Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Enterprise_linux_desktop
(Redhat)Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2019-06-12 | CVE-2019-7845 | Adobe Flash Player versions 32.0.0.192 and earlier, 32.0.0.192 and earlier, and 32.0.0.192 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution. | Flash_player, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation | 8.8 | ||
2019-12-18 | CVE-2019-19880 | exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are mishandled. | Debian_linux, Cloud_backup, Backports_sle, Leap, Mysql_workbench, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Sinec_infrastructure_network_services, Sqlite, Package_hub | 7.5 | ||
2019-12-23 | CVE-2019-19926 | multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite() calls. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-19880. | Debian_linux, Cloud_backup, Backports_sle, Leap, Mysql_workbench, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Sinec_infrastructure_network_services, Sqlite, Package_hub | 7.5 | ||
2019-12-24 | CVE-2019-19923 | flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect results). | Debian_linux, Cloud_backup, Backports_sle, Leap, Mysql_workbench, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Sinec_infrastructure_network_services, Sqlite, Package_hub | 7.5 | ||
2019-12-24 | CVE-2019-19925 | zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive. | Debian_linux, Cloud_backup, Backports_sle, Leap, Mysql_workbench, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Sinec_infrastructure_network_services, Sqlite, Package_hub | 7.5 | ||
2019-01-16 | CVE-2018-5740 | "deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. Affects BIND 9.7.0->9.8.8, 9.9.0->9.9.13, 9.10.0->9.10.8, 9.11.0->9.11.4, 9.12.0->9.12.2, 9.13.0->9.13.2. | Ubuntu_linux, Debian_linux, Hp\-Ux, Bind, Data_ontap_edge, Leap, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_workstation | 7.5 | ||
2020-01-08 | CVE-2019-17024 | Mozilla developers reported memory safety bugs present in Firefox 71 and Firefox ESR 68.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72. | Ubuntu_linux, Debian_linux, Firefox, Firefox_esr, Leap, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation | 8.8 | ||
2018-10-08 | CVE-2018-1000805 | Paramiko version 2.4.1, 2.3.2, 2.2.3, 2.1.5, 2.0.8, 1.18.5, 1.17.6 contains a Incorrect Access Control vulnerability in SSH server that can result in RCE. This attack appear to be exploitable via network connectivity. | Ubuntu_linux, Debian_linux, Paramiko, Ansible_tower, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Virtualization_host | 8.8 | ||
2006-10-10 | CVE-2006-5170 | pam_ldap in nss_ldap on Red Hat Enterprise Linux 4, Fedora Core 3 and earlier, and possibly other distributions does not return an error condition when an LDAP directory server responds with a PasswordPolicyResponse control response, which causes the pam_authenticate function to return a success code even if authentication has failed, as originally reported for xscreensaver. | Debian_linux, Fedora_core, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_for_ibm_z_systems, Enterprise_linux_for_power_big_endian, Enterprise_linux_server, Enterprise_linux_workstation | N/A | ||
2007-12-18 | CVE-2007-6283 | Red Hat Enterprise Linux 5 and Fedora install the Bind /etc/rndc.key file with world-readable permissions, which allows local users to perform unauthorized named commands, such as causing a denial of service by stopping named. | Centos, Fedora_core, Linux, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_for_ibm_z_systems, Enterprise_linux_for_power_big_endian, Enterprise_linux_server, Enterprise_linux_workstation | N/A |