Product:

Enterprise_linux_server_aus

(Redhat)
Date Id Summary Products Score Patch Annotated
2018-01-23 CVE-2018-5950 Cross-site scripting (XSS) vulnerability in the web UI in Mailman before 2.1.26 allows remote attackers to inject arbitrary web script or HTML via a user-options URL. Ubuntu_linux, Debian_linux, Mailman, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation 6.1
2019-03-08 CVE-2019-9636 Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: Improper Handling of Unicode Encoding (with an incorrect netloc) during NFKC normalization. The impact is: Information disclosure (credentials, cookies, etc. that are cached against a given hostname). The components are: urllib.parse.urlsplit, urllib.parse.urlparse. The attack vector is: A specially crafted URL could be incorrectly parsed to locate cookies or authentication data and send that information to a different host... Fedora, Leap, Python, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation 9.8
2014-09-30 CVE-2014-6055 Multiple stack-based buffer overflows in the File Transfer feature in rfbserver.c in LibVNCServer 0.9.9 and earlier allow remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a (1) long file or (2) directory name or the (3) FileTime attribute in a rfbFileTransferOffer message. Debian_linux, Fedora, Libvncserver, Enterprise_linux_server_aus, Enterprise_linux_server_eus N/A
2014-09-30 CVE-2014-6051 Integer overflow in the MallocFrameBuffer function in vncviewer.c in LibVNCServer 0.9.9 and earlier allows remote VNC servers to cause a denial of service (crash) and possibly execute arbitrary code via an advertisement for a large screen size, which triggers a heap-based buffer overflow. Debian_linux, Fedora, Libvncserver, Solaris, Enterprise_linux_server_aus, Enterprise_linux_server_eus N/A
2018-02-19 CVE-2018-7225 An issue was discovered in LibVNCServer through 0.9.11. rfbProcessClientNormalMessage() in rfbserver.c does not sanitize msg.cct.length, leading to access to uninitialized and potentially sensitive data or possibly unspecified other impact (e.g., an integer overflow) via specially crafted VNC packets. Ubuntu_linux, Debian_linux, Libvncserver, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation 9.8
2018-12-19 CVE-2018-15127 LibVNC before commit 502821828ed00b4a2c4bef90683d0fd88ce495de contains heap out-of-bound write vulnerability in server code of file transfer extension that can result remote code execution Ubuntu_linux, Debian_linux, Libvncserver, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation 9.8
2017-09-14 CVE-2017-12987 The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_11.c:parse_elements(). Debian_linux, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Tcpdump 9.8
2017-09-14 CVE-2017-12902 The Zephyr parser in tcpdump before 4.9.2 has a buffer over-read in print-zephyr.c, several functions. Debian_linux, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Tcpdump 9.8
2017-09-14 CVE-2017-12899 The DECnet parser in tcpdump before 4.9.2 has a buffer over-read in print-decnet.c:decnet_print(). Debian_linux, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Tcpdump 9.8
2017-09-14 CVE-2017-12896 The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:isakmp_rfc3948_print(). Debian_linux, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Tcpdump 9.8