Redhat
redhat
5,653 CVEs • 536 products
Products (536)
Click to collapseToggle
Products (536)
Click to collapse
CVEs (5,653)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
2Apple Redhat3Enterprise Linux Mac Os XMac Os X ServerApr 23, 2026 Jun 2, 2008 N/A· v4 N/A· v3 4.3 MEDIUM· v2 The International Components for Unicode (ICU) library in Apple Mac OS X before 10.5.3, Red Hat Enterprise Linux 5, and other operating systems omits some invalid character sequences during conversion of some character e...Show more |
1Redhat 5Desktop Enterprise LinuxEnterprise Linux Desktop+2 moreApr 23, 2026 May 23, 2008 N/A· v4 N/A· v3 7.5 HIGH· v2 Buffer overflow in pattern.c in libxslt before 1.1.24 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XSL style sheet file with a long XSLT "transformati...Show more |
Cross-site scripting (XSS) vulnerability in the Red Hat Network channel search feature, as used in RHN and Red Hat Network Satellite before 5.0.2, allows remote attackers to inject arbitrary web script or HTML via unknow...Show more |
3Foresight Linux RedhatRpath4Appliance Platform Agent AppliancesEnterprise Linux+1 moreApr 23, 2026 May 22, 2008 N/A· v4 N/A· v3 7.1 HIGH· v2 Memory leak in a certain Red Hat patch, applied to vsftpd 2.0.5 on Red Hat Enterprise Linux (RHEL) 5 and Fedora 6 through 8, and on Foresight Linux and rPath appliances, allows remote attackers to cause a denial of servi...Show more |
1Redhat 2Directory Server Fedora Directory ServerApr 23, 2026 May 12, 2008 N/A· v4 N/A· v3 7.5 HIGH· v2 Buffer overflow in the regular expression handler in Red Hat Directory Server 8.0 and 7.1 before SP6 allows remote attackers to cause a denial of service (slapd crash) and possibly execute arbitrary code via a crafted LD...Show more |
1Redhat 2Enterprise Linux Enterprise Linux DesktopApr 23, 2026 May 8, 2008 N/A· v4 N/A· v3 4.9 MEDIUM· v2 Linux kernel 2.6.18, and possibly other versions, when running on AMD64 architectures, allows local users to cause a denial of service (crash) via certain ptrace calls. |
1Redhat 2Enterprise Linux Enterprise Linux DesktopApr 23, 2026 May 8, 2008 N/A· v4 N/A· v3 7.1 HIGH· v2 The IPsec implementation in Linux kernel before 2.6.25 allows remote routers to cause a denial of service (crash) via a fragmented ESP packet in which the first fragment does not contain the entire ESP header and IV. |
1Redhat 2Enterprise Linux Enterprise Linux DesktopApr 23, 2026 May 8, 2008 N/A· v4 N/A· v3 4.9 MEDIUM· v2 Linux kernel before 2.4.21 allows local users to cause a denial of service (kernel panic) via asynchronous input or output on a FIFO special file. |
Red Hat Administration Server, as used by Red Hat Directory Server 8.0 EL4 and EL5, does not properly restrict access to CGI scripts, which allows remote attackers to perform administrative actions. |
1Redhat 2Directory Server Fedora Directory ServerApr 23, 2026 Apr 16, 2008 N/A· v4 N/A· v3 9.0 HIGH· v2 The replication monitor CGI script (repl-monitor-cgi.pl) in Red Hat Administration Server, as used by Red Hat Directory Server 8.0 EL4 and EL5, allows remote attackers to execute arbitrary commands. |
The Replace function in the capp-lspp-config script in the (1) lspp-eal4-config-ibm and (2) capp-lspp-eal4-config-hp packages before 0.65-2 in Red Hat Enterprise Linux (RHEL) 5 uses lstat instead of stat to determine the...Show more |
Red Hat Directory Server 8.0, when running on Red Hat Enterprise Linux, uses insecure permissions for the redhat-idm-console script, which allows local users to execute arbitrary code by modifying the script. |
Red Hat Directory Server 7.1 before SP4 uses insecure permissions for certain directories, which allows local users to modify JAR files and execute arbitrary code via unknown vectors. |
The default IPSec ifup script in Red Hat Enterprise Linux 3 through 5 configures racoon to use aggressive IKE mode instead of main IKE mode, which makes it easier for remote attackers to conduct brute force attacks by sn...Show more |
4Fedoraproject FreedesktopMandrakesoft+1 more4Dbus Enterprise LinuxFedora+1 moreApr 23, 2026 Feb 29, 2008 N/A· v4 N/A· v3 4.6 MEDIUM· v2 dbus-daemon in D-Bus before 1.0.3, and 1.1.x before 1.1.20, recognizes send_interface attributes in allow directives in the security policy only for fully qualified method calls, which allows local users to bypass intend...Show more |
1Redhat 2Enterprise Linux Enterprise Linux DesktopApr 23, 2026 Feb 5, 2008 N/A· v4 N/A· v3 7.2 HIGH· v2 The Linux kernel 2.6.9 before 2.6.9-67 in Red Hat Enterprise Linux (RHEL) 4 on Itanium (ia64) does not properly handle page faults during NUMA memory access, which allows local users to cause a denial of service (panic)...Show more |
2Apache Redhat4Enterprise Linux Desktop Enterprise Linux ServerEnterprise Linux Workstation+1 moreApr 23, 2026 Jan 25, 2008 N/A· v4 N/A· v3 2.6 LOW· v2 CRLF injection vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote...Show more |
2Apache Redhat5Enterprise Linux Desktop Enterprise Linux ServerEnterprise Linux Workstation+2 moreApr 23, 2026 Jan 25, 2008 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series a...Show more |
3Debian MandrakesoftRedhat4Debian Linux FedoraMandrake Linux+1 moreApr 23, 2026 Jan 12, 2008 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The xmlCurrentChar function in libxml2 before 2.6.31 allows context-dependent attackers to cause a denial of service (infinite loop) via XML containing invalid UTF-8 sequences. |
The default configuration for autofs 5 (autofs5) in some Linux distributions, such as Red Hat Enterprise Linux (RHEL) 4 and 5, does not specify the nodev mount option for the -hosts map, which allows local users to acces...Show more |