Shodan
Vulnerabilities
Vulnerable Software
Redhat:  Security Vulnerabilities
CVE-2019-14910
A vulnerability was found in keycloak 7.x, when keycloak is configured with LDAP user federation and StartTLS is used instead of SSL/TLS from the LDAP server (ldaps), in this case user authentication succeeds even if invalid password has entered.
CVSS Score
9.3
EPSS Score
0.004
Published
2019-12-05
CVE-2019-14909
A vulnerability was found in Keycloak 7.x where the user federation LDAP bind type is none (LDAP anonymous bind), any password, invalid or valid will be accepted.
CVSS Score
9.3
EPSS Score
0.003
Published
2019-12-04
CVE-2019-13456
In FreeRADIUS 3.0 through 3.0.19, on average 1 in every 2048 EAP-pwd handshakes fails because the password element cannot be found within 10 iterations of the hunting and pecking loop. This leaks information that an attacker can use to recover the password of any user. This information leakage is similar to the "Dragonblood" attack and CVE-2019-9494.
CVSS Score
6.5
EPSS Score
0.002
Published
2019-12-03
CVE-2013-4486
Zanata 3.0.0 through 3.1.2 has RCE due to EL interpolation in logging
CVSS Score
9.8
EPSS Score
0.005
Published
2019-12-03
CVE-2013-4235
shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees
CVSS Score
4.7
EPSS Score
0.001
Published
2019-12-03
CVE-2013-2101
Katello has multiple XSS issues in various entities
CVSS Score
5.4
EPSS Score
0.003
Published
2019-12-03
CVE-2013-2103
OpenShift cartridge allows remote URL retrieval
CVSS Score
8.1
EPSS Score
0.003
Published
2019-12-03
CVE-2012-5562
A flaw was found in rhn-proxy. This vulnerability may allow the rhn-proxy to transmit user credentials in clear-text when it accesses RHN Satellite. This could lead to information disclosure, where sensitive authentication details are exposed to unauthorized parties.
CVSS Score
8.6
EPSS Score
0.006
Published
2019-12-02
CVE-2019-14865
A flaw was found in the grub2-set-bootflag utility of grub2. A local attacker could run this utility under resource pressure (for example by setting RLIMIT), causing grub2 configuration files to be truncated and leaving the system unbootable on subsequent reboots.
CVSS Score
5.9
EPSS Score
0.0
Published
2019-11-29
CVE-2019-19319
In the Linux kernel before 5.2, a setxattr operation, after a mount of a crafted ext4 image, can cause a slab-out-of-bounds write access because of an ext4_xattr_set_entry use-after-free in fs/ext4/xattr.c when a large old_size value is used in a memset call, aka CID-345c0dbf3a30.
CVSS Score
6.5
EPSS Score
0.004
Published
2019-11-27


Products
Pricing
Contact Us

Shodan ® - All rights reserved