Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by CWE-284
Total 1059 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-23615 1 Discourse 1 Discourse 2023-02-14 N/A 5.3 MEDIUM
Discourse is an open source discussion platform. The embeddable comments can be exploited to create new topics as any user but without any clear title or content. This issue is patched in the latest stable, beta and tests-passed versions of Discourse. As a workaround, disable embeddable comments by deleting all embeddable hosts.
CVE-2018-16838 2 Fedoraproject, Redhat 2 Sssd, Enterprise Linux 2023-02-12 5.5 MEDIUM 5.4 MEDIUM
A flaw was found in sssd Group Policy Objects implementation. When the GPO is not readable by SSSD due to a too strict permission settings on the server side, SSSD will allow all authenticated users to login instead of denying access.
CVE-2016-2100 1 Theforeman 1 Foreman 2023-02-12 6.5 MEDIUM 5.4 MEDIUM
Foreman before 1.10.3 and 1.11.0 before 1.11.0-RC2 allow remote authenticated users to read, modify, or delete private bookmarks by leveraging the (1) edit_bookmarks or (2) destroy_bookmarks permission.
CVE-2016-6342 2 Elog Project, Fedoraproject 2 Elog, Fedora 2023-02-12 5.0 MEDIUM 7.5 HIGH
elog 3.1.1 allows remote attackers to post data as any username in the logbook.
CVE-2016-3112 1 Pulpproject 1 Pulp 2023-02-12 5.0 MEDIUM 7.5 HIGH
client/consumer/cli.py in Pulp before 2.8.3 writes consumer private keys to etc/pki/pulp/consumer/consumer-cert.pem as world-readable, which allows remote authenticated users to obtain the consumer private keys and escalate privileges by reading /etc/pki/pulp/consumer/consumer-cert, and authenticating as a consumer user.
CVE-2011-4600 2 Canonical, Redhat 2 Ubuntu Linux, Libvirt 2023-02-12 4.3 MEDIUM 5.9 MEDIUM
The networkReloadIptablesRules function in network/bridge_driver.c in libvirt before 0.9.9 does not properly handle firewall rules on bridge networks when libvirtd is restarted, which might allow remote attackers to bypass intended access restrictions via a (1) DNS or (2) DHCP query.
CVE-2015-3213 1 Clutter Project 1 Clutter 2023-02-12 7.2 HIGH N/A
The gesture handling code in Clutter before 1.16.2 allows physically proximate attackers to bypass the lock screen via certain (1) mouse or (2) touch gestures.
CVE-2015-3155 1 Theforeman 1 Foreman 2023-02-12 5.0 MEDIUM N/A
Foreman before 1.8.1 does not set the secure flag for the _session_id cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session.
CVE-2015-1854 2 Debian, Fedoraproject 3 Debian Linux, 389 Directory Server, Fedora 2023-02-12 5.0 MEDIUM 7.5 HIGH
389 Directory Server before 1.3.3.10 allows attackers to bypass intended access restrictions and modify directory entries via a crafted ldapmodrdn call.
CVE-2021-3864 3 Debian, Linux, Redhat 3 Debian Linux, Linux Kernel, Enterprise Linux 2023-02-12 N/A 7.0 HIGH
A flaw was found in the way the dumpable flag setting was handled when certain SUID binaries executed its descendants. The prerequisite is a SUID binary that sets real UID equal to effective UID, and real GID equal to effective GID. The descendant will then have a dumpable value set to 1. As a result, if the descendant process crashes and core_pattern is set to a relative value, its core dump is stored in the current directory with uid:gid permissions. An unprivileged local user with eligible root SUID binary could use this flaw to place core dumps into root-owned directories, potentially resulting in escalation of privileges.
CVE-2020-25662 1 Redhat 1 Enterprise Linux 2023-02-12 3.3 LOW 6.5 MEDIUM
A Red Hat only CVE-2020-12352 regression issue was found in the way the Linux kernel's Bluetooth stack implementation handled the initialization of stack memory when handling certain AMP packets. This flaw allows a remote attacker in an adjacent range to leak small portions of stack memory on the system by sending specially crafted AMP packets. The highest threat from this vulnerability is to data confidentiality.
CVE-2017-7497 1 Redhat 1 Cloudforms Management Engine 2023-02-12 4.0 MEDIUM 4.3 MEDIUM
The dialog for creating cloud volumes (cinder provider) in CloudForms does not filter cloud tenants by user. An attacker with the ability to create storage volumes could use this to create storage volumes for any other tenant.
CVE-2017-15131 2 Freedesktop, Redhat 2 Xdg-user-dirs, Enterprise Linux 2023-02-12 4.6 MEDIUM 7.8 HIGH
It was found that system umask policy is not being honored when creating XDG user directories, since Xsession sources xdg-user-dirs.sh before setting umask policy. This only affects xdg-user-dirs before 0.15.5 as shipped with Red Hat Enterprise Linux.
CVE-2017-12191 1 Redhat 1 Cloudforms 2023-02-12 7.5 HIGH 7.4 HIGH
A flaw was found in the CloudForms account configuration when using VMware. By default, a shared account is used that has privileged access to VMRC (VMWare Remote Console) functions that may not be appropriate for users of CloudForms (and thus this account). An attacker could use this vulnerability to view and make changes to settings in the VMRC and virtual machines controlled by it that they should not have access to.
CVE-2017-12171 2 Apache, Redhat 5 Http Server, Enterprise Linux, Enterprise Linux Desktop and 2 more 2023-02-12 6.4 MEDIUM 6.5 MEDIUM
A regression was found in the Red Hat Enterprise Linux 6.9 version of httpd 2.2.15-60, causing comments in the "Allow" and "Deny" configuration lines to be parsed incorrectly. A web administrator could unintentionally allow any client to access a restricted HTTP resource.
CVE-2016-8645 1 Linux 1 Linux Kernel 2023-02-12 4.9 MEDIUM 5.5 MEDIUM
The TCP stack in the Linux kernel before 4.8.10 mishandles skb truncation, which allows local users to cause a denial of service (system crash) via a crafted application that makes sendto system calls, related to net/ipv4/tcp_ipv4.c and net/ipv6/tcp_ipv6.c.
CVE-2016-8633 1 Linux 1 Linux Kernel 2023-02-12 6.2 MEDIUM 6.8 MEDIUM
drivers/firewire/net.c in the Linux kernel before 4.8.7, in certain unusual hardware configurations, allows remote attackers to execute arbitrary code via crafted fragmented packets.
CVE-2016-8630 1 Linux 1 Linux Kernel 2023-02-12 4.9 MEDIUM 5.5 MEDIUM
The x86_decode_insn function in arch/x86/kvm/emulate.c in the Linux kernel before 4.8.7, when KVM is enabled, allows local users to cause a denial of service (host OS crash) via a certain use of a ModR/M byte in an undefined instruction.
CVE-2016-6338 1 Redhat 1 Enterprise Virtualization 2023-02-12 4.6 MEDIUM 6.8 MEDIUM
ovirt-engine-webadmin, as used in Red Hat Enterprise Virtualization Manager (aka RHEV-M) for Servers and RHEV-M 4.0, allows physically proximate attackers to bypass a webadmin session timeout restriction via vectors related to UI selections, which trigger repeating queries.
CVE-2016-5404 3 Fedoraproject, Freeipa, Oracle 3 Fedora, Freeipa, Linux 2023-02-12 4.0 MEDIUM 6.5 MEDIUM
The cert_revoke command in FreeIPA does not check for the "revoke certificate" permission, which allows remote authenticated users to revoke arbitrary certificates by leveraging the "retrieve certificate" permission.