|
200041
|
5.3 |
MEDIUM
Local
|
redhat
|
satellite
|
A flaw was found in Red Hat Satellite. The BMC interface exposes the password through the API to an authenticated local attacker with view_hosts permission. The highest threat from this vulnerability…
|
-
|
CVE-2021-20256
|
2024-11-21 14:46 |
2021-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200042
|
6.5 |
MEDIUM
Network
|
redhat
|
3scale_api_management
|
A flaw was found in Red Hat 3scale API Management Platform 2. The 3scale backend does not perform preventive handling on user-requested date ranges in certain queries allowing a malicious authenticat…
|
-
|
CVE-2021-20252
|
2024-11-21 14:46 |
2021-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200043
|
7.8 |
HIGH
Local
|
linux
redhat
|
linux_kernel
enterprise_linux
openshift_container_platform
|
There is a vulnerability in the linux kernel versions higher than 5.2 (if kernel compiled with config params CONFIG_BPF_SYSCALL=y , CONFIG_BPF=y , CONFIG_CGROUPS=y , CONFIG_CGROUP_BPF=y , CONFIG_HARD…
|
-
|
CVE-2021-20194
|
2024-11-21 14:46 |
2021-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200044
|
8.8 |
HIGH
Network
|
redhat
|
openshift_container_platform
|
A privilege escalation flaw was found in openshift4/ose-docker-builder. The build container runs with high privileges using a chrooted environment instead of runc. If an attacker can gain access to t…
|
-
|
CVE-2021-20182
|
2024-11-21 14:46 |
2021-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200045
|
7.4 |
HIGH
Network
|
mbsync_project
debian
fedoraproject
|
mbsync
debian_linux
fedora
extra_packages_for_enterprise_linux
|
A flaw was found in mbsync before v1.3.5 and v1.4.1. Validations of the mailbox names returned by IMAP LIST/LSUB do not occur allowing a malicious or compromised server to use specially crafted mailb…
|
CWE-22
Path Traversal
|
CVE-2021-20247
|
2024-11-21 14:46 |
2021-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200046
|
4.3 |
MEDIUM
Network
|
postgresql
redhat
fedoraproject
|
postgresql
enterprise_linux
software_collections
fedora
|
A flaw was found in PostgreSQL in versions before 13.2. This flaw allows a user with SELECT privilege on one column to craft a special query that returns all columns of the table. The highest threat …
|
-
|
CVE-2021-20229
|
2024-11-21 14:46 |
2021-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200047
|
4.8 |
MEDIUM
Network
|
redhat
netapp
|
undertow
oncommand_workflow_automation
active_iq_unified_manager
|
A flaw was found in Undertow. A regression in the fix for CVE-2020-10687 was found. HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid c…
|
CWE-444
HTTP Request Smuggling
|
CVE-2021-20220
|
2024-11-21 14:46 |
2021-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200048
|
8.1 |
HIGH
Network
|
redhat
|
openshift_installer
|
A flaw was found in the OpenShift Installer before version v0.9.0-master.0.20210125200451-95101da940b0. During installation of OpenShift Container Platform 4 clusters, bootstrap nodes are provisioned…
|
-
|
CVE-2021-20198
|
2024-11-21 14:46 |
2021-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200049
|
7.5 |
HIGH
Network
|
stunnel
|
stunnel
|
A flaw was found in stunnel before 5.57, where it improperly validates client certificates when it is configured to use both redirect and verifyChain options. This flaw allows an attacker with a cert…
|
-
|
CVE-2021-20230
|
2024-11-21 14:46 |
2021-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200050
|
7.8 |
HIGH
Local
|
linux
netapp
|
linux_kernel
cloud_backup
|
A use-after-free flaw was found in the io_uring in Linux kernel, where a local attacker with a user privilege could cause a denial of service problem on the system The issue results from the lack of …
|
-
|
CVE-2021-20226
|
2024-11-21 14:46 |
2021-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
