Vulnérabilités

Aggrégat CVE / GHSA / KEV / OSV — filtrage par étiquette et catégorie.

KEV

Catégories

Tous 🌐 Web Application 🧭 Browser 🖥️ Operating System 📱 Mobile 🛰️ Network Infrastructure ☁️ Cloud / Container 📝 CMS / Site Builder 🗄️ Database / Storage 🔐 Auth / Identity 🔑 Cryptography 🛠️ DevOps / CI-CD 🤖 AI / ML 🔌 IoT / Embedded 🧩 Hardware / Firmware 🏢 Enterprise SaaS 🧰 Developer Tooling ☠️ Malicious Package 📦 Other

Groupes d'étiquettes

Tous 💬 Programming Languages 22 🧱 Web Frameworks 29 📱 Mobile Platforms 6 🤖 AI/ML Frameworks 11 🖥️ Web Servers 9 🗄️ Databases 13 📝 CMS 9 ☁️ Cloud Platforms 11 📦 Container Tech 12 🖥️ Operating Systems 15 ⚔️ Attack Types 25 🧬 CWE 185 🏢 Vendors 581 📦 Products 666 🌳 Package Ecosystems 24 🛠️ DevOps Tools 17 📡 Protocols 15

Étiquettes populaires (Top 40)

Rootio Linux419 Microsoft386 C237 Java183 Jre178 Java Min178 Bitnami178 Windows177 Rootdebian11175 Rootdebian12151 Linux130 Cwe 20125 Cwe 78120 Linux Kernel106 Cwe 787105 Apple99 Cwe 41699 Cwe 2296 Rootdebian1393 Cwe 11990 Cisco89 Denial of Service85 Cwe 9484 Multiple Products79 Adobe78 Google77 Cwe 50270 Cwe 7966 Cwe 8954 Apache47 Cwe 91844 Cwe 28443 Oracle42 Cwe 28741 JavaScript41 PHP41 Cwe 7740 Chromium V838 Cwe 30638 Cwe 84337

Filtre actif : Étiquette : enterprise-linux Effacer

ID	Titre	Gravité	Étiquettes	Détecté
CVE-2026-31431 KEV	[KEV] Vulnérabilité dans Linux redhat (CVE-2026-31431) vulnérabilité dans Linux redhat (CVE-2026-31431). L'exploitation peut entraîner la prise de contrôle totale du système. Inscrit au CISA KEV — exploitation active confirmée.	High	Cwe 669 Linux Linux Kernel Redhat +71	il y a 1 semaine
CVE-2026-3832	Vulnérabilité dans gnu (CVE-2026-3832) vulnérabilité dans gnu (CVE-2026-3832). Risque d'opérations non autorisées ou de divulgation.	Low	Cwe 179 Gnu Gnutls Redhat +3	il y a 1 semaine
CVE-2026-5201	Vulnérabilité dans dos (CVE-2026-5201) vulnérabilité dans dos (CVE-2026-5201). Risque d'opérations non autorisées ou de divulgation.	High	Denial of Service Cwe 122 Gnome Gdk Pixbuf +4	il y a 1 mois
CVE-2026-5119	Vulnérabilité dans gnome (CVE-2026-5119) vulnérabilité dans gnome (CVE-2026-5119). Des informations confidentielles peuvent être exposées.	Medium	Cwe 319 Gnome Libsoup Redhat +1	il y a 1 mois
CVE-2026-5121	Vulnérabilité dans libarchive (CVE-2026-5121) vulnérabilité dans libarchive (CVE-2026-5121). Des informations confidentielles peuvent être exposées.	High	Cwe 190 Libarchive Redhat Hardened Images +2	il y a 1 mois
CVE-2026-0966	Vulnérabilité dans dos (CVE-2026-0966) vulnérabilité dans dos (CVE-2026-0966). Risque d'opérations non autorisées ou de divulgation.	High	Denial of Service Cwe 124 Libssh Redhat +3	il y a 1 mois
CVE-2026-4775	Vulnérabilité dans dos (CVE-2026-4775) vulnérabilité dans dos (CVE-2026-4775). L'exploitation peut entraîner la prise de contrôle totale du système.	High	Denial of Service Cwe 190 Libtiff Redhat +4	il y a 1 mois
CVE-2026-4424	Lecture hors limites dans libarchive (CVE-2026-4424) vulnérabilité dans libarchive (CVE-2026-4424). Des informations confidentielles peuvent être exposées.	High	Cwe 125 Libarchive Redhat Hardened Images +5	il y a 1 mois
CVE-2026-4271	Use-After-Free dans dos (CVE-2026-4271) vulnérabilité dans dos (CVE-2026-4271). Risque d'opérations non autorisées ou de divulgation.	Medium	Denial of Service Cwe 416 Gnome Libsoup +2	il y a 1 mois
CVE-2025-14512	Vulnérabilité dans dos (CVE-2025-14512) vulnérabilité dans dos (CVE-2025-14512). Risque d'opérations non autorisées ou de divulgation.	Medium	Denial of Service Cwe 190 Gnome Glib +3	il y a 5 mois
CVE-2025-14087	Vulnérabilité dans dos (CVE-2025-14087) vulnérabilité dans dos (CVE-2025-14087). L'exploitation peut entraîner la prise de contrôle totale du système.	Medium	Denial of Service Cwe 190 Gnome Glib +2	il y a 5 mois
CVE-2025-32988	Vulnérabilité dans dos (CVE-2025-32988) vulnérabilité dans dos (CVE-2025-32988). Risque d'opérations non autorisées ou de divulgation.	Medium	Denial of Service Cwe 415 Gnu Gnutls +3	il y a 10 mois
CVE-2025-32989	Vulnérabilité dans gnu (CVE-2025-32989) vulnérabilité dans gnu (CVE-2025-32989). Risque d'opérations non autorisées ou de divulgation.	Medium	Cwe 295 Gnu Gnutls Redhat +2	il y a 10 mois
CVE-2025-6021	Vulnérabilité dans dos (CVE-2025-6021) vulnérabilité dans dos (CVE-2025-6021). Risque d'opérations non autorisées ou de divulgation.	High	Denial of Service Cwe 787 Xmlsoft Libxml2 +20	il y a 11 mois
CVE-2025-4598	Vulnérabilité dans systemd-project (CVE-2025-4598) vulnérabilité dans systemd-project (CVE-2025-4598). Des informations confidentielles peuvent être exposées.	Medium	Cwe 364 Systemd Project Systemd Redhat +7	il y a 11 mois
CVE-2025-26465	Vulnérabilité dans openbsd (CVE-2025-26465) vulnérabilité dans openbsd (CVE-2025-26465). Des informations confidentielles peuvent être exposées.	Medium	Cwe 390 OpenBSD Openssh Netapp +7	il y a 1 an
CVE-2024-6387	Vulnérabilité dans sonicwall (CVE-2024-6387) vulnérabilité dans sonicwall (CVE-2024-6387). L'exploitation peut entraîner la prise de contrôle totale du système.	High	Cwe 364 Cwe 362 Sonicwall Sma 6200 Firmware +89	il y a 1 an
CVE-2023-50781	Vulnérabilité dans redhat (CVE-2023-50781) vulnérabilité dans redhat (CVE-2023-50781). Des informations confidentielles peuvent être exposées.	High	Cwe 203 Redhat Enterprise Linux Update Infrastructure +2	il y a 2 ans
CVE-2023-52356	Vulnérabilité dans dos (CVE-2023-52356) vulnérabilité dans dos (CVE-2023-52356). Risque d'opérations non autorisées ou de divulgation.	High	Denial of Service Cwe 122 Cwe 787 Libtiff +2	il y a 2 ans
CVE-2023-48795	Vulnérabilité dans russh (CVE-2023-48795) vulnérabilité dans russh (CVE-2023-48795). Les données peuvent être altérées par des attaquants. Atténuation : mise à jour vers `0.40.2` ou plus.	Medium	JavaScript Java Go Ruby +100	il y a 2 ans
CVE-2023-4911 KEV	[KEV] Vulnérabilité dans Gnu c (CVE-2023-4911) vulnérabilité dans Gnu c (CVE-2023-4911). L'exploitation peut entraîner la prise de contrôle totale du système. Inscrit au CISA KEV — exploitation active confirmée.	High	Gnu Gnu C Library Cwe 122 C +56	il y a 2 ans
CVE-2023-6121	Lecture hors limites dans redhat (CVE-2023-6121) vulnérabilité dans redhat (CVE-2023-6121). Risque d'opérations non autorisées ou de divulgation.	Medium	Cwe 125 Redhat Enterprise Linux	il y a 2 ans
CVE-2023-44487 KEV	[KEV] Vulnérabilité dans Ietf golang.org/x/net (CVE-2023-44487) vulnérabilité dans Ietf golang.org/x/net (CVE-2023-44487). Risque d'opérations non autorisées ou de divulgation. Exploitable via ``Channel``. Inscrit au CISA KEV — exploitation active confirmée. Atténuation : mise à jour vers `0.17.0` ou plus.	High	Ietf Http2 Cwe 400 Denial of Service +342	il y a 2 ans
CVE-2023-4806	Use-After-Free dans gnu (CVE-2023-4806) vulnérabilité dans gnu (CVE-2023-4806). Risque d'opérations non autorisées ou de divulgation.	Medium	Cwe 416 Gnu Glibc Redhat +22	il y a 2 ans
CVE-2023-4527	Vulnérabilité dans gnu (CVE-2023-4527) vulnérabilité dans gnu (CVE-2023-4527). Risque d'opérations non autorisées ou de divulgation.	Medium	Cwe 121 Cwe 125 Gnu Glibc +34	il y a 2 ans
CVE-2023-3019	Use-After-Free dans dos (CVE-2023-3019) vulnérabilité dans dos (CVE-2023-3019). Risque d'opérations non autorisées ou de divulgation.	Medium	Denial of Service Cwe 416 Qemu Redhat +1	il y a 2 ans
CVE-2023-1652	Use-After-Free dans c (CVE-2023-1652) vulnérabilité dans c (CVE-2023-1652). Des informations confidentielles peuvent être exposées.	High	C Cwe 416 Linux Linux Kernel +2	il y a 3 ans
CVE-2017-15102	The tower_probe function in drivers/usb/misc/legousbtower.c in the Linux kernel before 4.8.1 allows local users (who are physically proximate for inserting a crafted USB device) to gain privileges by... The tower_probe function in drivers/usb/misc/legousbtower.c in the Linux kernel before 4.8.1 allows local users (who are physically proximate for inserting a crafted USB device) to gain privileges by leveraging a write-what-where condition that occurs after a race condition and a NULL pointer derefe...	Medium	C Cwe 476 Linux Linux Kernel +4	il y a 8 ans
CVE-2016-8610	A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote... A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to...	High	Denial of Service Cwe 400 Openssl Debian +57	il y a 8 ans
CVE-2017-15087	It was discovered that the fix for CVE-2017-12163 was not properly shipped in erratum RHSA-2017:2858 for Red Hat Gluster Storage 3.3 for RHEL 6. It was discovered that the fix for CVE-2017-12163 was not properly shipped in erratum RHSA-2017:2858 for Red Hat Gluster Storage 3.3 for RHEL 6.	High	Cwe 200 Redhat Gluster Storage Enterprise Linux	il y a 8 ans
CVE-2017-15086	It was discovered that the fix for CVE-2017-12151 was not properly shipped in erratum RHSA-2017:2858 for Red Hat Gluster Storage 3.3 for RHEL 6. It was discovered that the fix for CVE-2017-12151 was not properly shipped in erratum RHSA-2017:2858 for Red Hat Gluster Storage 3.3 for RHEL 6.	High	Cwe 300 Redhat Gluster Storage Enterprise Linux	il y a 8 ans
CVE-2017-15085	It was discovered that the fix for CVE-2017-12150 was not properly shipped in erratum RHSA-2017:2858 for Red Hat Gluster Storage 3.3 for RHEL 6. It was discovered that the fix for CVE-2017-12150 was not properly shipped in erratum RHSA-2017:2858 for Red Hat Gluster Storage 3.3 for RHEL 6.	Medium	Cwe 300 Cwe 200 Redhat Gluster Storage +1	il y a 8 ans
CVE-2017-1000111	Linux kernel: heap out-of-bounds in AF_PACKET sockets. This new issue is analogous to previously disclosed CVE-2016-8655. In both cases, a socket option that changes socket state may race with safety... Linux kernel: heap out-of-bounds in AF_PACKET sockets. This new issue is analogous to previously disclosed CVE-2016-8655. In both cases, a socket option that changes socket state may race with safety checks in packet_set_ring. Previously with PACKET_VERSION. This time with PACKET_RESERVE. The soluti...	High	Cwe 787 Linux Linux Kernel Redhat +9	il y a 8 ans
CVE-2015-7837	The Linux kernel, as used in Red Hat Enterprise Linux 7, kernel-rt, and Enterprise MRG 2 and when booted with UEFI Secure Boot enabled, allows local users to bypass intended securelevel/secureboot res... The Linux kernel, as used in Red Hat Enterprise Linux 7, kernel-rt, and Enterprise MRG 2 and when booted with UEFI Secure Boot enabled, allows local users to bypass intended securelevel/secureboot restrictions by leveraging improper handling of secure_boot flag across kexec reboot.	Medium	Cwe 254 Redhat Enterprise Linux Enterprise Linux Desktop +4	il y a 8 ans
CVE-2015-7553	Race condition in the kernel in Red Hat Enterprise Linux 7, kernel-rt and Red Hat Enterprise MRG 2, when the nfnetlink_log module is loaded, allows local users to cause a denial of service (panic) by... Race condition in the kernel in Red Hat Enterprise Linux 7, kernel-rt and Red Hat Enterprise MRG 2, when the nfnetlink_log module is loaded, allows local users to cause a denial of service (panic) by creating netlink sockets.	Medium	Denial of Service Cwe 362 Redhat Enterprise Linux +2	il y a 8 ans
CVE-2017-10661	Race condition in fs/timerfd.c in the Linux kernel before 4.10.15 allows local users to gain privileges or cause a denial of service (list corruption or use-after-free) via simultaneous file-descripto... Race condition in fs/timerfd.c in the Linux kernel before 4.10.15 allows local users to gain privileges or cause a denial of service (list corruption or use-after-free) via simultaneous file-descriptor operations that leverage improper might_cancel queueing.	High	C Denial of Service Cwe 416 Linux +8	il y a 8 ans
CVE-2017-3106	Adobe Flash Player versions 26.0.0.137 and earlier have an exploitable type confusion vulnerability when parsing SWF files. Successful exploitation could lead to arbitrary code execution. Adobe Flash Player versions 26.0.0.137 and earlier have an exploitable type confusion vulnerability when parsing SWF files. Successful exploitation could lead to arbitrary code execution.	High	Cwe 704 Redhat Enterprise Linux Enterprise Linux Desktop +14	il y a 8 ans
CVE-2017-3085	Adobe Flash Player versions 26.0.0.137 and earlier have a security bypass vulnerability that leads to information disclosure when performing URL redirect. Adobe Flash Player versions 26.0.0.137 and earlier have a security bypass vulnerability that leads to information disclosure when performing URL redirect.	High	Cwe 601 Adobe Flash Player Desktop Runtime Apple +14	il y a 8 ans
CVE-2014-0143	Multiple integer overflows in the block drivers in QEMU, possibly before 2.0.0, allow local users to cause a denial of service (crash) via a crafted catalog size in (1) the parallels_open function in... Multiple integer overflows in the block drivers in QEMU, possibly before 2.0.0, allow local users to cause a denial of service (crash) via a crafted catalog size in (1) the parallels_open function in block/parallels.c or (2) bochs_open function in bochs.c, a large L1 table in the (3) qcow2_snapshot_...	High	C Denial of Service Cwe 190 Redhat +2	il y a 8 ans
CVE-2017-10664	qemu-nbd in QEMU (aka Quick Emulator) does not ignore SIGPIPE, which allows remote attackers to cause a denial of service (daemon crash) by disconnecting during a server-to-client reply attempt. qemu-nbd in QEMU (aka Quick Emulator) does not ignore SIGPIPE, which allows remote attackers to cause a denial of service (daemon crash) by disconnecting during a server-to-client reply attempt.	High	Denial of Service Qemu Debian Debian Linux +10	il y a 8 ans
CVE-2016-8743	Apache HTTP Server, in all releases prior to 2.2.32 and 2.4.25, was liberal in the whitespace accepted from requests and sent in response lines and headers. Accepting these different behaviors represe... Apache HTTP Server, in all releases prior to 2.2.32 and 2.4.25, was liberal in the whitespace accepted from requests and sent in response lines and headers. Accepting these different behaviors represented a security concern when httpd participates in any chain of proxies or interacts with back-end a...	High	Apache Http Server Netapp Clustered Data Ontap +12	il y a 8 ans
CVE-2015-4035	scripts/xzgrep.in in xzgrep 5.2.x before 5.2.0, before 5.0.0 does not properly process file names containing semicolons, which allows remote attackers to execute arbitrary code by having a user run xz... scripts/xzgrep.in in xzgrep 5.2.x before 5.2.0, before 5.0.0 does not properly process file names containing semicolons, which allows remote attackers to execute arbitrary code by having a user run xzgrep on a crafted file name.	High	Cwe 20 Tukaani Xz Redhat +1	il y a 8 ans
CVE-2017-7980	Heap-based buffer overflow in Cirrus CLGD 54xx VGA Emulator in Quick Emulator (Qemu) 2.8 and earlier allows local guest OS users to execute arbitrary code or cause a denial of service (crash) via vect... Heap-based buffer overflow in Cirrus CLGD 54xx VGA Emulator in Quick Emulator (Qemu) 2.8 and earlier allows local guest OS users to execute arbitrary code or cause a denial of service (crash) via vectors related to a VNC client updating its display after a VGA operation.	High	Denial of Service Cwe 119 Qemu Canonical +13	il y a 8 ans
CVE-2016-4984	/usr/libexec/openldap/generate-server-cert.sh in openldap-servers sets weak permissions for the TLS certificate, which allows local users to obtain the TLS certificate by leveraging a race condition b... /usr/libexec/openldap/generate-server-cert.sh in openldap-servers sets weak permissions for the TLS certificate, which allows local users to obtain the TLS certificate by leveraging a race condition between the creation of the certificate, and the chmod to protect it.	Medium	Cwe 362 Openldap Openldap Servers Redhat +1	il y a 8 ans
CVE-2016-6312	The mod_dontdothat component of the mod_dav_svn Apache module in Subversion as packaged in Red Hat Enterprise Linux 5.11 does not properly detect recursion during entity expansion, which allows remote... The mod_dontdothat component of the mod_dav_svn Apache module in Subversion as packaged in Red Hat Enterprise Linux 5.11 does not properly detect recursion during entity expansion, which allows remote authenticated users with access to the webdav repository to cause a denial of service (memory consu...	Medium	Apache Denial of Service Cwe 400 Redhat +1	il y a 8 ans
CVE-2017-9788	In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assig... In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by mod_auth_digest. Providing an initial key with no '=' assignment could reflect the stale v...	Critical	Apache Denial of Service Cwe 20 Cwe 200 +21	il y a 8 ans
CVE-2015-1795	Red Hat Gluster Storage RPM Package 3.2 allows local users to gain privileges and execute arbitrary code as root. Red Hat Gluster Storage RPM Package 3.2 allows local users to gain privileges and execute arbitrary code as root.	High	Cwe 264 Redhat Gluster Storage Enterprise Linux	il y a 8 ans
CVE-2017-9953	There is an invalid free in Image::printIFDStructure that leads to a Segmentation fault in Exiv2 0.26. A crafted input will lead to a remote denial of service attack. There is an invalid free in Image::printIFDStructure that leads to a Segmentation fault in Exiv2 0.26. A crafted input will lead to a remote denial of service attack.	High	Denial of Service Cwe 416 Exiv2 Redhat +1	il y a 8 ans
CVE-2017-3167	In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being... In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed.	Critical	Apache Cwe 287 Http Server Netapp +18	il y a 8 ans
CVE-2017-1000366	glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note... glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening changes have been made to glibc to prevent manipulation of stack and heap...	High	Cwe 119 Redhat Enterprise Linux Enterprise Linux Desktop +25	il y a 8 ans

Vulnérabilités

🍪 À propos des cookies