Enterprise_linux_desktop - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Enterprise_linux_desktop
(Redhat)

Repositories

• https://github.com/torvalds/linux
• https://github.com/krb5/krb5
• https://github.com/ceph/ceph
• https://github.com/libarchive/libarchive
• https://github.com/kyz/libmspack

• https://github.com/LibRaw/LibRaw
• https://github.com/rubygems/rubygems
• https://github.com/madler/zlib
• https://github.com/the-tcpdump-group/tcpdump
• https://github.com/fedora-selinux/setroubleshoot
• https://github.com/mdadams/jasper
• https://github.com/ntp-project/ntp
• https://github.com/neomutt/neomutt
• https://github.com/mm2/Little-CMS
• https://github.com/openbsd/src
• https://github.com/abrt/abrt
• https://github.com/mysql/mysql-server
• git://git.openssl.org/openssl.git
• https://github.com/dajobe/raptor
• https://github.com/qos-ch/slf4j
• https://github.com/uclouvain/openjpeg
• https://github.com/SELinuxProject/selinux
• https://github.com/FreeRDP/FreeRDP
• https://github.com/Perl/perl5
• https://github.com/codehaus-plexus/plexus-archiver
• https://github.com/jpirko/libndp
• https://github.com/candlepin/subscription-manager
• https://github.com/dogtagpki/pki
• https://github.com/szukw000/openjpeg
• https://github.com/rpm-software-management/yum-utils
• https://github.com/sosreport/sos-collector
• https://github.com/requests/requests
• https://github.com/glennrp/libpng
• https://github.com/paramiko/paramiko
• https://github.com/mjg59/linux
• https://github.com/ImageMagick/ImageMagick
• https://github.com/git/git
• https://github.com/karelzak/util-linux
• https://github.com/GNOME/evince
• https://git.savannah.gnu.org/git/patch.git
• https://github.com/UNINETT/mod_auth_mellon
• https://github.com/flori/json
• https://github.com/flatpak/flatpak
• https://github.com/libguestfs/hivex
• https://github.com/vadz/libtiff
• https://github.com/jquery/jquery-ui

#Vulnerabilities

1933

Date	Id	Summary	Products	Score	Patch	Annotated
2018-07-10	CVE-2018-1128	It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Any attacker having access to ceph cluster network who is able to sniff packets on network can use this vulnerability to authenticate with ceph service and perform actions allowed by ceph service. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable.	Ceph, Ceph_storage, Ceph_storage_mon, Ceph_storage_osd, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation	7.5
2018-03-07	CVE-2018-7740	The resv_map_release function in mm/hugetlb.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (BUG) via a crafted application that makes mmap system calls and has a large pgoff argument to the remap_file_pages system call.	Ubuntu_linux, Debian_linux, Linux_kernel, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Virtualization_host	5.5
2018-02-27	CVE-2018-7549	In params.c in zsh through 5.4.2, there is a crash during a copy of an empty hash table, as demonstrated by typeset -p.	Ubuntu_linux, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Zsh	7.5
2018-02-12	CVE-2018-6927	The futex_requeue function in kernel/futex.c in the Linux kernel before 4.14.15 might allow attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact by triggering a negative wake or requeue value.	Ubuntu_linux, Debian_linux, Linux_kernel, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Virtualization_host	7.8
2018-02-09	CVE-2018-6871	LibreOffice before 5.4.5 and 6.x before 6.0.1 allows remote attackers to read arbitrary files via =WEBSERVICE calls in a document, which use the COM.MICROSOFT.WEBSERVICE function.	Ubuntu_linux, Debian_linux, Libreoffice, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation	9.8
2018-02-23	CVE-2018-6764	util/virlog.c in libvirt does not properly determine the hostname on LXC container startup, which allows local guest OS users to bypass an intended container protection mechanism and execute arbitrary commands via a crafted NSS module.	Ubuntu_linux, Debian_linux, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Libvirt, Virtualization	7.8
2018-02-02	CVE-2018-6560	In dbus-proxy/flatpak-proxy.c in Flatpak before 0.8.9, and 0.9.x and 0.10.x before 0.10.3, crafted D-Bus messages to the host can be used to break out of the sandbox, because whitespace handling in the proxy is not identical to whitespace handling in the daemon.	Flatpak, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation	8.8
2018-12-07	CVE-2018-5806	An error within the "leaf_hdr_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to trigger a NULL pointer dereference.	Libraw, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation	6.5
2018-06-12	CVE-2018-5803	In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4.1.51, and 3.2.102, an error in the "_sctp_make_chunk()" function (net/sctp/sm_make_chunk.c) when handling SCTP packets length can be exploited to cause a kernel crash.	Debian_linux, Linux_kernel, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Virtualization_host	5.5
2018-12-07	CVE-2018-5801	An error within the "LibRaw::unpack()" function (src/libraw_cxx.cpp) in LibRaw versions prior to 0.18.7 can be exploited to trigger a NULL pointer dereference.	Ubuntu_linux, Debian_linux, Libraw, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation	6.5