Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Redhat Subscribe
Filtered by product Enterprise Linux Server Tus
Total 716 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-10711 5 Canonical, Debian, Linux and 2 more 11 Ubuntu Linux, Debian Linux, Linux Kernel and 8 more 2022-04-22 4.3 MEDIUM 5.9 MEDIUM
A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. This flaw occurs while importing the Commercial IP Security Option (CIPSO) protocol's category bitmap into the SELinux extensible bitmap via the' ebitmap_netlbl_import' routine. While processing the CIPSO restricted bitmap tag in the 'cipso_v4_parsetag_rbm' routine, it sets the security attribute to indicate that the category bitmap is present, even if it has not been allocated. This issue leads to a NULL pointer dereference issue while importing the same category bitmap into SELinux. This flaw allows a remote network user to crash the system kernel, resulting in a denial of service.
CVE-2017-7668 6 Apache, Apple, Debian and 3 more 13 Http Server, Mac Os X, Debian Linux and 10 more 2022-04-21 5.0 MEDIUM 7.5 HIGH
The HTTP strict parsing changes added in Apache httpd 2.2.32 and 2.4.24 introduced a bug in token list parsing, which allows ap_find_token() to search past the end of its input string. By maliciously crafting a sequence of request headers, an attacker may be able to cause a segmentation fault, or to force ap_find_token() to return an incorrect value.
CVE-2021-20225 4 Fedoraproject, Gnu, Netapp and 1 more 8 Fedora, Grub2, Ontap Select Deploy Administration Utility and 5 more 2022-04-18 7.2 HIGH 6.7 MEDIUM
A flaw was found in grub2 in versions prior to 2.06. The option parser allows an attacker to write past the end of a heap-allocated buffer by calling certain commands with a large number of specific short forms of options. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVE-2021-20233 4 Fedoraproject, Gnu, Netapp and 1 more 8 Fedora, Grub2, Ontap Select Deploy Administration Utility and 5 more 2022-04-18 7.2 HIGH 8.2 HIGH
A flaw was found in grub2 in versions prior to 2.06. Setparam_prefix() in the menu rendering code performs a length calculation on the assumption that expressing a quoted single quote will require 3 characters, while it actually requires 4 characters which allows an attacker to corrupt memory by one byte for each quote in the input. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVE-2017-12613 3 Apache, Debian, Redhat 11 Portable Runtime, Debian Linux, Enterprise Linux Desktop and 8 more 2022-04-18 3.6 LOW 7.1 HIGH
When apr_time_exp*() or apr_os_exp_time*() functions are invoked with an invalid month field value in Apache Portable Runtime APR 1.6.2 and prior, out of bounds memory may be accessed in converting this value to an apr_time_exp_t value, potentially revealing the contents of a different static heap value or resulting in program termination, and may represent an information disclosure or denial of service vulnerability to applications which call these APR functions with unvalidated external input.
CVE-2018-3693 7 Arm, Fujitsu, Intel and 4 more 228 Cortex-a, Cortex-r, M12-1 and 225 more 2022-04-18 4.7 MEDIUM 5.6 MEDIUM
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis.
CVE-2016-5018 6 Apache, Canonical, Debian and 3 more 15 Tomcat, Ubuntu Linux, Debian Linux and 12 more 2022-04-18 6.4 MEDIUM 9.1 CRITICAL
In Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 a malicious web application was able to bypass a configured SecurityManager via a Tomcat utility method that was accessible to web applications.
CVE-2016-0762 6 Apache, Canonical, Debian and 3 more 15 Tomcat, Ubuntu Linux, Debian Linux and 12 more 2022-04-18 4.3 MEDIUM 5.9 MEDIUM
The Realm implementations in Apache Tomcat versions 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not process the supplied password if the supplied user name did not exist. This made a timing attack possible to determine valid user names. Note that the default configuration includes the LockOutRealm which makes exploitation of this vulnerability harder.
CVE-2016-6796 6 Apache, Canonical, Debian and 3 more 15 Tomcat, Ubuntu Linux, Debian Linux and 12 more 2022-04-18 5.0 MEDIUM 7.5 HIGH
A malicious web application running on Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 was able to bypass a configured SecurityManager via manipulation of the configuration parameters for the JSP Servlet.
CVE-2016-6794 6 Apache, Canonical, Debian and 3 more 14 Tomcat, Ubuntu Linux, Debian Linux and 11 more 2022-04-18 5.0 MEDIUM 5.3 MEDIUM
When a SecurityManager is configured, a web application's ability to read system properties should be controlled by the SecurityManager. In Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70, 6.0.0 to 6.0.45 the system property replacement feature for configuration files could be used by a malicious web application to bypass the SecurityManager and read system properties that should not be visible.
CVE-2016-6797 6 Apache, Canonical, Debian and 3 more 14 Tomcat, Ubuntu Linux, Debian Linux and 11 more 2022-04-18 5.0 MEDIUM 7.5 HIGH
The ResourceLinkFactory implementation in Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not limit web application access to global JNDI resources to those resources explicitly linked to the web application. Therefore, it was possible for a web application to access any global JNDI resource whether an explicit ResourceLink had been configured or not.
CVE-2017-16541 5 Apple, Debian, Linux and 2 more 10 Macos, Debian Linux, Linux Kernel and 7 more 2022-04-18 4.3 MEDIUM 6.5 MEDIUM
Tor Browser before 7.0.9 on macOS and Linux allows remote attackers to bypass the intended anonymity feature and discover a client IP address via vectors involving a crafted web site that leverages file:// mishandling in Firefox, aka TorMoil. NOTE: Tails is unaffected.
CVE-2018-12020 4 Canonical, Debian, Gnupg and 1 more 9 Ubuntu Linux, Debian Linux, Gnupg and 6 more 2022-04-18 5.0 MEDIUM 7.5 HIGH
mainproc.c in GnuPG before 2.2.8 mishandles the original filename during decryption and verification actions, which allows remote attackers to spoof the output that GnuPG sends on file descriptor 2 to other programs that use the "--status-fd 2" option. For example, the OpenPGP data might represent an original filename that contains line feed characters in conjunction with GOODSIG or VALIDSIG status codes.
CVE-2018-7750 3 Debian, Paramiko, Redhat 11 Debian Linux, Paramiko, Ansible Engine and 8 more 2022-04-18 7.5 HIGH 9.8 CRITICAL
transport.py in the SSH server implementation of Paramiko before 1.17.6, 1.18.x before 1.18.5, 2.0.x before 2.0.8, 2.1.x before 2.1.5, 2.2.x before 2.2.3, 2.3.x before 2.3.2, and 2.4.x before 2.4.1 does not properly check whether authentication is completed before processing other requests, as demonstrated by channel-open. A customized SSH client can simply skip the authentication step.
CVE-2019-12817 6 Canonical, Debian, Fedoraproject and 3 more 9 Ubuntu Linux, Debian Linux, Fedora and 6 more 2022-04-18 6.9 MEDIUM 7.0 HIGH
arch/powerpc/mm/mmu_context_book3s64.c in the Linux kernel before 5.1.15 for powerpc has a bug where unrelated processes may be able to read/write to one another's virtual memory under certain conditions via an mmap above 512 TB. Only a subset of powerpc systems are affected.
CVE-2019-14287 7 Canonical, Debian, Fedoraproject and 4 more 15 Ubuntu Linux, Debian Linux, Fedora and 12 more 2022-04-18 9.0 HIGH 8.8 HIGH
In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER= logging, for a "sudo -u \#$((0xffffffff))" command.
CVE-2013-5704 5 Apache, Apple, Canonical and 2 more 16 Http Server, Mac Os X, Mac Os X Server and 13 more 2022-04-14 5.0 MEDIUM N/A
The mod_headers module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass "RequestHeader unset" directives by placing a header in the trailer portion of data sent with chunked transfer coding. NOTE: the vendor states "this is not a security issue in httpd as such."
CVE-2019-19906 8 Apache, Apple, Canonical and 5 more 20 Bookkeeper, Ipados, Iphone Os and 17 more 2022-04-12 5.0 MEDIUM 7.5 HIGH
cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet. The OpenLDAP crash is ultimately caused by an off-by-one error in _sasl_add_string in common.c in cyrus-sasl.
CVE-2019-1010238 6 Canonical, Debian, Fedoraproject and 3 more 13 Ubuntu Linux, Debian Linux, Fedora and 10 more 2022-04-12 7.5 HIGH 9.8 CRITICAL
Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution. The component is: function name: pango_log2vis_get_embedding_levels, assignment of nchars and the loop condition. The attack vector is: Bug can be used when application pass invalid utf-8 strings to functions like pango_itemize.
CVE-2019-0757 4 Apple, Microsoft, Mono-project and 1 more 10 Macos, .net Core, .net Core Sdk and 7 more 2022-04-11 4.0 MEDIUM 6.5 MEDIUM
A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated attacker to modify a NuGet package's folder structure, aka 'NuGet Package Manager Tampering Vulnerability'.