via introspection queries. 20.9 and 19.11 are also fixed versions. | ||||
| CVE-2024-3177 | 1 Redhat | 1 Openshift | 2024-11-21 | 2.7 Low |
| A security issue was discovered in Kubernetes where users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using containers, init containers, and ephemeral containers with the envFrom field populated. The policy ensures pods running with a service account may only reference secrets specified in the service account’s secrets field. Kubernetes clusters are only affected if the ServiceAccount admission plugin and the kubernetes.io/enforce-mountable-secrets annotation are used together with containers, init containers, and ephemeral containers with the envFrom field populated. | ||||
| CVE-2024-39249 | 1 Redhat | 4 Advanced Cluster Security, Openshift Data Foundation, Rhdh and 1 more | 2024-11-21 | 7.5 High |
| Async <= 2.6.4 and <= 3.2.5 are vulnerable to ReDoS (Regular Expression Denial of Service) while parsing function in autoinject function. NOTE: this is disputed by the supplier because there is no realistic threat model: regular expressions are not used with untrusted input. | ||||
| CVE-2024-39008 | 2 Redhat, Robinweser | 2 Rhdh, Fast-loops | 2024-11-21 | 10 Critical |
| robinweser fast-loops v1.1.3 was discovered to contain a prototype pollution via the function objectMergeDeep. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties. | ||||
| CVE-2024-38809 | 2 Redhat, Vmware | 2 Apache Camel Spring Boot, Spring Framework | 2024-11-21 | 5.3 Medium |
| Applications that parse ETags from "If-Match" or "If-None-Match" request headers are vulnerable to DoS attack. Users of affected versions should upgrade to the corresponding fixed version. Users of older, unsupported versions could enforce a size limit on "If-Match" and "If-None-Match" headers, e.g. through a Filter. | ||||
| CVE-2024-37890 | 2 Redhat, Websockets | 3 Openshift Data Foundation, Rhdh, Ws | 2024-11-21 | 7.5 High |
| ws is an open source WebSocket client and server for Node.js. A request with a number of headers exceeding theserver.maxHeadersCount threshold could be used to crash a ws server. The vulnerability was fixed in ws@8.17.1 (e55e510) and backported to ws@7.5.10 (22c2876), ws@6.2.3 (eeb76d3), and ws@5.2.4 (4abd8f6). In vulnerable versions of ws, the issue can be mitigated in the following ways: 1. Reduce the maximum allowed length of the request headers using the --max-http-header-size=size and/or the maxHeaderSize options so that no more headers than the server.maxHeadersCount limit can be sent. 2. Set server.maxHeadersCount to 0 so that no limit is applied. | ||||
| CVE-2024-37298 | 2 Gorillatoolkit, Redhat | 6 Schema, Advanced Cluster Security, Enterprise Linux and 3 more | 2024-11-21 | 7.5 High |
| gorilla/schema converts structs to and from form values. Prior to version 1.4.1 Running `schema.Decoder.Decode()` on a struct that has a field of type `[]struct{...}` opens it up to malicious attacks regarding memory allocations, taking advantage of the sparse slice functionality. Any use of `schema.Decoder.Decode()` on a struct with arrays of other structs could be vulnerable to this memory exhaustion vulnerability. Version 1.4.1 contains a patch for the issue. | ||||
| CVE-2024-36129 | 2 Opentelemetry, Redhat | 5 Configgrpc, Confighttp, Opentelemetry and 2 more | 2024-11-21 | 8.2 High |
| The OpenTelemetry Collector offers a vendor-agnostic implementation on how to receive, process and export telemetry data. An unsafe decompression vulnerability allows unauthenticated attackers to crash the collector via excessive memory consumption. OTel Collector version 0.102.1 fixes this issue. It is also fixed in the confighttp module version 0.102.0 and configgrpc module version 0.102.1. | ||||