Redhat

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2014-0023 1Redhat 1Openshift Nov 21, 2024 Nov 15, 2019 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 OpenShift: Install script has temporary file creation vulnerability which can result in arbitrary code execution
CVE-2018-12207 8Canonical DebianF5+5 more 778Big Ip Access Policy Manager Big Ip Advanced Firewall ManagerBig Ip Analytics+775 more Nov 21, 2024 Nov 14, 2019 N/A· v4 6.5 MEDIUM· v3 4.9 MEDIUM· v2 Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local acces...Show more Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access.Show less
CVE-2019-11135 9Canonical DebianFedoraproject+6 more 160Apollo 2000 Firmware Apollo 4200 FirmwareCeleron 5305u Firmware+157 more May 28, 2026 Nov 14, 2019 N/A· v4 6.5 MEDIUM· v3 2.1 LOW· v2 TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.
CVE-2019-0155 3Canonical IntelRedhat 357Atom X5 E3930 Firmware Atom X5 E3940 FirmwareAtom X7 E3950 Firmware+354 more Nov 21, 2024 Nov 14, 2019 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 Insufficient access control in a subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) C...Show more Insufficient access control in a subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) Atom(R) Processor A and E3900 Series; Intel(R) Xeon(R) Processor E3-1500 v5 and v6, E-2100 and E-2200 Processor Families; Intel(R) Graphics Driver for Windows before 26.20.100.6813 (DCH) or 26.20.100.6812 and before 21.20.x.5077 (aka15.45.5077), i915 Linux Driver for Intel(R) Processor Graphics before versions 5.4-rc7, 5.3.11, 4.19.84, 4.14.154, 4.9.201, 4.4.201 may allow an authenticated user to potentially enable escalation of privilege via local access.Show less
CVE-2019-14818 3Dpdk FedoraprojectRedhat 5Data Plane Development Kit Enterprise Linux Fast DatapathFedora+2 more Nov 21, 2024 Nov 14, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 A flaw was found in all dpdk version 17.x.x before 17.11.8, 16.x.x before 16.11.10, 18.x.x before 18.11.4 and 19.x.x before 19.08.1 where a malicious master, or a container with access to vhost_user socket, can send spec...Show more A flaw was found in all dpdk version 17.x.x before 17.11.8, 16.x.x before 16.11.10, 18.x.x before 18.11.4 and 19.x.x before 19.08.1 where a malicious master, or a container with access to vhost_user socket, can send specially crafted VRING_SET_NUM messages, resulting in a memory leak including file descriptors. This flaw could lead to a denial of service condition.Show less
CVE-2012-1168 3Fedoraproject MoodleRedhat 3Enterprise Linux FedoraMoodle Nov 21, 2024 Nov 14, 2019 N/A· v4 8.2 HIGH· v3 6.4 MEDIUM· v2 Moodle before 2.2.2 has a password and web services issue where when the user profile is updated the user password is reset if not specified.
CVE-2012-1156 3Fedoraproject MoodleRedhat 3Enterprise Linux FedoraMoodle Nov 21, 2024 Nov 14, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Moodle before 2.2.2 has users' private files included in course backups
CVE-2012-1155 4Debian FedoraprojectMoodle+1 more 4Debian Linux Enterprise LinuxFedora+1 more Nov 21, 2024 Nov 14, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Moodle has a database activity export permission issue where the export function of the database activity module exports all entries even those from groups the user does not belong to
CVE-2011-1145 4Debian OpensuseRedhat+1 more 4Debian Linux Enterprise LinuxOpensuse+1 more Nov 21, 2024 Nov 14, 2019 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 The SQLDriverConnect() function in unixODBC before 2.2.14p2 have a possible buffer overflow condition when specifying a large value for SAVEFILE parameter in the connection string.
CVE-2010-4664 3Consolekit Project DebianRedhat 3Consolekit Debian LinuxEnterprise Linux Nov 21, 2024 Nov 13, 2019 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 In ConsoleKit before 0.4.2, an intended security policy restriction bypass was found. This flaw allows an authenticated system user to escalate their privileges by initiating a remote VNC session.
CVE-2010-4661 5Debian FedoraprojectOpensuse+2 more 5Debian Linux Enterprise LinuxFedora+2 more Nov 21, 2024 Nov 13, 2019 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 udisks before 1.0.3 allows a local user to load arbitrary Linux kernel modules.
CVE-2010-4657 3Debian PhpRedhat 3Debian Linux Enterprise LinuxPhp Nov 21, 2024 Nov 13, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 PHP5 before 5.4.4 allows passing invalid utf-8 strings via the xmlTextWriterWriteAttribute, which are then misparsed by libxml2. This results in memory leak into the resulting output.
CVE-2014-8167 1Redhat 3Enterprise Virtualization VdsclientVirtual Desktop Server Manager Nov 21, 2024 Nov 13, 2019 N/A· v4 5.9 MEDIUM· v3 4.3 MEDIUM· v2 vdsm and vdsclient does not validate certficate hostname from another vdsm which could facilitate a man-in-the-middle attack
CVE-2014-3655 1Redhat 2Jboss Enterprise Web Server Keycloak Nov 21, 2024 Nov 13, 2019 N/A· v4 4.3 MEDIUM· v3 4.3 MEDIUM· v2 JBoss KeyCloak is vulnerable to soft token deletion via CSRF
CVE-2014-3592 1Redhat 1Openshift Origin Nov 21, 2024 Nov 13, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 OpenShift Origin: Improperly validated team names could allow stored XSS attacks
CVE-2010-3857 1Redhat 1Jboss Business Rules Management System Nov 21, 2024 Nov 12, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 JBoss BRMS before 5.1.0 has a XSS vulnerability via asset=UUID parameter.
CVE-2014-3599 1Redhat 1Hornetq Nov 21, 2024 Nov 12, 2019 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 HornetQ REST is vulnerable to XML External Entity due to insecure configuration of RestEasy
CVE-2011-2897 3Debian GnomeRedhat 3Debian Linux Enterprise LinuxGdk Pixbuf Nov 21, 2024 Nov 12, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 gdk-pixbuf through 2.31.1 has GIF loader buffer overflow when initializing decompression tables due to an input validation flaw
CVE-2009-3552 1Redhat 1Enterprise Virtualization Manager Nov 21, 2024 Nov 9, 2019 N/A· v4 3.1 LOW· v3 2.9 LOW· v2 In RHEV-M VDC 2.2.0, it was found that the SSL certificate was not verified when using the client-side Red Hat Enterprise Virtualization Manager interface (a Windows Presentation Foundation (WPF) XAML browser application...Show more In RHEV-M VDC 2.2.0, it was found that the SSL certificate was not verified when using the client-side Red Hat Enterprise Virtualization Manager interface (a Windows Presentation Foundation (WPF) XAML browser application) to connect to the Red Hat Enterprise Virtualization Manager. An attacker on the local network could use this flaw to conduct a man-in-the-middle attack, tricking the user into thinking they are viewing the Red Hat Enterprise Virtualization Manager when the content is actually attacker-controlled, or modifying actions a user requested Red Hat Enterprise Virtualization Manager to perform.Show less
CVE-2019-3866 1Redhat 1Openstack Mistral Nov 21, 2024 Nov 8, 2019 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 An information-exposure vulnerability was discovered where openstack-mistral's undercloud log files containing clear-text information were made world readable. A malicious system user could exploit this flaw to access se...Show more An information-exposure vulnerability was discovered where openstack-mistral's undercloud log files containing clear-text information were made world readable. A malicious system user could exploit this flaw to access sensitive user information.Show less

Previous 1...878889...284 Next