Product:

Enterprise_linux_workstation

(Redhat)
Repositories https://github.com/torvalds/linux
https://github.com/krb5/krb5
https://github.com/ceph/ceph
https://github.com/libarchive/libarchive
https://github.com/kyz/libmspack
https://github.com/LibRaw/LibRaw
https://github.com/rubygems/rubygems
https://github.com/madler/zlib
https://github.com/fedora-selinux/setroubleshoot
https://github.com/ntp-project/ntp
https://github.com/mdadams/jasper
https://github.com/neomutt/neomutt
https://github.com/mysql/mysql-server
https://github.com/openbsd/src
https://github.com/abrt/abrt
• git://git.openssl.org/openssl.git
https://github.com/requests/requests
https://github.com/glennrp/libpng
https://github.com/paramiko/paramiko
https://github.com/uclouvain/openjpeg
https://github.com/qos-ch/slf4j
https://github.com/rpm-software-management/yum-utils
https://github.com/mjg59/linux
https://github.com/mm2/Little-CMS
https://github.com/ImageMagick/ImageMagick
https://github.com/szukw000/openjpeg
https://github.com/candlepin/subscription-manager
https://github.com/Perl/perl5
https://github.com/git/git
https://github.com/sosreport/sos-collector
https://github.com/codehaus-plexus/plexus-archiver
https://github.com/dogtagpki/pki
https://github.com/karelzak/util-linux
https://github.com/GNOME/evince
https://git.savannah.gnu.org/git/patch.git
https://github.com/UNINETT/mod_auth_mellon
https://github.com/flori/json
https://github.com/flatpak/flatpak
https://github.com/SELinuxProject/selinux
https://github.com/jpirko/libndp
https://github.com/libguestfs/hivex
https://github.com/vadz/libtiff
https://github.com/jquery/jquery-ui
#Vulnerabilities 1723
Date Id Summary Products Score Patch Annotated
2017-08-08 CVE-2017-3641 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0... Debian_linux, Mariadb, Mysql, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Openstack 4.9
2015-10-21 CVE-2015-4802 Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition, a different vulnerability than CVE-2015-4792. Ubuntu_linux, Debian_linux, Fedora, Mariadb, Leap, Opensuse, Linux, Mysql, Solaris, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation N/A
2014-01-15 CVE-2014-0393 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier, 5.5.33 and earlier, and 5.6.13 and earlier allows remote authenticated users to affect integrity via unknown vectors related to InnoDB. Ubuntu_linux, Debian_linux, Mariadb, Mysql, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation N/A
2012-10-17 CVE-2012-3167 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Full Text Search. Ubuntu_linux, Debian_linux, Mariadb, Mysql, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_workstation N/A
2017-01-27 CVE-2017-3243 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Charsets). Supported versions that are affected are 5.5.53 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.4 (Availability impacts). Debian_linux, Mariadb, Mysql, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation 4.4
2018-10-23 CVE-2018-18585 chmd_read_headers in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character (such as the "/\0" name). Ubuntu_linux, Debian_linux, Libmspack, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Starwind_virtual_san, Linux_enterprise_server 4.3
2022-01-28 CVE-2021-4034 A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code.... Ubuntu_linux, Http_server, Zfs_storage_appliance_kit, Polkit, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_for_ibm_z_systems, Enterprise_linux_for_ibm_z_systems_eus, Enterprise_linux_for_power_big_endian, Enterprise_linux_for_power_little_endian, Enterprise_linux_for_power_little_endian_eus, Enterprise_linux_for_scientific_computing, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_server_update_services_for_sap_solutions, Enterprise_linux_workstation, Scalance_lpe9403_firmware, Sinumerik_edge, Command_center, Starwind_hyperconverged_appliance, Starwind_virtual_san, Enterprise_storage, Linux_enterprise_desktop, Linux_enterprise_high_performance_computing, Linux_enterprise_server, Linux_enterprise_workstation_extension, Manager_proxy, Manager_server 7.8
2021-03-03 CVE-2020-27779 A flaw was found in grub2 in versions prior to 2.06. The cutmem command does not honor secure boot locking allowing an privileged attacker to remove address ranges from memory creating an opportunity to circumvent SecureBoot protections after proper triage about grub's memory layout. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Fedora, Grub2, Ontap_select_deploy_administration_utility, Enterprise_linux, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation 7.5
2022-02-18 CVE-2020-25719 A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication. The Samba AD DC, could become confused about the user a ticket represents if it did not strictly require a Kerberos PAC and always use the SIDs found within. The result could include total domain compromise. Ubuntu_linux, Debian_linux, Fedora, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_for_ibm_z_systems, Enterprise_linux_for_ibm_z_systems_eus, Enterprise_linux_for_power_big_endian, Enterprise_linux_for_power_little_endian, Enterprise_linux_for_power_little_endian_eus, Enterprise_linux_for_scientific_computing, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_server_update_services_for_sap_solutions, Enterprise_linux_workstation, Samba 7.2
2017-10-19 CVE-2017-10274 Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Smart Card IO). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to... Debian_linux, Active_iq_unified_manager, Cloud_backup, E\-Series_santricity_management_plug\-Ins, E\-Series_santricity_os_controller, E\-Series_santricity_storage_manager, E\-Series_santricity_web_services, Element_software, Oncommand_balance, Oncommand_insight, Oncommand_performance_manager, Oncommand_shift, Oncommand_unified_manager, Oncommand_workflow_automation, Plug\-In_for_symantec_netbackup, Snapmanager, Steelstore_cloud_integrated_storage, Storage_replication_adapter_for_clustered_data_ontap, Vasa_provider_for_clustered_data_ontap, Virtual_storage_console, Jdk, Jre, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation 6.8