Enterprise_linux_desktop - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Enterprise_linux_desktop
(Redhat)

Repositories

• https://github.com/torvalds/linux
• https://github.com/krb5/krb5
• https://github.com/ceph/ceph
• https://github.com/libarchive/libarchive
• https://github.com/kyz/libmspack

• https://github.com/LibRaw/LibRaw
• https://github.com/rubygems/rubygems
• https://github.com/madler/zlib
• https://github.com/the-tcpdump-group/tcpdump
• https://github.com/fedora-selinux/setroubleshoot
• https://github.com/mdadams/jasper
• https://github.com/ntp-project/ntp
• https://github.com/neomutt/neomutt
• https://github.com/mm2/Little-CMS
• https://github.com/openbsd/src
• https://github.com/abrt/abrt
• https://github.com/mysql/mysql-server
• git://git.openssl.org/openssl.git
• https://github.com/dajobe/raptor
• https://github.com/qos-ch/slf4j
• https://github.com/uclouvain/openjpeg
• https://github.com/SELinuxProject/selinux
• https://github.com/FreeRDP/FreeRDP
• https://github.com/Perl/perl5
• https://github.com/codehaus-plexus/plexus-archiver
• https://github.com/jpirko/libndp
• https://github.com/candlepin/subscription-manager
• https://github.com/dogtagpki/pki
• https://github.com/szukw000/openjpeg
• https://github.com/rpm-software-management/yum-utils
• https://github.com/sosreport/sos-collector
• https://github.com/requests/requests
• https://github.com/glennrp/libpng
• https://github.com/paramiko/paramiko
• https://github.com/mjg59/linux
• https://github.com/ImageMagick/ImageMagick
• https://github.com/git/git
• https://github.com/karelzak/util-linux
• https://github.com/GNOME/evince
• https://git.savannah.gnu.org/git/patch.git
• https://github.com/UNINETT/mod_auth_mellon
• https://github.com/flori/json
• https://github.com/flatpak/flatpak
• https://github.com/libguestfs/hivex
• https://github.com/vadz/libtiff
• https://github.com/jquery/jquery-ui

#Vulnerabilities

1933

Date	Id	Summary	Products	Score	Patch	Annotated
2018-06-11	CVE-2017-5456	A mechanism to bypass file system access protections in the sandbox using the file system request constructor through an IPC message. This allows for read and write access to the local file system. This vulnerability affects Firefox ESR < 52.1 and Firefox < 53.	Firefox, Firefox_esr, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_workstation	9.8
2018-06-11	CVE-2017-5455	The internal feed reader APIs that crossed the sandbox barrier allowed for a sandbox escape and escalation of privilege if combined with another vulnerability that resulted in remote code execution inside the sandboxed process. This vulnerability affects Firefox ESR < 52.1 and Firefox < 53.	Firefox, Firefox_esr, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_workstation	7.5
2018-06-11	CVE-2017-5405	Certain response codes in FTP connections can result in the use of uninitialized values for ports in FTP operations. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52, and Thunderbird < 45.8.	Debian_linux, Firefox, Firefox_esr, Thunderbird, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_workstation	5.3
2018-06-11	CVE-2017-5390	The JSON viewer in the Developer Tools uses insecure methods to create a communication channel for copying and viewing JSON or HTTP headers data, allowing for potential privilege escalation. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51.	Debian_linux, Firefox, Firefox_esr, Thunderbird, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_workstation	9.8
2018-06-11	CVE-2017-5386	WebExtension scripts can use the "data:" protocol to affect pages loaded by other web extensions using this protocol, leading to potential data disclosure or privilege escalation in affected extensions. This vulnerability affects Firefox ESR < 45.7 and Firefox < 51.	Debian_linux, Firefox, Firefox_esr, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_workstation	7.3
2017-02-12	CVE-2017-3302	Crash in libmysqlclient.so in Oracle MySQL before 5.6.21 and 5.7.x before 5.7.5 and MariaDB through 5.5.54, 10.0.x through 10.0.29, 10.1.x through 10.1.21, and 10.2.x through 10.2.3.	Debian_linux, Mariadb, Mysql, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_workstation	7.5
2019-01-16	CVE-2017-3143	An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name for the zone and service being targeted may be able to manipulate BIND into accepting an unauthorized dynamic update. Affects BIND 9.4.0->9.8.8, 9.9.0->9.9.10-P1, 9.10.0->9.10.5-P1, 9.11.0->9.11.1-P1, 9.9.3-S1->9.9.10-S2, 9.10.5-S1->9.10.5-S2.	Debian_linux, Bind, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation	5.9
2017-10-17	CVE-2017-13088	Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity Group Temporal Key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.	Ubuntu_linux, Debian_linux, Freebsd, Leap, Enterprise_linux_desktop, Enterprise_linux_server, Linux_enterprise_desktop, Linux_enterprise_point_of_sale, Linux_enterprise_server, Openstack_cloud, Hostapd, Wpa_supplicant	5.3
2017-10-17	CVE-2017-13087	Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group Temporal Key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.	Ubuntu_linux, Debian_linux, Freebsd, Leap, Enterprise_linux_desktop, Enterprise_linux_server, Linux_enterprise_desktop, Linux_enterprise_point_of_sale, Linux_enterprise_server, Openstack_cloud, Hostapd, Wpa_supplicant	5.3
2017-10-17	CVE-2017-13086	Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup (TDLS) Peer Key (TPK) during the TDLS handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.	Ubuntu_linux, Debian_linux, Freebsd, Leap, Enterprise_linux_desktop, Enterprise_linux_server, Linux_enterprise_desktop, Linux_enterprise_point_of_sale, Linux_enterprise_server, Openstack_cloud, Hostapd, Wpa_supplicant	6.8