Filtered by vendor Redhat
Subscribe
Total
5151 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-1156 | 3 Fedoraproject, Moodle, Redhat | 3 Fedora, Moodle, Enterprise Linux | 2019-11-22 | 5.0 MEDIUM | 7.5 HIGH |
| Moodle before 2.2.2 has users' private files included in course backups | |||||
| CVE-2012-1168 | 3 Fedoraproject, Moodle, Redhat | 3 Fedora, Moodle, Enterprise Linux | 2019-11-22 | 6.4 MEDIUM | 8.2 HIGH |
| Moodle before 2.2.2 has a password and web services issue where when the user profile is updated the user password is reset if not specified. | |||||
| CVE-2011-4967 | 2 Openpegasus, Redhat | 2 Tog-pegasus, Enterprise Linux | 2019-11-22 | 5.0 MEDIUM | 7.5 HIGH |
| tog-Pegasus has a package hash collision DoS vulnerability | |||||
| CVE-2012-6135 | 2 Phusion, Redhat | 2 Passenger, Openshift | 2019-11-21 | 6.4 MEDIUM | 7.5 HIGH |
| RubyGems passenger 4.0.0 betas 1 and 2 allows remote attackers to delete arbitrary files during the startup process. | |||||
| CVE-2013-1816 | 4 Debian, Fedoraproject, Mediawiki and 1 more | 4 Debian Linux, Fedora, Mediawiki and 1 more | 2019-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| MediaWiki before 1.19.4 and 1.20.x before 1.20.3 allows remote attackers to cause a denial of service (application crash) by sending a specially crafted request. | |||||
| CVE-2013-1817 | 4 Debian, Fedoraproject, Mediawiki and 1 more | 4 Debian Linux, Fedora, Mediawiki and 1 more | 2019-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| MediaWiki before 1.19.4 and 1.20.x before 1.20.3 contains an error in the api.php script which allows remote attackers to obtain sensitive information. | |||||
| CVE-2014-0023 | 1 Redhat | 1 Openshift | 2019-11-20 | 4.6 MEDIUM | 7.8 HIGH |
| OpenShift: Install script has temporary file creation vulnerability which can result in arbitrary code execution | |||||
| CVE-2010-4657 | 3 Debian, Php, Redhat | 3 Debian Linux, Php, Enterprise Linux | 2019-11-20 | 5.0 MEDIUM | 7.5 HIGH |
| PHP5 before 5.4.4 allows passing invalid utf-8 strings via the xmlTextWriterWriteAttribute, which are then misparsed by libxml2. This results in memory leak into the resulting output. | |||||
| CVE-2011-1145 | 4 Debian, Opensuse, Redhat and 1 more | 4 Debian Linux, Opensuse, Enterprise Linux and 1 more | 2019-11-19 | 4.6 MEDIUM | 7.8 HIGH |
| The SQLDriverConnect() function in unixODBC before 2.2.14p2 have a possible buffer overflow condition when specifying a large value for SAVEFILE parameter in the connection string. | |||||
| CVE-2010-4661 | 5 Debian, Fedoraproject, Opensuse and 2 more | 5 Debian Linux, Fedora, Opensuse and 2 more | 2019-11-18 | 4.6 MEDIUM | 7.8 HIGH |
| udisks before 1.0.3 allows a local user to load arbitrary Linux kernel modules. | |||||
| CVE-2010-4664 | 3 Consolekit Project, Debian, Redhat | 3 Consolekit, Debian Linux, Enterprise Linux | 2019-11-18 | 6.5 MEDIUM | 8.8 HIGH |
| In ConsoleKit before 0.4.2, an intended security policy restriction bypass was found. This flaw allows an authenticated system user to escalate their privileges by initiating a remote VNC session. | |||||
| CVE-2014-8167 | 1 Redhat | 3 Enterprise Virtualization, Vdsclient, Virtual Desktop Server Manager | 2019-11-15 | 4.3 MEDIUM | 5.9 MEDIUM |
| vdsm and vdsclient does not validate certficate hostname from another vdsm which could facilitate a man-in-the-middle attack | |||||
| CVE-2010-3857 | 1 Redhat | 1 Jboss Business Rules Management System | 2019-11-14 | 4.3 MEDIUM | 6.1 MEDIUM |
| JBoss BRMS before 5.1.0 has a XSS vulnerability via asset=UUID parameter. | |||||
| CVE-2014-3592 | 1 Redhat | 1 Openshift Origin | 2019-11-14 | 4.3 MEDIUM | 6.1 MEDIUM |
| OpenShift Origin: Improperly validated team names could allow stored XSS attacks | |||||
| CVE-2014-3655 | 1 Redhat | 2 Jboss Enterprise Web Server, Keycloak | 2019-11-14 | 4.3 MEDIUM | 4.3 MEDIUM |
| JBoss KeyCloak is vulnerable to soft token deletion via CSRF | |||||
| CVE-2013-1820 | 2 Fedoraproject, Redhat | 2 Fedora, Tuned | 2019-11-14 | 4.7 MEDIUM | 5.5 MEDIUM |
| tuned before 2.x allows local users to kill running processes due to insecure permissions with tuned's ktune service. | |||||
| CVE-2011-2897 | 3 Debian, Gnome, Redhat | 3 Debian Linux, Gdk-pixbuf, Enterprise Linux | 2019-11-14 | 7.5 HIGH | 9.8 CRITICAL |
| gdk-pixbuf through 2.31.1 has GIF loader buffer overflow when initializing decompression tables due to an input validation flaw | |||||
| CVE-2008-5083 | 1 Redhat | 1 Jboss Operations Network | 2019-11-14 | 4.0 MEDIUM | 6.5 MEDIUM |
| In JON 2.1.x before 2.1.2 SP1, users can obtain unauthorized security information about private resources managed by JBoss ON. | |||||
| CVE-2014-3599 | 1 Redhat | 1 Hornetq | 2019-11-14 | 4.3 MEDIUM | 6.5 MEDIUM |
| HornetQ REST is vulnerable to XML External Entity due to insecure configuration of RestEasy | |||||
| CVE-2008-3278 | 1 Redhat | 2 Enterprise Linux, Frysk | 2019-11-13 | 4.6 MEDIUM | 7.8 HIGH |
| frysk packages through 2008-08-05 as shipped in Red Hat Enterprise Linux 5 are built with an insecure RPATH set in the ELF header of multiple binaries in /usr/bin/f* (e.g. fcore, fcatch, fstack, fstep, ...) shipped in the package. A local attacker can exploit this vulnerability by running arbitrary code as another user. | |||||