Vulnerabilities in [UNKNOWN]
240 resultsCVE-2018-10885MEDIUMIn atomic-openshift before version 3.10.9 a malicious network-policy configuration can cause Openshift Routing to crash when using ovs-netwoEPSS 1.6%CVE-2017-2602LOWjenkins before versions 2.44, 2.32.2 is vulnerable to an improper blacklisting of the Pipeline metadata files in the agent-to-master securitEPSS 1.6%CVE-2017-2612MEDIUMIn Jenkins before versions 2.44, 2.32.2 low privilege users were able to override JDK download credentials (SECURITY-392), resulting in futuEPSS 1.6%CVE-2018-10850MEDIUM389-ds-base before versions 1.4.0.10, 1.3.8.3 is vulnerable to a race condition in the way 389-ds-base handles persistent search, resulting EPSS 1.6%CVE-2017-2638MEDIUMIt was found that the REST API in Infinispan before version 9.0.0 did not properly enforce auth constraints. An attacker could use this vulnEPSS 1.6%CVE-2018-10857MEDIUMgit-annex is vulnerable to a private data exposure and exfiltration attack. It could expose the content of files located outside the git-annEPSS 1.5%CVE-2019-14857MEDIUMA flaw was found in mod_auth_openidc before version 2.4.0.1. An open redirect issue exists in URLs with trailing slashes similar to CVE-2019EPSS 1.5%CVE-2016-6328MEDIUMA vulnerability was found in libexif. An integer overflow when parsing the MNOTE entry data of the input file. This can cause Denial-of-ServEPSS 1.5%CVE-2020-1760MEDIUMA flaw was found in the Ceph Object Gateway, where it supports request sent by an anonymous user in Amazon S3. This flaw could lead to potenEPSS 1.5%CVE-2019-14902MEDIUMThere is an issue in all samba 4.11.x versions before 4.11.5, all samba 4.10.x versions before 4.10.12 and all samba 4.9.x versions before 4EPSS 1.5%CVE-2018-16849LOWA flaw was found in openstack-mistral. By manipulating the SSH private key filename, the std.ssh action can be used to disclose the presenceEPSS 1.5%CVE-2018-10852LOWThe UNIX pipe which sudo uses to contact SSSD and read the available sudo rules from SSSD has too wide permissions, which means that anyone EPSS 1.5%CVE-2018-1080HIGHDogtag PKI, through version 10.6.1, has a vulnerability in AAclAuthz.java that, under certain configurations, causes the application of ACL EPSS 1.5%CVE-2017-2610MEDIUMjenkins before versions 2.44, 2.32.2 is vulnerable to a persisted cross-site scripting in search suggestions due to improperly escaping userEPSS 1.5%CVE-2017-2659MEDIUMIt was found that dropbear before version 2013.59 with GSSAPI leaks whether given username is valid or invalid. When an invalid username is EPSS 1.5%CVE-2018-16869MEDIUMA Bleichenbacher type side-channel based padding oracle attack was found in the way nettle handles endian conversion of RSA decrypted PKCS#1EPSS 1.5%CVE-2018-16884MEDIUMA flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bc_EPSS 1.5%CVE-2018-1117MEDIUMovirt-ansible-roles before version 1.0.6 has a vulnerability due to a missing no_log directive, resulting in the 'Add oVirt Provider to ManaEPSS 1.4%CVE-2018-10906MEDIUMIn fuse before versions 2.9.8 and 3.x before 3.2.5, fusermount is vulnerable to a restriction bypass when SELinux is active. This allows nonEPSS 1.4%CVE-2018-1046HIGHpdns before version 4.1.2 is vulnerable to a buffer overflow in dnsreplay. In the dnsreplay tool provided with PowerDNS Authoritative, replaEPSS 1.4%