Redhat

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2012-5474 4Debian FedoraprojectOpenstack+1 more 4Debian Linux FedoraHorizon+1 more Nov 21, 2024 Dec 30, 2019 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 The file /etc/openstack-dashboard/local_settings within Red Hat OpenStack Platform 2.0 and RHOS Essex Release (python-django-horizon package before 2012.1.1) is world readable and exposes the secret key value.
CVE-2019-16789 5Agendaless DebianFedoraproject+2 more 5Communications Cloud Native Core Network Function Cloud Native Environment Debian LinuxFedora+2 more Nov 21, 2024 Dec 26, 2019 N/A· v4 8.2 HIGH· v3 6.4 MEDIUM· v2 In Waitress through version 1.4.0, if a proxy server is used in front of waitress, an invalid request may be sent by an attacker that bypasses the front-end and is parsed differently by waitress leading to a potential fo...Show more In Waitress through version 1.4.0, if a proxy server is used in front of waitress, an invalid request may be sent by an attacker that bypasses the front-end and is parsed differently by waitress leading to a potential for HTTP request smuggling. Specially crafted requests containing special whitespace characters in the Transfer-Encoding header would get parsed by Waitress as being a chunked request, but a front-end server would use the Content-Length instead as the Transfer-Encoding header is considered invalid due to containing invalid characters. If a front-end server does HTTP pipelining to a backend Waitress server this could lead to HTTP request splitting which may lead to potential cache poisoning or unexpected information disclosure. This issue is fixed in Waitress 1.4.1 through more strict HTTP field validation.Show less
CVE-2019-19925 8Debian NetappOpensuse+5 more 11Backports Sle Cloud BackupDebian Linux+8 more Nov 21, 2024 Dec 24, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive.
CVE-2019-19923 8Debian NetappOpensuse+5 more 11Backports Sle Cloud BackupDebian Linux+8 more Nov 21, 2024 Dec 24, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect results).
CVE-2019-19337 1Redhat 1Ceph Storage Nov 21, 2024 Dec 23, 2019 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 A flaw was found in Red Hat Ceph Storage version 3 in the way the Ceph RADOS Gateway daemon handles S3 requests. An authenticated attacker can abuse this flaw by causing a remote denial of service by sending a specially...Show more A flaw was found in Red Hat Ceph Storage version 3 in the way the Ceph RADOS Gateway daemon handles S3 requests. An authenticated attacker can abuse this flaw by causing a remote denial of service by sending a specially crafted HTTP Content-Length header to the Ceph RADOS Gateway server.Show less
CVE-2019-18391 4Debian OpensuseRedhat+1 more 4Debian Linux Enterprise LinuxLeap+1 more Nov 21, 2024 Dec 23, 2019 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 A heap-based buffer overflow in the vrend_renderer_transfer_write_iov function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via VIRGL_CCMD_RESOURCE_INLINE_WRITE co...Show more A heap-based buffer overflow in the vrend_renderer_transfer_write_iov function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via VIRGL_CCMD_RESOURCE_INLINE_WRITE commands.Show less
CVE-2019-18390 4Debian OpensuseRedhat+1 more 4Debian Linux Enterprise LinuxLeap+1 more Nov 21, 2024 Dec 23, 2019 N/A· v4 7.1 HIGH· v3 3.6 LOW· v2 An out-of-bounds read in the vrend_blit_need_swizzle function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via VIRGL_CCMD_BLIT commands.
CVE-2019-18389 4Debian OpensuseRedhat+1 more 4Debian Linux Enterprise LinuxLeap+1 more Nov 21, 2024 Dec 23, 2019 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 A heap-based buffer overflow in the vrend_renderer_transfer_write_iov function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service, or QEMU guest-to-host escape and code...Show more A heap-based buffer overflow in the vrend_renderer_transfer_write_iov function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service, or QEMU guest-to-host escape and code execution, via VIRGL_CCMD_RESOURCE_INLINE_WRITE commands.Show less
CVE-2019-19926 8Debian NetappOpensuse+5 more 11Backports Sle Cloud BackupDebian Linux+8 more Nov 21, 2024 Dec 23, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite() calls. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-19...Show more multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite() calls. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-19880.Show less
CVE-2019-16786 5Agendaless DebianFedoraproject+2 more 5Communications Cloud Native Core Network Function Cloud Native Environment Debian LinuxFedora+2 more Nov 21, 2024 Dec 20, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Waitress through version 1.3.1 would parse the Transfer-Encoding header and only look for a single string value, if that value was not chunked it would fall through and use the Content-Length header instead. According to...Show more Waitress through version 1.3.1 would parse the Transfer-Encoding header and only look for a single string value, if that value was not chunked it would fall through and use the Content-Length header instead. According to the HTTP standard Transfer-Encoding should be a comma separated list, with the inner-most encoding first, followed by any further transfer codings, ending with chunked. Requests sent with: "Transfer-Encoding: gzip, chunked" would incorrectly get ignored, and the request would use a Content-Length header instead to determine the body size of the HTTP message. This could allow for Waitress to treat a single request as multiple requests in the case of HTTP pipelining. This issue is fixed in Waitress 1.4.0.Show less
CVE-2019-16785 5Agendaless DebianFedoraproject+2 more 5Communications Cloud Native Core Network Function Cloud Native Environment Debian LinuxFedora+2 more Nov 21, 2024 Dec 20, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Waitress through version 1.3.1 implemented a "MAY" part of the RFC7230 which states: "Although the line terminator for the start-line and header fields is the sequence CRLF, a recipient MAY recognize a single LF as a lin...Show more Waitress through version 1.3.1 implemented a "MAY" part of the RFC7230 which states: "Although the line terminator for the start-line and header fields is the sequence CRLF, a recipient MAY recognize a single LF as a line terminator and ignore any preceding CR." Unfortunately if a front-end server does not parse header fields with an LF the same way as it does those with a CRLF it can lead to the front-end and the back-end server parsing the same HTTP message in two different ways. This can lead to a potential for HTTP request smuggling/splitting whereby Waitress may see two requests while the front-end server only sees a single HTTP message. This issue is fixed in Waitress 1.4.0.Show less
CVE-2016-1000229 2Redhat Smartbear 3Jboss Fuse OpenshiftSwagger Ui Nov 21, 2024 Dec 20, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 swagger-ui has XSS in key names
CVE-2019-19342 1Redhat 1Ansible Tower Nov 21, 2024 Dec 19, 2019 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 A flaw was found in Ansible Tower, versions 3.6.x before 3.6.2 and 3.5.x before 3.5.4, when /websocket is requested and the password contains the '#' character. This request would cause a socket error in RabbitMQ when pa...Show more A flaw was found in Ansible Tower, versions 3.6.x before 3.6.2 and 3.5.x before 3.5.4, when /websocket is requested and the password contains the '#' character. This request would cause a socket error in RabbitMQ when parsing the password and an HTTP error code 500 and partial password disclose will occur in plaintext. An attacker could easily guess some predictable passwords or brute force the password.Show less
CVE-2019-19341 1Redhat 1Ansible Tower Nov 21, 2024 Dec 19, 2019 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 A flaw was found in Ansible Tower, versions 3.6.x before 3.6.2, where files in '/var/backup/tower' are left world-readable. These files include both the SECRET_KEY and the database backup. Any user with access to the Tow...Show more A flaw was found in Ansible Tower, versions 3.6.x before 3.6.2, where files in '/var/backup/tower' are left world-readable. These files include both the SECRET_KEY and the database backup. Any user with access to the Tower server, and knowledge of when a backup is run, could retrieve every credential stored in Tower. Access to data is the highest threat with this vulnerability.Show less
CVE-2019-19340 1Redhat 2Ansible Tower Enterprise Linux Nov 21, 2024 Dec 19, 2019 N/A· v4 8.2 HIGH· v3 6.4 MEDIUM· v2 A flaw was found in Ansible Tower, versions 3.6.x before 3.6.2 and 3.5.x before 3.5.3, where enabling RabbitMQ manager by setting it with '-e rabbitmq_enable_manager=true' exposes the RabbitMQ management interface public...Show more A flaw was found in Ansible Tower, versions 3.6.x before 3.6.2 and 3.5.x before 3.5.3, where enabling RabbitMQ manager by setting it with '-e rabbitmq_enable_manager=true' exposes the RabbitMQ management interface publicly, as expected. If the default admin user is still active, an attacker could guess the password and gain access to the system.Show less
CVE-2019-19906 7Apache AppleCanonical+4 more 19Bookkeeper Cyrus SaslDebian Linux+16 more Nov 21, 2024 Dec 19, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet. The OpenLDAP crash is ultimately caused by an off-by-one error in...Show more cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet. The OpenLDAP crash is ultimately caused by an off-by-one error in _sasl_add_string in common.c in cyrus-sasl.Show less
CVE-2018-1311 5Apache DebianFedoraproject+2 more 10Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+7 more Nov 4, 2025 Dec 18, 2019 N/A· v4 8.1 HIGH· v3 6.8 MEDIUM· v2 The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-free error triggered during the scanning of external DTDs. This flaw has not been addressed in the maintained version of the library and has no current m...Show more The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-free error triggered during the scanning of external DTDs. This flaw has not been addressed in the maintained version of the library and has no current mitigation other than to disable DTD processing. This can be accomplished via the DOM using a standard parser feature, or via SAX using the XERCES_DISABLE_DTD environment variable.Show less
CVE-2019-8816 2Apple Redhat 10Enterprise Linux Desktop Enterprise Linux ServerEnterprise Linux Workstation+7 more Nov 21, 2024 Dec 18, 2019 N/A· v4 8.8 HIGH· v3 9.3 HIGH· v2 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0,...Show more Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.Show less
CVE-2019-8815 2Apple Redhat 9Enterprise Linux Desktop Enterprise Linux ServerEnterprise Linux Workstation+6 more Nov 21, 2024 Dec 18, 2019 N/A· v4 8.8 HIGH· v3 9.3 HIGH· v2 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for W...Show more Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.Show less
CVE-2019-8814 2Apple Redhat 9Enterprise Linux Desktop Enterprise Linux ServerEnterprise Linux Workstation+6 more Nov 21, 2024 Dec 18, 2019 N/A· v4 8.8 HIGH· v3 9.3 HIGH· v2 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for W...Show more Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.Show less

Previous 1...798081...284 Next