CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Redhat » Enterprise Linux : Security Vulnerabilities (CVSS score between 5 and 5.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2018-14645 125 DoS 2018-09-21 2018-11-28
5.0
None Remote Low Not required None None Partial
A flaw was discovered in the HPACK decoder of HAProxy, before 1.8.14, that is used for HTTP/2. An out-of-bounds read access in hpack_valid_idx() resulted in a remote crash and denial of service.
2 CVE-2018-14622 769 2018-08-30 2018-12-07
5.0
None Remote Low Not required None None Partial
A null-pointer dereference vulnerability was found in libtirpc before version 0.3.3-rc3. The return value of makefd_xprt() was not checked in all instances, which could lead to a crash when the server exhausted the maximum number of available file descriptors. A remote attacker could cause an rpc-based application to crash by flooding it with new connections.
3 CVE-2018-10927 20 DoS +Info 2018-09-04 2018-11-06
5.5
None Remote Low Single system Partial None Partial
A flaw was found in RPC request using gfs3_lookup_req in glusterfs server. An authenticated attacker could use this flaw to leak information and execute remote denial of service by crashing gluster brick process.
4 CVE-2018-10892 417 2018-07-06 2018-09-21
5.0
None Remote Low Not required None Partial None
The default OCI linux spec in oci/defaults{_linux}.go in Docker/Moby from 1.11 to current does not block /proc/acpi pathnames. The flaw allows an attacker to modify host's hardware like enabling/disabling bluetooth or turning up/down keyboard brightness.
5 CVE-2018-10869 284 2018-07-19 2018-09-17
5.0
None Remote Low Not required Partial None None
redhat-certification does not properly restrict files that can be download through the /download page. A remote attacker may download any file accessible by the user running httpd.
6 CVE-2018-10861 287 2018-07-10 2018-11-14
5.5
None Remote Low Single system None Partial Partial
A flaw was found in the way ceph mon handles user requests. Any authenticated ceph user having read access to ceph can delete, create ceph storage pools and corrupt snapshot images. Ceph branches master, mimic, luminous and jewel are believed to be affected.
7 CVE-2018-10184 119 Exec Code Overflow 2018-05-09 2018-06-18
5.0
None Remote Low Not required None None Partial
An issue was discovered in HAProxy before 1.8.8. The incoming H2 frame length was checked against the max_frame_size setting instead of being checked against the bufsize. The max_frame_size only applies to outgoing traffic and not to incoming, so if a large enough frame size is advertised in the SETTINGS frame, a wrapped frame will be defragmented into a temporary allocated buffer where the second fragment may overflow the heap by up to 16 kB. It is very unlikely that this can be exploited for code execution given that buffers are very short lived and their addresses not realistically predictable in production, but the likelihood of an immediate crash is absolutely certain.
8 CVE-2018-5184 326 2018-06-11 2018-11-25
5.0
None Remote Low Not required Partial None None
Using remote content in encrypted messages can lead to the disclosure of plaintext. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8.
9 CVE-2018-5168 275 Bypass 2018-06-11 2018-11-25
5.0
None Remote Low Not required None Partial None
Sites can bypass security checks on permissions to install lightweight themes by manipulating the "baseURI" property of the theme element. This could allow a malicious site to install a theme without user interaction which could contain offensive or embarrassing images. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8.
10 CVE-2018-5117 254 2018-06-11 2018-08-03
5.0
None Remote Low Not required None Partial None
If right-to-left text is used in the addressbar with left-to-right alignment, it is possible in some circumstances to scroll this text to spoof the displayed URL. This issue could result in the wrong URL being displayed as a location, which can mislead users to believe they are on a different site than the one loaded. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58.
11 CVE-2018-3760 200 +Info 2018-06-26 2018-09-27
5.0
None Remote Low Not required Partial None None
There is an information leak vulnerability in Sprockets. Versions Affected: 4.0.0.beta7 and lower, 3.7.1 and lower, 2.12.4 and lower. Specially crafted requests can be used to access files that exists on the filesystem that is outside an application's root directory, when the Sprockets server is used in production. All users running an affected release should either upgrade or use one of the work arounds immediately.
12 CVE-2018-1128 287 2018-07-10 2018-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Any attacker having access to ceph cluster network who is able to sniff packets on network can use this vulnerability to authenticate with ceph service and perform actions allowed by ceph service. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable.
13 CVE-2018-1086 200 Bypass +Info 2018-04-12 2018-06-19
5.0
None Remote Low Not required Partial None None
pcs before versions 0.9.164 and 0.10 is vulnerable to a debug parameter removal bypass. REST interface of the pcsd service did not properly remove the pcs debug argument from the /run_pcs query, possibly disclosing sensitive information. A remote attacker with a valid token could use this flaw to elevate their privilege.
14 CVE-2017-15134 119 DoS Overflow 2018-03-01 2018-07-16
5.0
None Remote Low Not required None None Partial
A stack buffer overflow flaw was found in the way 389-ds-base 1.3.6.x before 1.3.6.13, 1.3.7.x before 1.3.7.9, 1.4.x before 1.4.0.5 handled certain LDAP search filters. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus resulting in denial of service.
15 CVE-2017-12151 310 2018-07-27 2018-10-02
5.8
None Remote Medium Not required Partial Partial None
A flaw was found in the way samba client before samba 4.4.16, samba 4.5.14 and samba 4.6.8 used encryption with the max protocol set as SMB3. The connection could lose the requirement for signing and encrypting to any DFS redirects, allowing an attacker to read or alter the contents of the connection via a man-in-the-middle attack.
16 CVE-2017-9953 416 DoS 2017-06-26 2017-06-30
5.0
None Remote Low Not required None None Partial
There is an invalid free in Image::printIFDStructure that leads to a Segmentation fault in Exiv2 0.26. A crafted input will lead to a remote denial of service attack.
17 CVE-2017-7848 74 2018-06-11 2018-08-09
5.0
None Remote Low Not required None Partial None
RSS fields can inject new lines into the created email structure, modifying the message body. This vulnerability affects Thunderbird < 52.5.2.
18 CVE-2017-7807 254 2018-06-11 2018-08-03
5.8
None Remote Medium Not required Partial Partial None
A mechanism that uses AppCache to hijack a URL in a domain using fallback by serving the files from a sub-path on the domain. This has been addressed by requiring fallback files be inside the manifest directory. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.
19 CVE-2017-7791 20 2018-06-11 2018-08-03
5.0
None Remote Low Not required None Partial None
On pages containing an iframe, the "data:" protocol can be used to create a modal alert that will render over arbitrary domains following page navigation, spoofing of the origin of the modal alert from the iframe content. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.
20 CVE-2017-7787 200 Bypass +Info 2018-06-11 2018-08-03
5.0
None Remote Low Not required Partial None None
Same-origin policy protections can be bypassed on pages with embedded iframes during page reloads, allowing the iframes to access content on the top level page, leading to information disclosure. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.
21 CVE-2017-7754 125 2018-06-11 2018-08-03
5.0
None Remote Low Not required Partial None None
An out-of-bounds read in WebGL with a maliciously crafted "ImageInfo" object during WebGL operations. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.
22 CVE-2017-5455 264 Exec Code 2018-06-11 2018-08-09
5.0
None Remote Low Not required None Partial None
The internal feed reader APIs that crossed the sandbox barrier allowed for a sandbox escape and escalation of privilege if combined with another vulnerability that resulted in remote code execution inside the sandboxed process. This vulnerability affects Firefox ESR < 52.1 and Firefox < 53.
23 CVE-2017-5454 200 Bypass +Info 2018-06-11 2018-08-09
5.0
None Remote Low Not required Partial None None
A mechanism to bypass file system access protections in the sandbox to use the file picker to access different files than those selected in the file picker through the use of relative paths. This allows for read only access to the local file system. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 52.1, and Firefox < 53.
24 CVE-2017-5449 20 2018-06-11 2018-08-09
5.0
None Remote Low Not required None None Partial
A possibly exploitable crash triggered during layout and manipulation of bidirectional unicode text in concert with CSS animations. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 52.1, and Firefox < 53.
25 CVE-2017-5445 129 2018-06-11 2018-08-07
5.0
None Remote Low Not required Partial None None
A vulnerability while parsing "application/http-index-format" format content where uninitialized values are used to create an array. This could allow the reading of uninitialized memory into the arrays affected. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
26 CVE-2017-5444 119 Overflow 2018-06-11 2018-08-07
5.0
None Remote Low Not required Partial None None
A buffer overflow vulnerability while parsing "application/http-index-format" format content when the header contains improperly formatted data. This allows for an out-of-bounds read of data from memory. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
27 CVE-2017-5408 200 +Info 2018-06-11 2018-08-07
5.0
None Remote Low Not required Partial None None
Video files loaded video captions cross-origin without checking for the presence of CORS headers permitting such cross-origin use, leading to potential information disclosure for video captions. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52, and Thunderbird < 45.8.
28 CVE-2017-5405 254 2018-06-11 2018-08-07
5.0
None Remote Low Not required Partial None None
Certain response codes in FTP connections can result in the use of uninitialized values for ports in FTP operations. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52, and Thunderbird < 45.8.
29 CVE-2017-5383 20 2018-06-11 2018-08-02
5.0
None Remote Low Not required None Partial None
URLs containing certain unicode glyphs for alternative hyphens and quotes do not properly trigger punycode display, allowing for domain name spoofing attacks in the location bar. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51.
30 CVE-2017-5378 200 +Info 2018-06-11 2018-08-02
5.0
None Remote Low Not required Partial None None
Hashed codes of JavaScript objects are shared between pages. This allows for pointer leaks because an object's address can be discovered through hash codes, and also allows for data leakage of an object's content using these hash codes. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51.
31 CVE-2017-2591 125 2018-04-30 2018-06-12
5.0
None Remote Low Not required None None Partial
389-ds-base before version 1.3.6 is vulnerable to an improperly NULL terminated array in the uniqueness_entry_to_config() function in the "attribute uniqueness" plugin of 389 Directory Server. An authenticated, or possibly unauthenticated, attacker could use this flaw to force an out-of-bound heap memory read, possibly triggering a crash of the LDAP service.
32 CVE-2017-2590 275 DoS 2018-07-27 2018-09-24
5.5
None Remote Low Single system None Partial Partial
A vulnerability was found in ipa before 4.4. IdM's ca-del, ca-disable, and ca-enable commands did not properly check the user's permissions while modifying CAs in Dogtag. An authenticated, unauthorized attacker could use this flaw to delete, disable, or enable CAs causing various denial of service problems with certificate issuance, OCSP signing, and deletion of secret keys.
33 CVE-2016-9900 254 Bypass 2018-06-11 2018-08-03
5.0
None Remote Low Not required Partial None None
External resources that should be blocked when loaded by SVG images can bypass security restrictions through the use of "data:" URLs. This could allow for cross-domain data leakage. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.
34 CVE-2016-9079 416 2018-06-11 2018-08-09
5.0
None Remote Low Not required Partial None None
A use-after-free vulnerability in SVG Animation has been discovered. An exploit built on this vulnerability has been discovered in the wild targeting Firefox and Tor Browser users on Windows. This vulnerability affects Firefox < 50.0.2, Firefox ESR < 45.5.1, and Thunderbird < 45.5.1.
35 CVE-2016-5244 200 +Info 2016-06-27 2018-10-30
5.0
None Remote Low Not required Partial None None
The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which allows remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message.
36 CVE-2016-2183 200 +Info 2016-08-31 2018-10-23
5.0
None Remote Low Not required Partial None None
The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode, aka a "Sweet32" attack.
37 CVE-2015-5229 17 DoS 2016-04-08 2016-11-28
5.0
None Remote Low Not required None None Partial
The calloc function in the glibc package in Red Hat Enterprise Linux (RHEL) 6.7 and 7.2 does not properly initialize memory areas, which might allow context-dependent attackers to cause a denial of service (hang or crash) via unspecified vectors.
38 CVE-2015-4644 DoS 2016-05-16 2017-11-03
5.0
None Remote Low Not required None None Partial
The php_pgsql_meta_data function in pgsql.c in the PostgreSQL (aka pgsql) extension in PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 does not validate token extraction for table names, which might allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted name. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1352.
39 CVE-2015-4605 20 DoS Exec Code 2016-05-16 2017-09-21
5.0
None Remote Low Not required None None Partial
The mcopy function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly restrict a certain offset value, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string that is mishandled by a "Python script text executable" rule.
40 CVE-2015-4604 20 DoS Exec Code 2016-05-16 2017-09-21
5.0
None Remote Low Not required None None Partial
The mget function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly maintain a certain pointer relationship, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string that is mishandled by a "Python script text executable" rule.
41 CVE-2015-4024 399 DoS 2015-06-09 2018-01-04
5.0
None Remote Low Not required None None Partial
Algorithmic complexity vulnerability in the multipart_buffer_headers function in main/rfc1867.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote attackers to cause a denial of service (CPU consumption) via crafted form data that triggers an improper order-of-growth outcome.
42 CVE-2015-4021 189 DoS Mem. Corr. 2015-06-09 2018-01-04
5.0
None Remote Low Not required None None Partial
The phar_parse_tarfile function in ext/phar/tar.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 does not verify that the first character of a filename is different from the \0 character, which allows remote attackers to cause a denial of service (integer underflow and memory corruption) via a crafted entry in a tar archive.
43 CVE-2015-3900 254 2015-06-24 2017-12-08
5.0
None Remote Low Not required None Partial None
RubyGems 2.0.x before 2.0.16, 2.2.x before 2.2.4, and 2.4.x before 2.4.7 does not validate the hostname when fetching gems or making API requests, which allows remote attackers to redirect requests to arbitrary domains via a crafted DNS SRV record, aka a "DNS hijack attack."
44 CVE-2015-3412 254 Bypass 2016-05-16 2018-01-04
5.0
None Remote Low Not required Partial None None
PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read arbitrary files via crafted input to an application that calls the stream_resolve_include_path function in ext/standard/streamsfuncs.c, as demonstrated by a filename\0.extension attack that bypasses an intended configuration in which client users may read files with only one specific extension.
45 CVE-2015-2783 119 DoS Overflow +Info 2015-06-09 2018-01-04
5.8
None Remote Medium Not required Partial None Partial
ext/phar/phar.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read and application crash) via a crafted length value in conjunction with crafted serialized data in a phar archive, related to the phar_parse_metadata and phar_parse_pharfile functions.
46 CVE-2015-1819 399 DoS 2015-08-14 2018-10-30
5.0
None Remote Low Not required None None Partial
The xmlreader in libxml allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack.
47 CVE-2015-0410 2015-01-21 2018-10-30
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in the Java SE, Java SE Embedded, JRockit component in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows remote attackers to affect availability via unknown vectors related to Security.
48 CVE-2015-0407 2015-01-21 2017-09-07
5.0
None Remote Low Not required Partial None None
Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to Swing.
49 CVE-2015-0383 2015-01-21 2018-10-30
5.4
None Local Medium Not required None Partial Complete
Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows local users to affect integrity and availability via unknown vectors related to Hotspot.
50 CVE-2014-8119 20 DoS 2017-12-29 2018-01-10
5.0
None Remote Low Not required None None Partial
The find_ifcfg_path function in netcf before 0.2.7 might allow attackers to cause a denial of service (application crash) via vectors involving augeas path expressions.
Total number of vulnerabilities : 106   Page : 1 (This Page)2 3
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.