threat
engine
.sh
Back
·
··:··
Home
/
Product
/
redhat storage
Product
redhat storage
32 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2023-48795
all versions
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attacker
5.9
MEDIUM
CVE-2023-42669
all versions
A vulnerability was found in Samba's "rpcecho" development server, a non-Windows RPC server used to test Samba's DCE/RPC stack ele
6.5
MEDIUM
CVE-2023-3961
all versions
A path traversal vulnerability was identified in Samba when processing client pipe names connecting to Unix domain sockets within
9.1
CRITICAL
CVE-2023-4091
all versions
A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when
6.5
MEDIUM
CVE-2023-3347
all versions
A vulnerability was found in Samba's SMB2 packet signing mechanism. The SMB2 packet signing is not enforced if an admin configured
5.9
MEDIUM
CVE-2023-34968
all versions
A path disclosure vulnerability was found in Samba. As part of the Spotlight protocol, Samba discloses the server-side absolute pa
5.3
MEDIUM
CVE-2022-2447
all versions
A flaw was found in Keystone. There is a time lag (up to one hour in a default configuration) between when security policy says a
6.6
MEDIUM
CVE-2021-3670
all versions
MaxQueryDuration not honoured in Samba AD DC LDAP
6.5
MEDIUM
CVE-2022-26148
all versions
An issue was discovered in Grafana through 7.3.4, when integrated with Zabbix. The Zabbix password can be found in the api_jsonrpc
9.8
CRITICAL
CVE-2021-44141
all versions
All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to determine if a file or direct
4.3
MEDIUM
CVE-2021-20291
< 1.28.1
A deadlock vulnerability was found in 'github.com/containers/storage' in versions before 1.28.1. When a container image is process
6.5
MEDIUM
CVE-2020-14318
all versions
A flaw was found in the way samba handled file and directory permissions. An authenticated user could use this flaw to gain access
4.3
MEDIUM
CVE-2020-10730
all versions
A NULL pointer dereference, or possible use-after-free flaw was found in Samba AD LDAP server in versions before 4.10.17, before 4
6.5
MEDIUM
CVE-2020-10685
all versions
A flaw was found in Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before
5.0
MEDIUM
CVE-2019-14907
all versions
All samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12 and 4.11.x before 4.11.5 have an issue where if it is set with "log
6.5
MEDIUM
CVE-2013-4280
all versions
Insecure temporary file vulnerability in RedHat vsdm 4.9.6.
5.5
MEDIUM
CVE-2014-3470
all versions
The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, w
CVE-2014-0224
all versions
OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec mes
7.4
HIGH
CVE-2014-0221
all versions
The dtls1_get_message_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allow
CVE-2014-0160
all versions
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which
7.5
HIGH
CVE-2012-4406
all versions
OpenStack Object Storage (swift) before 1.7.0 uses the loads function in the pickle Python module unsafely when storing and loadin
9.8
CRITICAL
CVE-2012-0876
all versions
The XML parser (xmlparse.c) in expat before 2.1.0 computes hash values without restricting the ability to trigger hash collisions
CVE-2012-0037
all versions
Redland Raptor (aka libraptor) before 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice before 3.4.6 and 3.5.x before 3.5
6.5
MEDIUM
CVE-2012-1938
all versions
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 13.0, Thunderbird before 13.0, and SeaMonkey
CVE-2012-1798
all versions
The TIFFGetEXIFProperties function in coders/tiff.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of ser
6.5
MEDIUM
CVE-2012-0260
all versions
The JPEGWarningHandler function in coders/jpeg.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of servic
6.5
MEDIUM
CVE-2012-0248
all versions
ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted image
5.5
MEDIUM
CVE-2012-0247
all versions
ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbi
8.8
HIGH
CVE-2012-1823
all versions
sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly
9.8
CRITICAL
CVE-2011-3045
all versions
Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before
8.8
HIGH
CVE-2012-0053
all versions
protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad
CVE-2012-0031
all versions
scoreboard.c in the Apache HTTP Server 2.2.21 and earlier might allow local users to cause a denial of service (daemon crash durin
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin