Redhat

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2016-8669 4Debian OpensuseQemu+1 more 5Debian Linux LeapOpenstack+2 more May 6, 2026 Nov 4, 2016 N/A· v4 6.0 MEDIUM· v3 2.1 LOW· v2 The serial_update_parameters function in hw/char/serial.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (divide-by-zero error and QEMU process crash) via vectors involving...Show more The serial_update_parameters function in hw/char/serial.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (divide-by-zero error and QEMU process crash) via vectors involving a value of divider greater than baud base.Show less
CVE-2016-8576 4Debian OpensuseQemu+1 more 5Debian Linux LeapOpenstack+2 more May 6, 2026 Nov 4, 2016 N/A· v4 6.0 MEDIUM· v3 2.1 LOW· v2 The xhci_ring_fetch function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by leveraging failure to limit the n...Show more The xhci_ring_fetch function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by leveraging failure to limit the number of link Transfer Request Blocks (TRB) to process.Show less
CVE-2016-8864 4Debian IscNetapp+1 more 11Bind Data Ontap EdgeDebian Linux+8 more May 6, 2026 Nov 2, 2016 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 named in ISC BIND 9.x before 9.9.9-P4, 9.10.x before 9.10.4-P4, and 9.11.x before 9.11.0-P1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a DNAME record in the answer sectio...Show more named in ISC BIND 9.x before 9.9.9-P4, 9.10.x before 9.10.4-P4, and 9.11.x before 9.11.0-P1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a DNAME record in the answer section of a response to a recursive query, related to db.c and resolver.c.Show less
CVE-2016-7855 2Adobe Redhat 4Enterprise Linux Desktop Enterprise Linux ServerEnterprise Linux Workstation+1 more Apr 21, 2026 Nov 1, 2016 N/A· v4 8.8 HIGH· v3 9.3 HIGH· v2 Use-after-free vulnerability in Adobe Flash Player before 23.0.0.205 on Windows and OS X and before 11.2.202.643 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wil...Show more Use-after-free vulnerability in Adobe Flash Player before 23.0.0.205 on Windows and OS X and before 11.2.202.643 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in October 2016.Show less
CVE-2016-5629 3Mariadb OracleRedhat 8Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+5 more May 6, 2026 Oct 25, 2016 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Federated.
CVE-2016-5626 3Mariadb OracleRedhat 6Enterprise Linux Eus Enterprise Linux ServerEnterprise Linux Server Aus+3 more May 6, 2026 Oct 25, 2016 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to GIS.
CVE-2016-5624 3Mariadb OracleRedhat 8Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+5 more May 6, 2026 Oct 25, 2016 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier allows remote authenticated users to affect availability via vectors related to DML.
CVE-2016-5612 3Mariadb OracleRedhat 8Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+5 more May 6, 2026 Oct 25, 2016 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 Unspecified vulnerability in Oracle MySQL 5.5.50 and earlier, 5.6.31 and earlier, and 5.7.13 and earlier allows remote authenticated users to affect availability via vectors related to DML.
CVE-2016-3492 3Mariadb OracleRedhat 8Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+5 more May 6, 2026 Oct 25, 2016 N/A· v4 6.5 MEDIUM· v3 6.8 MEDIUM· v2 Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.
CVE-2016-1000033 2Gnome Redhat 2Enterprise Linux Shotwell May 6, 2026 Oct 25, 2016 N/A· v4 3.7 LOW· v3 4.3 MEDIUM· v2 Shotwell version 0.22.0 (and possibly other versions) is vulnerable to a TLS/SSL certification validation flaw resulting in a potential for man in the middle attacks.
CVE-2016-4286 2Adobe Redhat 5Enterprise Linux Desktop Enterprise Linux ServerEnterprise Linux Workstation+2 more May 6, 2026 Oct 13, 2016 N/A· v4 8.8 HIGH· v3 9.3 HIGH· v2 Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to bypass intended access restrictions via unspecified vectors.
CVE-2016-7796 3Novell RedhatSystemd Project 9Enterprise Linux Desktop Enterprise Linux Hpc NodeEnterprise Linux Server+6 more May 6, 2026 Oct 13, 2016 N/A· v4 5.5 MEDIUM· v3 4.9 MEDIUM· v2 The manager_dispatch_notify_fd function in systemd allows local users to cause a denial of service (system hang) via a zero-length message received over a notify socket, which causes an error to be returned and the notif...Show more The manager_dispatch_notify_fd function in systemd allows local users to cause a denial of service (system hang) via a zero-length message received over a notify socket, which causes an error to be returned and the notification handler to be disabled.Show less
CVE-2016-7065 1Redhat 1Jboss Enterprise Application Platform May 6, 2026 Oct 13, 2016 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 The JMX servlet in Red Hat JBoss Enterprise Application Platform (EAP) 4 and 5 allows remote authenticated users to cause a denial of service and possibly execute arbitrary code via a crafted serialized Java object.
CVE-2016-1000007 1Redhat 1Pagure May 6, 2026 Oct 7, 2016 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Pagure 2.2.1 XSS in raw file endpoint
CVE-2016-7040 1Redhat 1Cloudforms Management Engine May 6, 2026 Oct 7, 2016 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 Red Hat CloudForms Management Engine 4.1 does not properly handle regular expressions passed to the expression engine via the JSON API and the web-based UI, which allows remote authenticated users to execute arbitrary sh...Show more Red Hat CloudForms Management Engine 4.1 does not properly handle regular expressions passed to the expression engine via the JSON API and the web-based UI, which allows remote authenticated users to execute arbitrary shell commands by leveraging the ability to view and filter collections.Show less
CVE-2016-3699 2Linux Redhat 3Enterprise Mrg LinuxLinux Kernel May 6, 2026 Oct 7, 2016 N/A· v4 7.4 HIGH· v3 6.9 MEDIUM· v2 The Linux kernel, as used in Red Hat Enterprise Linux 7.2 and Red Hat Enterprise MRG 2 and when booted with UEFI Secure Boot enabled, allows local users to bypass intended Secure Boot restrictions and execute untrusted c...Show more The Linux kernel, as used in Red Hat Enterprise Linux 7.2 and Red Hat Enterprise MRG 2 and when booted with UEFI Secure Boot enabled, allows local users to bypass intended Secure Boot restrictions and execute untrusted code by appending ACPI tables to the initrd.Show less
CVE-2016-7046 1Redhat 1Jboss Enterprise Application Platform May 6, 2026 Oct 3, 2016 N/A· v4 5.9 MEDIUM· v3 7.1 HIGH· v2 Red Hat JBoss Enterprise Application Platform (EAP) 7, when operating as a reverse-proxy with default buffer sizes, allows remote attackers to cause a denial of service (CPU and disk consumption) via a long URL.
CVE-2016-7031 2Ceph Project Redhat 2Ceph Ceph Storage May 6, 2026 Oct 3, 2016 N/A· v4 7.5 HIGH· v3 4.3 MEDIUM· v2 The RGW code in Ceph before 10.0.1, when authenticated-read ACL is applied to a bucket, allows remote attackers to list the bucket contents via a URL.
CVE-2016-5432 1Redhat 1Enterprise Virtualization May 6, 2026 Oct 3, 2016 N/A· v4 3.3 LOW· v3 2.1 LOW· v2 The ovirt-engine-provisiondb utility in Red Hat Enterprise Virtualization (RHEV) Engine 4.0 allows local users to obtain sensitive database provisioning information by reading log files.
CVE-2016-5398 1Redhat 1Jboss Bpm Suite May 6, 2026 Oct 3, 2016 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 Cross-site scripting (XSS) vulnerability in Business Process Editor in Red Hat JBoss BPM Suite before 6.3.3 allows remote authenticated users to inject arbitrary web script or HTML by levering permission to create busine...Show more Cross-site scripting (XSS) vulnerability in Business Process Editor in Red Hat JBoss BPM Suite before 6.3.3 allows remote authenticated users to inject arbitrary web script or HTML by levering permission to create business processes.Show less

Previous 1...186187188...285 Next