Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Enterprise_linux
(Redhat)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-04-10 | CVE-2020-11669 | An issue was discovered in the Linux kernel before 5.2 on the powerpc platform. arch/powerpc/kernel/idle_book3s.S does not have save/restore functionality for PNV_POWERSAVE_AMR, PNV_POWERSAVE_UAMOR, and PNV_POWERSAVE_AMOR, aka CID-53a712bae5dd. | Linux_kernel, Leap, Enterprise_linux | N/A | ||
| 2005-04-27 | CVE-2005-0087 | The alsa-lib package in Red Hat Linux 4 disables stack protection for the libasound.so library, which makes it easier for attackers to execute arbitrary code if there are other vulnerabilities in the library. | Alsa\-Lib, Enterprise_linux | N/A | ||
| 2019-09-11 | CVE-2019-16233 | drivers/scsi/qla2xxx/qla_os.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. | Ubuntu_linux, Linux_kernel, Leap, Enterprise_linux | N/A | ||
| 2019-09-11 | CVE-2019-16231 | drivers/net/fjes/fjes_main.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. | Ubuntu_linux, Linux_kernel, Leap, Enterprise_linux | N/A | ||
| 2018-05-30 | CVE-2018-11235 | In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1, remote code execution can occur. With a crafted .gitmodules file, a malicious project can execute an arbitrary script on a machine that runs "git clone --recurse-submodules" because submodule "names" are obtained from this file, and then appended to $GIT_DIR/modules, leading to directory traversal with "../" in a name. Finally, post-checkout hooks from a submodule are executed,... | Ubuntu_linux, Debian_linux, Git, Git, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_eus, Enterprise_linux_workstation | 7.8 | ||
| 2019-11-18 | CVE-2019-19081 | A memory leak in the nfp_flower_spawn_vnic_reprs() function in drivers/net/ethernet/netronome/nfp/flower/main.c in the Linux kernel before 5.3.4 allows attackers to cause a denial of service (memory consumption), aka CID-8ce39eb5a67a. | Linux_kernel, Leap, Enterprise_linux | N/A | ||
| 2019-09-13 | CVE-2019-15030 | In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via a Facility Unavailable exception. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbegin) and then accesses vector registers. At some point, the vector registers will be corrupted with the values from a different local Linux process because of a missing arch/powerpc/kernel/process.c check. | Ubuntu_linux, Linux_kernel, Leap, Enterprise_linux | N/A | ||
| 2016-10-25 | CVE-2016-1000033 | Shotwell version 0.22.0 (and possibly other versions) is vulnerable to a TLS/SSL certification validation flaw resulting in a potential for man in the middle attacks. | Shotwell, Enterprise_linux | N/A | ||
| 2020-02-17 | CVE-2014-8089 | SQL injection vulnerability in Zend Framework before 1.12.9, 2.2.x before 2.2.8, and 2.3.x before 2.3.3, when using the sqlsrv PHP extension, allows remote attackers to execute arbitrary SQL commands via a null byte. | Fedora, Enterprise_linux, Zend_framework | N/A | ||
| 2020-02-11 | CVE-2009-4067 | Buffer overflow in the auerswald_probe function in the Auerswald Linux USB driver for the Linux kernel before 2.6.27 allows physically proximate attackers to execute arbitrary code, cause a denial of service via a crafted USB device, or take full control of the system. | Linux_kernel, Enterprise_linux | N/A |