Enterprise_linux - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Enterprise_linux
(Redhat)

Repositories

• https://github.com/torvalds/linux
• https://github.com/Perl/perl5
• https://github.com/ceph/ceph
• https://github.com/ClusterLabs/pcs
• https://github.com/mjg59/linux

• https://github.com/opencontainers/runc
• https://github.com/bonzini/qemu
• https://github.com/apache/httpd
• https://github.com/codehaus-plexus/plexus-archiver
• https://github.com/openssh/openssh-portable
• https://github.com/kyz/libmspack
• https://github.com/git/git
• https://github.com/mysql/mysql-server
• https://github.com/neomutt/neomutt
• https://github.com/php/php-src
• https://github.com/vadz/libtiff
• https://github.com/numpy/numpy
• https://github.com/bagder/curl
• https://github.com/ClusterLabs/pacemaker
• https://github.com/hercules-team/augeas

#Vulnerabilities

1618

Date	Id	Summary	Products	Score	Patch	Annotated
2019-11-27	CVE-2012-6655	An issue exists AccountService 0.6.37 in the user_change_password_authorized_cb() function in user.c which could let a local users obtain encrypted passwords.	Accountsservice, Debian_linux, Opensuse, Enterprise_linux	N/A
2019-11-27	CVE-2011-2207	dirmngr before 2.1.0 improperly handles certain system calls, which allows remote attackers to cause a denial of service (DOS) via a specially-crafted certificate.	Debian_linux, Gnupg, Enterprise_linux	N/A
2019-11-25	CVE-2012-5521	quagga (ospf6d) 0.99.21 has a DoS flaw in the way the ospf6d daemon performs routes removal	Debian_linux, Quagga, Enterprise_linux	N/A
2019-11-26	CVE-2011-3632	Hardlink before 0.1.2 operates on full file system objects path names which can allow a local attacker to use this flaw to conduct symlink attacks.	Debian_linux, Hardlink, Enterprise_linux	N/A
2019-11-26	CVE-2011-3631	Hardlink before 0.1.2 has multiple integer overflows leading to heap-based buffer overflows because of the way string lengths concatenation is done in the calculation of the required memory space to be used. A remote attacker could provide a specially-crafted directory tree and trick the local user into consolidating it, leading to hardlink executable crash or potentially arbitrary code execution with user privileges.	Debian_linux, Hardlink, Enterprise_linux	N/A
2019-11-26	CVE-2011-3630	Hardlink before 0.1.2 suffer from multiple stack-based buffer overflow flaws because of the way directory trees with deeply nested directories are processed. A remote attacker could provide a specially-crafted directory tree, and trick the local user into consolidating it, leading to hardlink executable crash, or, potentially arbitrary code execution with the privileges of the user running the hardlink executable.	Debian_linux, Hardlink, Enterprise_linux	N/A
2019-11-25	CVE-2012-5644	libuser has information disclosure when moving user's home directory	Debian_linux, Fedora, Libuser, Enterprise_linux	N/A
2019-11-25	CVE-2012-5630	libuser 0.56 and 0.57 has a TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees.	Fedora, Libuser, Enterprise_linux	N/A
2019-11-15	CVE-2011-2726	An access bypass issue was found in Drupal 7.x before version 7.5. If a Drupal site has the ability to attach File upload fields to any entity type in the system or has the ability to point individual File upload fields to the private file directory in comments, and the parent node is denied access, non-privileged users can still download the file attached to the comment if they know or guess its direct URL.	Debian_linux, Drupal, Fedora, Enterprise_linux	N/A
2019-11-22	CVE-2012-0877	PyXML: Hash table collisions CPU usage Denial of Service	Pyxml, Enterprise_linux, Enterprise_virtualization_hypervisor	N/A