CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Redhat : Security Vulnerabilities (CVSS score between 7 and 7.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2016-2141 264 Bypass 2016-06-30 2016-07-13
7.5
None Remote Low Not required Partial Partial Partial
JGroups before 4.0 does not require the proper headers for the ENCRYPT and AUTH protocols from nodes joining the cluster, which allows remote attackers to bypass security restrictions and send and receive messages within the cluster via unspecified vectors.
2 CVE-2016-2109 399 DoS 2016-05-04 2016-07-22
7.8
None Remote Low Not required None None Complete
The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in the ASN.1 BIO implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (memory consumption) via a short invalid encoding.
3 CVE-2016-2074 119 Exec Code Overflow 2016-07-03 2016-07-15
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in lib/flow.c in ovs-vswitchd in Open vSwitch 2.2.x and 2.3.x before 2.3.3 and 2.4.x before 2.4.1 allows remote attackers to execute arbitrary code via crafted MPLS packets, as demonstrated by a long string in an ovs-appctl command.
4 CVE-2016-1666 DoS 2016-05-14 2016-07-15
7.5
None Remote Low Not required Partial Partial Partial
Multiple unspecified vulnerabilities in Google Chrome before 50.0.2661.94 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
5 CVE-2016-0791 200 Bypass +Info CSRF 2016-04-07 2016-07-14
7.5
None Remote Low Not required Partial Partial Partial
Jenkins before 1.650 and LTS before 1.642.2 do not use a constant-time algorithm to verify CSRF tokens, which makes it easier for remote attackers to bypass a CSRF protection mechanism via a brute-force approach.
6 CVE-2016-0758 Overflow +Priv 2016-06-27 2016-07-26
7.2
None Local Low Not required Complete Complete Complete
Integer overflow in lib/asn1_decoder.c in the Linux kernel before 4.6 allows local users to gain privileges via crafted ASN.1 data.
7 CVE-2016-0741 399 DoS 2016-04-19 2016-04-25
7.8
None Remote Low Not required None None Complete
slapd/connection.c in 389 Directory Server (formerly Fedora Directory Server) 1.3.4.x before 1.3.4.7 allows remote attackers to cause a denial of service (infinite loop and connection blocking) by leveraging an abnormally closed connection.
8 CVE-2016-0546 Overflow 2016-01-20 2016-07-26
7.2
None Local Low Not required Complete Complete Complete
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.
9 CVE-2015-8327 Exec Code 2015-12-17 2016-06-28
7.5
None Remote Low Not required Partial Partial Partial
Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.2.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via ` (backtick) characters in a print job.
10 CVE-2015-8103 77 Exec Code 2015-11-25 2016-06-13
7.5
None Remote Low Not required Partial Partial Partial
The Jenkins CLI subsystem in Jenkins before 1.638 and LTS before 1.625.2 allows remote attackers to execute arbitrary code via a crafted serialized Java object, related to a problematic webapps/ROOT/WEB-INF/lib/commons-collections-*.jar file and the "Groovy variant in 'ysoserial'".
11 CVE-2015-7545 20 Exec Code 2016-04-13 2016-06-09
7.5
None Remote Low Not required Partial Partial Partial
The (1) git-remote-ext and (2) unspecified other remote helper programs in Git before 2.3.10, 2.4.x before 2.4.10, 2.5.x before 2.5.4, and 2.6.x before 2.6.1 do not properly restrict the allowed protocols, which might allow remote attackers to execute arbitrary code via a URL in a (a) .gitmodules file or (b) unknown other sources in a submodule.
12 CVE-2015-7539 345 Exec Code 2016-02-03 2016-06-13
7.6
None Remote High Not required Complete Complete Complete
The Plugins Manager in Jenkins before 1.640 and LTS before 1.625.2 does not verify checksums for plugin files referenced in update site data, which makes it easier for man-in-the-middle attackers to execute arbitrary code via a crafted plugin.
13 CVE-2015-5364 399 DoS 2015-08-31 2016-07-20
7.8
None Remote Low Not required None None Complete
The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel before 4.0.6 do not properly consider yielding a processor, which allows remote attackers to cause a denial of service (system hang) via incorrect checksums within a UDP packet flood.
14 CVE-2015-5329 264 2016-04-11 2016-04-13
7.5
None Remote Low Not required Partial Partial Partial
The TripleO Heat templates (tripleo-heat-templates), as used in Red Hat Enterprise Linux OpenStack Platform 7.0, do not properly use the configured RabbitMQ credentials, which makes it easier for remote attackers to obtain access to services in deployed overclouds by leveraging knowledge of the default credentials.
15 CVE-2015-5325 284 Bypass 2015-11-25 2016-06-13
7.5
None Remote Low Not required Partial Partial Partial
Jenkins before 1.638 and LTS before 1.625.2 allow attackers to bypass intended slave-to-master access restrictions by leveraging a JNLP slave. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3665.
16 CVE-2015-5312 399 DoS 2015-12-15 2016-06-09
7.1
None Remote Medium Not required None None Complete
The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data, a different vulnerability than CVE-2014-3660.
17 CVE-2015-5277 119 DoS Overflow +Priv 2015-12-17 2016-06-09
7.2
None Local Low Not required Complete Complete Complete
The get_contents function in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) before 2.20 might allow local users to cause a denial of service (heap corruption) or gain privileges via a long line in the NSS files database.
18 CVE-2015-5260 119 DoS Exec Code Overflow Mem. Corr. 2016-06-07 2016-06-07
7.2
None Local Low Not required Complete Complete Complete
Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possibly execute arbitrary code on the host via QXL commands related to the surface_id parameter.
19 CVE-2015-5254 20 Exec Code 2016-01-08 2016-06-28
7.5
None Remote Low Not required Partial Partial Partial
Apache ActiveMQ 5.x before 5.13.0 does not restrict the classes that can be serialized in the broker, which allows remote attackers to execute arbitrary code via a crafted serialized Java Message Service (JMS) ObjectMessage object.
20 CVE-2015-5225 119 DoS Exec Code Overflow Mem. Corr. 2015-11-06 2015-11-09
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in the vnc_refresh_server_surface function in the VNC display driver in QEMU before 2.4.0.1 allows guest users to cause a denial of service (heap memory corruption and process crash) or possibly execute arbitrary code on the host via unspecified vectors, related to refreshing the server display surface.
21 CVE-2015-5157 264 +Priv 2015-08-31 2016-07-20
7.2
None Local Low Not required Complete Complete Complete
arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the x86_64 platform mishandles IRET faults in processing NMIs that occurred during userspace execution, which might allow local users to gain privileges by triggering an NMI.
22 CVE-2015-4819 2015-10-21 2016-05-25
7.2
None Local Low Not required Complete Complete Complete
Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier, and 5.6.25 and earlier, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Client programs.
23 CVE-2015-4643 119 Exec Code Overflow 2016-05-16 2016-06-22
7.5
None Remote Low Not required Partial Partial Partial
Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 allows remote FTP servers to execute arbitrary code via a long reply to a LIST command, leading to a heap-based buffer overflow. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-4022.
24 CVE-2015-4598 20 Bypass 2016-05-16 2016-06-22
7.5
None Remote Low Not required Partial Partial Partial
PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read or write to arbitrary files via crafted input to an application that calls (1) a DOMDocument save method or (2) the GD imagepsloadfont function, as demonstrated by a filename\0.html attack that bypasses an intended configuration in which client users may write to only .html files.
25 CVE-2015-4147 19 Exec Code 2015-06-09 2016-07-13
7.5
None Remote Low Not required Partial Partial Partial
The SoapClient::__call method in ext/soap/soap.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 does not verify that __default_headers is an array, which allows remote attackers to execute arbitrary code by providing crafted serialized data with an unexpected data type, related to a "type confusion" issue.
26 CVE-2015-4026 19 Bypass 2015-06-09 2016-06-22
7.5
None Remote Low Not required Partial Partial Partial
The pcntl_exec implementation in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 truncates a pathname upon encountering a \x00 character, which might allow remote attackers to bypass intended extension restrictions and execute files with unexpected names via a crafted first argument. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-7243.
27 CVE-2015-4025 19 Bypass 2015-06-09 2016-06-22
7.5
None Remote Low Not required Partial Partial Partial
PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 truncates a pathname upon encountering a \x00 character in certain situations, which allows remote attackers to bypass intended extension restrictions and access files or directories with unexpected names via a crafted argument to (1) set_include_path, (2) tempnam, (3) rmdir, or (4) readlink. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-7243.
28 CVE-2015-4022 189 Exec Code Overflow 2015-06-09 2016-06-22
7.5
None Remote Low Not required Partial Partial Partial
Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote FTP servers to execute arbitrary code via a long reply to a LIST command, leading to a heap-based buffer overflow.
29 CVE-2015-3456 119 DoS Exec Code Overflow 2015-05-13 2016-06-16
7.7
None Local Network Low Single system Complete Complete Complete
The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and earlier and KVM, allows local guest users to cause a denial of service (out-of-bounds write and guest crash) or possibly execute arbitrary code via the (1) FD_CMD_READ_ID, (2) FD_CMD_DRIVE_SPECIFICATION_COMMAND, or other unspecified commands, aka VENOM.
30 CVE-2015-3329 119 Exec Code Overflow 2015-06-09 2016-06-22
7.5
None Remote Low Not required Partial Partial Partial
Multiple stack-based buffer overflows in the phar_set_inode function in phar_internal.h in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allow remote attackers to execute arbitrary code via a crafted length value in a (1) tar, (2) phar, or (3) ZIP archive.
31 CVE-2015-3307 119 DoS Overflow 2015-06-09 2016-06-23
7.5
None Remote Low Not required Partial Partial Partial
The phar_parse_metadata function in ext/phar/phar.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (heap metadata corruption) or possibly have unspecified other impact via a crafted tar archive.
32 CVE-2015-3246 264 DoS +Priv 2015-08-11 2015-08-11
7.2
Admin Local Low Not required Complete Complete Complete
libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, directly modifies /etc/passwd, which allows local users to cause a denial of service (inconsistent file state) by causing an error during the modification. NOTE: this issue can be combined with CVE-2015-3245 to gain privileges.
33 CVE-2015-2787 Exec Code 2015-03-30 2016-06-27
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages use of the unset function within an __wakeup function, a related issue to CVE-2015-0231.
34 CVE-2015-2775 22 Dir. Trav. 2015-04-13 2015-07-13
7.6
None Remote High Not required Complete Complete Complete
Directory traversal vulnerability in GNU Mailman before 2.1.20, when not using a static alias, allows remote attackers to execute arbitrary files via a .. (dot dot) in a list name.
35 CVE-2015-2301 DoS 2015-03-30 2016-06-23
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in the phar_rename_archive function in phar_object.c in PHP before 5.5.22 and 5.6.x before 5.6.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an attempted renaming of a Phar archive to the name of an existing file.
36 CVE-2015-1818 2015-08-11 2015-08-11
7.5
None Remote Low Not required Partial Partial Partial
XML external entity (XXE) vulnerability in the dashbuilder import facility (DocumentBuilders in org.jboss.dashboard.export.ImportManagerImpl) in Red Hat JBoss BPM Suite before 6.1.2 allows remote attackers to read arbitrary files, conduct server-side request forgery (SSRF) attacks, and have other unspecified impact via a crafted XML document.
37 CVE-2015-1814 264 +Priv 2015-10-16 2016-06-15
7.5
None Remote Low Not required Partial Partial Partial
The API token-issuing service in Jenkins before 1.606 and LTS before 1.596.2 allows remote attackers to gain privileges via a "forced API token change" involving anonymous users.
38 CVE-2015-1779 399 DoS 2016-01-12 2016-01-15
7.8
None Remote Low Not required None None Complete
The VNC websocket frame decoder in QEMU allows remote attackers to cause a denial of service (memory and CPU consumption) via a large (1) websocket payload or (2) HTTP headers section.
39 CVE-2015-1289 DoS 2015-07-22 2016-07-08
7.5
None Remote Low Not required Partial Partial Partial
Multiple unspecified vulnerabilities in Google Chrome before 44.0.2403.89 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
40 CVE-2015-1284 20 DoS 2015-07-22 2015-11-24
7.5
None Remote Low Not required Partial Partial Partial
The LocalFrame::isURLAllowed function in core/frame/LocalFrame.cpp in Blink, as used in Google Chrome before 44.0.2403.89, does not properly check for a page's maximum number of frames, which allows remote attackers to cause a denial of service (invalid count value and use-after-free) or possibly have unspecified other impact via crafted JavaScript code that makes many createElement calls for IFRAME elements.
41 CVE-2015-1280 119 DoS Overflow Mem. Corr. 2015-07-22 2016-07-08
7.5
None Remote Low Not required Partial Partial Partial
SkPictureShader.cpp in Skia, as used in Google Chrome before 44.0.2403.89, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging access to a renderer process and providing crafted serialized data.
42 CVE-2015-1279 189 DoS Overflow 2015-07-22 2016-07-08
7.5
None Remote Low Not required Partial Partial Partial
Integer overflow in the CJBig2_Image::expand function in fxcodec/jbig2/JBig2_Image.cpp in PDFium, as used in Google Chrome before 44.0.2403.89, allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via large height and stride values.
43 CVE-2015-1277 DoS 2015-07-22 2016-07-08
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in the accessibility implementation in Google Chrome before 44.0.2403.89 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging lack of certain validity checks for accessibility-tree data structures.
44 CVE-2015-1276 DoS 2015-07-22 2016-07-08
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in content/browser/indexed_db/indexed_db_backing_store.cc in the IndexedDB implementation in Google Chrome before 44.0.2403.89 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging an abort action before a certain write operation.
45 CVE-2015-1272 DoS 2015-07-22 2016-07-08
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in the GPU process implementation in Google Chrome before 44.0.2403.89 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging the continued availability of a GPUChannelHost data structure during Blink shutdown, related to content/browser/gpu/browser_gpu_channel_host_factory.cc and content/renderer/render_thread_impl.cc.
46 CVE-2015-1250 DoS 2015-05-01 2016-07-09
7.5
None Remote Low Not required Partial Partial Partial
Multiple unspecified vulnerabilities in Google Chrome before 42.0.2311.135 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
47 CVE-2015-0412 2015-01-21 2016-06-29
7.2
None Local Low Not required Complete Complete Complete
Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS.
48 CVE-2015-0411 2015-01-21 2016-06-29
7.5
None Remote Low Not required Partial Partial Partial
Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier, and 5.6.21 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Server : Security : Encryption.
49 CVE-2015-0283 399 DoS 2015-03-30 2015-04-09
7.8
None Remote Low Not required None None Complete
The slapi-nis plug-in before 0.54.2 does not properly reallocate memory when processing user accounts, which allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a request for a (1) group with a large number of members or (2) user that belongs to a large number of groups.
50 CVE-2014-9658 119 DoS Overflow 2015-02-08 2016-06-29
7.5
None Remote Low Not required Partial Partial Partial
The tt_face_load_kern function in sfnt/ttkern.c in FreeType before 2.5.4 enforces an incorrect minimum table length, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted TrueType font.
Total number of vulnerabilities : 261   Page : 1 (This Page)2 3 4 5 6
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.