Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Enterprise_linux_server
(Redhat)Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2019-12-24 | CVE-2019-19925 | zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive. | Debian_linux, Cloud_backup, Backports_sle, Leap, Mysql_workbench, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Sinec_infrastructure_network_services, Sqlite, Package_hub | 7.5 | ||
2018-09-04 | CVE-2018-10926 | A flaw was found in RPC request using gfs3_mknod_req supported by glusterfs server. An authenticated attacker could use this flaw to write files to an arbitrary location via path traversal and execute arbitrary code on a glusterfs server node. | Debian_linux, Glusterfs, Leap, Enterprise_linux, Enterprise_linux_server, Virtualization_host | 8.8 | ||
2018-09-04 | CVE-2018-10927 | A flaw was found in RPC request using gfs3_lookup_req in glusterfs server. An authenticated attacker could use this flaw to leak information and execute remote denial of service by crashing gluster brick process. | Debian_linux, Glusterfs, Leap, Enterprise_linux_server, Virtualization_host | 8.1 | ||
2018-09-04 | CVE-2018-10928 | A flaw was found in RPC request using gfs3_symlink_req in glusterfs server which allows symlink destinations to point to file paths outside of the gluster volume. An authenticated attacker could use this flaw to create arbitrary symlinks pointing anywhere on the server and execute arbitrary code on glusterfs server nodes. | Debian_linux, Glusterfs, Leap, Enterprise_linux, Enterprise_linux_server, Gluster_storage, Virtualization_host | 8.8 | ||
2018-09-04 | CVE-2018-10929 | A flaw was found in RPC request using gfs2_create_req in glusterfs server. An authenticated attacker could use this flaw to create arbitrary files and execute arbitrary code on glusterfs server nodes. | Debian_linux, Glusterfs, Leap, Enterprise_linux_server, Virtualization_host | 8.8 | ||
2019-01-16 | CVE-2018-5740 | "deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. Affects BIND 9.7.0->9.8.8, 9.9.0->9.9.13, 9.10.0->9.10.8, 9.11.0->9.11.4, 9.12.0->9.12.2, 9.13.0->9.13.2. | Ubuntu_linux, Debian_linux, Hp\-Ux, Bind, Data_ontap_edge, Leap, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_workstation | 7.5 | ||
2020-01-08 | CVE-2019-17024 | Mozilla developers reported memory safety bugs present in Firefox 71 and Firefox ESR 68.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72. | Ubuntu_linux, Debian_linux, Firefox, Firefox_esr, Leap, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation | 8.8 | ||
2018-10-08 | CVE-2018-1000805 | Paramiko version 2.4.1, 2.3.2, 2.2.3, 2.1.5, 2.0.8, 1.18.5, 1.17.6 contains a Incorrect Access Control vulnerability in SSH server that can result in RCE. This attack appear to be exploitable via network connectivity. | Ubuntu_linux, Debian_linux, Paramiko, Ansible_tower, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Virtualization_host | 8.8 | ||
2006-10-10 | CVE-2006-5170 | pam_ldap in nss_ldap on Red Hat Enterprise Linux 4, Fedora Core 3 and earlier, and possibly other distributions does not return an error condition when an LDAP directory server responds with a PasswordPolicyResponse control response, which causes the pam_authenticate function to return a success code even if authentication has failed, as originally reported for xscreensaver. | Debian_linux, Fedora_core, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_for_ibm_z_systems, Enterprise_linux_for_power_big_endian, Enterprise_linux_server, Enterprise_linux_workstation | N/A | ||
2007-12-18 | CVE-2007-6283 | Red Hat Enterprise Linux 5 and Fedora install the Bind /etc/rndc.key file with world-readable permissions, which allows local users to perform unauthorized named commands, such as causing a denial of service by stopping named. | Centos, Fedora_core, Linux, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_for_ibm_z_systems, Enterprise_linux_for_power_big_endian, Enterprise_linux_server, Enterprise_linux_workstation | N/A |