Product:

Enterprise_linux

(Redhat)
Date ID Summary Products Score Patch
2019-11-27 CVE-2019-14896 A heap-based buffer overflow vulnerability was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. A remote attacker could cause a denial of service (system crash) or, possibly execute arbitrary code, when the lbs_ibss_join_existing function is called after a STA connects to an AP. Fedora, Linux_kernel, Enterprise_linux N/A
2019-11-26 CVE-2011-3632 Hardlink before 0.1.2 operates on full file system objects path names which can allow a local attacker to use this flaw to conduct symlink attacks. Debian_linux, Hardlink, Enterprise_linux N/A
2019-11-26 CVE-2011-3631 Hardlink before 0.1.2 has multiple integer overflows leading to heap-based buffer overflows because of the way string lengths concatenation is done in the calculation of the required memory space to be used. A remote attacker could provide a specially-crafted directory tree and trick the local user into consolidating it, leading to hardlink executable crash or potentially arbitrary code execution with user privileges. Debian_linux, Hardlink, Enterprise_linux N/A
2019-11-26 CVE-2011-3630 Hardlink before 0.1.2 suffer from multiple stack-based buffer overflow flaws because of the way directory trees with deeply nested directories are processed. A remote attacker could provide a specially-crafted directory tree, and trick the local user into consolidating it, leading to hardlink executable crash, or, potentially arbitrary code execution with the privileges of the user running the hardlink executable. Debian_linux, Hardlink, Enterprise_linux N/A
2019-11-25 CVE-2019-14822 A flaw was discovered in ibus that allows any unprivileged user to monitor and send method calls to the ibus bus of another user due to a misconfiguration in the DBus server setup. A local attacker may use this flaw to intercept all keystrokes of a victim user who is using the graphical interface, change the input method engine, or modify other input related configurations of the victim user. Ibus, Enterprise_linux N/A
2019-11-25 CVE-2019-14815 A vulnerability was found in Linux Kernel, where a Heap Overflow was found in mwifiex_set_wmm_params() function of Marvell Wifi Driver. Linux_kernel, Enterprise_linux N/A
2019-11-25 CVE-2012-5644 libuser has information disclosure when moving user's home directory Debian_linux, Fedora, Libuser, Enterprise_linux N/A
2019-11-25 CVE-2012-5630 libuser 0.56 and 0.57 has a TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees. Fedora, Libuser, Enterprise_linux N/A
2019-11-15 CVE-2011-2726 An access bypass issue was found in Drupal 7.x before version 7.5. If a Drupal site has the ability to attach File upload fields to any entity type in the system or has the ability to point individual File upload fields to the private file directory in comments, and the parent node is denied access, non-privileged users can still download the file attached to the comment if they know or guess its direct URL. Debian_linux, Drupal, Fedora, Enterprise_linux N/A
2019-11-22 CVE-2012-0877 PyXML: Hash table collisions CPU usage Denial of Service Pyxml, Enterprise_linux, Enterprise_virtualization_hypervisor N/A