Enterprise_linux_server_tus - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Enterprise_linux_server_tus
(Redhat)

Repositories

• https://github.com/torvalds/linux
• https://github.com/rubygems/rubygems
• https://github.com/krb5/krb5
• https://github.com/neomutt/neomutt
• https://github.com/mdadams/jasper

• https://github.com/golang/go
• git://git.openssl.org/openssl.git
• https://github.com/apache/httpd
• https://github.com/mm2/Little-CMS
• https://github.com/qos-ch/slf4j
• https://github.com/uclouvain/openjpeg
• https://github.com/SELinuxProject/selinux
• https://github.com/FreeRDP/FreeRDP
• https://github.com/Perl/perl5
• https://github.com/openssh/openssh-portable
• https://github.com/openbsd/src
• https://github.com/mysql/mysql-server
• https://github.com/paramiko/paramiko
• https://github.com/ImageMagick/ImageMagick
• https://github.com/git/git
• https://github.com/GNOME/evince
• https://git.savannah.gnu.org/git/patch.git
• https://github.com/UNINETT/mod_auth_mellon
• https://github.com/flori/json
• https://github.com/flatpak/flatpak
• https://github.com/vadz/libtiff

#Vulnerabilities

760

Date	Id	Summary	Products	Score	Patch	Annotated
2015-07-06	CVE-2015-3281	The buffer_slow_realign function in HAProxy 1.5.x before 1.5.14 and 1.6-dev does not properly realign a buffer that is used for pending outgoing data, which allows remote attackers to obtain sensitive information (uninitialized memory contents of previous requests) via a crafted request.	Ubuntu_linux, Debian_linux, Haproxy, Openstack_cloud, Opensuse, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Linux_enterprise_high_availability_extension	N/A
2019-09-03	CVE-2019-1125	An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to elevate user rights directly, but it could be used to obtain information that could be used...	Windows_10, Windows_7, Windows_8\.1, Windows_rt_8\.1, Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_server_2019, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Virtualization_host	5.6
2015-01-09	CVE-2014-9529	Race condition in the key_gc_unused_keys function in security/keys/gc.c in the Linux kernel through 3.18.2 allows local users to cause a denial of service (memory corruption or panic) or possibly have unspecified other impact via keyctl commands that trigger access to a key structure member during garbage collection of a key.	Ubuntu_linux, Debian_linux, Fedora, Linux_kernel, Opensuse, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation	N/A
2020-02-07	CVE-2019-15604	Improper Certificate Validation in Node.js 10, 12, and 13 causes the process to abort when sending a crafted X.509 certificate	Debian_linux, Node\.js, Leap, Communications_cloud_native_core_network_function_cloud_native_environment, Graalvm, Enterprise_linux, Enterprise_linux_eus, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Software_collections	7.5
2020-02-07	CVE-2019-15605	HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding is malformed	Debian_linux, Fedora, Node\.js, Leap, Graalvm, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Software_collections	9.8
2019-09-19	CVE-2019-14821	An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring->first' and 'ring->last' value could be supplied by a host user-space process. An unprivileged host user or process with access to '/dev/kvm' device could use this flaw to crash the host kernel, resulting in a denial of...	Ubuntu_linux, Debian_linux, Fedora, Linux_kernel, Aff_a700s_firmware, Data_availability_services, H300e_firmware, H300s_firmware, H410c_firmware, H410s_firmware, H500e_firmware, H500s_firmware, H610s_firmware, H700e_firmware, H700s_firmware, Hci_management_node, Solidfire, Leap, Sd\-Wan_edge, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_for_real_time, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Virtualization_host	8.8
2014-02-06	CVE-2014-1477	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.	Ubuntu_linux, Debian_linux, Fedora, Firefox, Firefox_esr, Seamonkey, Thunderbird, Opensuse, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Suse_linux_enterprise_desktop, Suse_linux_enterprise_server, Suse_linux_enterprise_software_development_kit	9.8
2014-02-06	CVE-2014-1479	The System Only Wrapper (SOW) implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent certain cloning operations, which allows remote attackers to bypass intended restrictions on XUL content via vectors involving XBL content scopes.	Ubuntu_linux, Debian_linux, Fedora, Firefox, Firefox_esr, Seamonkey, Thunderbird, Opensuse, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Suse_linux_enterprise_desktop, Suse_linux_enterprise_server, Suse_linux_enterprise_software_development_kit	7.5
2014-02-06	CVE-2014-1481	Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to bypass intended restrictions on window objects by leveraging inconsistency in native getter methods across different JavaScript engines.	Ubuntu_linux, Debian_linux, Fedora, Firefox, Firefox_esr, Seamonkey, Thunderbird, Opensuse, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Suse_linux_enterprise_desktop, Suse_linux_enterprise_server, Suse_linux_enterprise_software_development_kit	7.5
2014-02-06	CVE-2014-1482	RasterImage.cpp in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent access to discarded data, which allows remote attackers to execute arbitrary code or cause a denial of service (incorrect write operations) via crafted image data, as demonstrated by Goo Create.	Ubuntu_linux, Debian_linux, Fedora, Firefox, Firefox_esr, Seamonkey, Thunderbird, Opensuse, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Suse_linux_enterprise_desktop, Suse_linux_enterprise_server, Suse_linux_enterprise_software_development_kit	8.8