Shodan
Vulnerabilities
Vulnerable Software
Redhat:  Security Vulnerabilities
CVE-2018-10868
redhat-certification 7 does not properly restrict the number of recursive definitions of entities in XML documents, allowing an unauthenticated user to run a "Billion Laugh Attack" by replying to XMLRPC methods when getting the status of an host.
CVSS Score
7.5
EPSS Score
0.012
Published
2021-05-26
CVE-2021-20486
IBM Cloud Pak for Data 3.0 could allow an authenticated user to obtain sensitive information when installed with additional plugins. IBM X-Force ID: 197668.
CVSS Score
5.3
EPSS Score
0.002
Published
2021-05-26
CVE-2021-20178
A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.
CVSS Score
5.5
EPSS Score
0.0
Published
2021-05-26
CVE-2019-14836
A vulnerability was found that the 3scale dev portal does not employ mechanisms for protection against login CSRF. An attacker could use this flaw to access unauthorized information or conduct further attacks.
CVSS Score
8.8
EPSS Score
0.003
Published
2021-05-26
CVE-2021-3559
A flaw was found in libvirt in the virConnectListAllNodeDevices API in versions before 7.0.0. It only affects hosts with a PCI device and driver that supports mediated devices (e.g., GRID driver). This flaw could be used by an unprivileged client with a read-only connection to crash the libvirt daemon by executing the 'nodedev-list' virsh command. The highest threat from this vulnerability is to system availability.
CVSS Score
6.5
EPSS Score
0.004
Published
2021-05-24
CVE-2018-25009
A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in GetLE16().
CVSS Score
9.1
EPSS Score
0.004
Published
2021-05-21
CVE-2018-25010
A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in ApplyFilter().
CVSS Score
9.1
EPSS Score
0.005
Published
2021-05-21
CVE-2018-25011
A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in PutLE16().
CVSS Score
9.8
EPSS Score
0.004
Published
2021-05-21
CVE-2018-25012
A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in GetLE24().
CVSS Score
9.1
EPSS Score
0.006
Published
2021-05-21
CVE-2018-25013
A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in ShiftBytes().
CVSS Score
9.1
EPSS Score
0.001
Published
2021-05-21


Products
Pricing
Contact Us

Shodan ® - All rights reserved