CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Redhat : Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
451 CVE-2015-5274 77 Exec Code 2015-09-18 2015-09-22
6.5
None Remote Low ??? Partial Partial Partial
rubygem-openshift-origin-console in Red Hat OpenShift 2.2 allows remote authenticated users to execute arbitrary commands via a crafted request to the Broker.
452 CVE-2015-5242 94 Exec Code 2015-11-25 2015-11-27
6.0
None Remote Medium ??? Partial Partial Partial
OpenStack Swift-on-File (aka Swiftonfile) does not properly restrict use of the pickle Python module when loading metadata, which allows remote authenticated users to execute arbitrary code via a crafted extended attribute (xattrs).
453 CVE-2015-5234 20 Bypass 2015-10-09 2018-10-30
6.8
None Remote Medium Not required Partial Partial Partial
IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly sanitize applet URLs, which allows remote attackers to inject applets into the .appletTrustSettings configuration file and bypass user approval to execute the applet via a crafted web page, possibly related to line breaks.
454 CVE-2015-5233 264 2016-04-11 2016-04-20
6.0
None Remote Medium ??? Partial Partial Partial
Foreman before 1.8.4 and 1.9.x before 1.9.1 do not properly apply view_hosts permissions, which allows (1) remote authenticated users with the view_reports permission to read reports from arbitrary hosts or (2) remote authenticated users with the destroy_reports permission to delete reports from arbitrary hosts via direct access to the (a) individual report show/delete pages or (b) APIs.
455 CVE-2015-5188 352 CSRF 2015-10-27 2015-10-28
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in the Web Console (web-console) in Red Hat Enterprise Application Platform before 6.4.4 and WildFly (formerly JBoss Application Server) before 2.0.0.CR9 allows remote attackers to hijack the authentication of administrators for requests that make arbitrary changes to an instance via vectors involving a file upload using a multipart/form-data submission.
456 CVE-2015-5182 352 CSRF 2017-09-25 2021-07-26
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in the jolokia API in A-MQ.
457 CVE-2015-5041 200 +Info 2016-06-06 2019-06-19
6.4
None Remote Low Not required Partial Partial None
The J9 JVM in IBM SDK, Java Technology Edition 6 before SR16 FP20, 6 R1 before SR8 FP20, 7 before SR9 FP30, and 7 R1 before SR3 FP30 allows remote attackers to obtain sensitive information or inject data by invoking non-public interface methods.
458 CVE-2015-3411 20 Bypass 2016-05-16 2019-04-22
6.4
None Remote Low Not required Partial Partial None
PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read or write to arbitrary files via crafted input to an application that calls (1) a DOMDocument load method, (2) the xmlwriter_open_uri function, (3) the finfo_file function, or (4) the hash_hmac_file function, as demonstrated by a filename\0.xml attack that bypasses an intended configuration in which client users may read only .xml files.
459 CVE-2015-3330 20 DoS Exec Code 2015-06-09 2019-12-27
6.8
None Remote Medium Not required Partial Partial Partial
The php_handler function in sapi/apache2handler/sapi_apache2.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, when the Apache HTTP Server 2.4.x is used, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via pipelined HTTP requests that result in a "deconfigured interpreter."
460 CVE-2015-3247 119 DoS Exec Code Overflow Mem. Corr. 2015-09-08 2019-04-22
6.9
None Local Medium Not required Complete Complete Complete
Race condition in the worker_update_monitors_config function in SPICE 0.12.4 allows a remote authenticated guest user to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possibly execute arbitrary code on the host via unspecified vectors.
461 CVE-2015-1848 310 2015-05-14 2016-12-31
6.8
None Remote Medium Not required Partial Partial Partial
The pcs daemon (pcsd) in PCS 0.9.137 and earlier does not set the secure flag for a cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session. NOTE: this issue was SPLIT per ADT2 due to different vulnerability types. CVE-2015-3983 is for the issue with not setting the HTTPOnly flag.
462 CVE-2015-1806 264 Exec Code +Priv 2015-10-16 2016-06-15
6.5
None Remote Low ??? Partial Partial Partial
The combination filter Groovy script in Jenkins before 1.600 and LTS before 1.596.1 allows remote authenticated users with job configuration permission to gain privileges and execute arbitrary code on the master via unspecified vectors.
463 CVE-2015-1774 119 DoS Exec Code Overflow 2015-04-28 2017-01-03
6.8
None Remote Medium Not required Partial Partial Partial
The HWP filter in LibreOffice before 4.3.7 and 4.4.x before 4.4.2 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted HWP document, which triggers an out-of-bounds write.
464 CVE-2015-1288 17 2015-07-23 2018-10-30
6.8
None Remote Medium Not required Partial Partial Partial
The Spellcheck API implementation in Google Chrome before 44.0.2403.89 does not use an HTTPS session for downloading a Hunspell dictionary, which allows man-in-the-middle attackers to deliver incorrect spelling suggestions or possibly have unspecified other impact via a crafted file, a related issue to CVE-2015-1263.
465 CVE-2015-1282 DoS 2015-07-23 2018-10-30
6.8
None Remote Medium Not required Partial Partial Partial
Multiple use-after-free vulnerabilities in fpdfsdk/src/javascript/Document.cpp in PDFium, as used in Google Chrome before 44.0.2403.89, allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document, related to the (1) Document::delay and (2) Document::DoFieldDelay functions.
466 CVE-2015-1274 254 Exec Code 2015-07-23 2018-10-30
6.8
None Remote Medium Not required Partial Partial Partial
Google Chrome before 44.0.2403.89 does not ensure that the auto-open list omits all dangerous file types, which makes it easier for remote attackers to execute arbitrary code by providing a crafted file and leveraging a user's previous "Always open files of this type" choice, related to download_commands.cc and download_prefs.cc.
467 CVE-2015-1273 119 DoS Overflow 2015-07-23 2018-10-30
6.8
None Remote Medium Not required Partial Partial Partial
Heap-based buffer overflow in j2k.c in OpenJPEG before r3002, as used in PDFium in Google Chrome before 44.0.2403.89, allows remote attackers to cause a denial of service or possibly have unspecified other impact via invalid JPEG2000 data in a PDF document.
468 CVE-2015-1271 119 DoS Overflow 2015-07-23 2018-10-30
6.8
None Remote Medium Not required Partial Partial Partial
PDFium, as used in Google Chrome before 44.0.2403.89, does not properly handle certain out-of-memory conditions, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted PDF document that triggers a large memory allocation.
469 CVE-2015-1270 19 DoS 2015-07-23 2018-10-30
6.8
None Remote Medium Not required Partial Partial Partial
The ucnv_io_getConverterName function in common/ucnv_io.cpp in International Components for Unicode (ICU), as used in Google Chrome before 44.0.2403.89, mishandles converter names with initial x- substrings, which allows remote attackers to cause a denial of service (read of uninitialized memory) or possibly have unspecified other impact via a crafted file.
470 CVE-2015-1220 DoS 2015-03-09 2016-12-22
6.8
None Remote Medium Not required Partial Partial Partial
Use-after-free vulnerability in the GIFImageReader::parseData function in platform/image-decoders/gif/GIFImageReader.cpp in Blink, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted frame size in a GIF image.
471 CVE-2015-0831 DoS Exec Code Mem. Corr. 2015-02-25 2019-04-22
6.8
None Remote Medium Not required Partial Partial Partial
Use-after-free vulnerability in the mozilla::dom::IndexedDB::IDBObjectStore::CreateIndex function in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted content that is improperly handled during IndexedDB index creation.
472 CVE-2015-0797 DoS Exec Code 2015-05-14 2020-09-28
6.8
None Remote Medium Not required Partial Partial Partial
GStreamer before 1.4.5, as used in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 on Linux, allows remote attackers to cause a denial of service (buffer over-read and application crash) or possibly execute arbitrary code via crafted H.264 video data in an m4v file.
473 CVE-2015-0279 94 Exec Code 2015-03-26 2019-07-23
6.8
None Remote Medium Not required Partial Partial Partial
JBoss RichFaces before 4.5.4 allows remote attackers to inject expression language (EL) expressions and execute arbitrary Java code via the do parameter.
474 CVE-2015-0250 DoS 2015-03-24 2017-11-04
6.4
None Remote Low Not required Partial None Partial
XML external entity (XXE) vulnerability in the SVG to (1) PNG and (2) JPG conversion classes in Apache Batik 1.x before 1.8 allows remote attackers to read arbitrary files or cause a denial of service via a crafted SVG file.
475 CVE-2015-0237 264 DoS 2015-05-01 2016-04-11
6.8
None Remote Low ??? None None Complete
Red Hat Enterprise Virtualization (RHEV) Manager before 3.5.1 ignores the permission to deny snapshot creation during live storage migration between domains, which allows remote authenticated users to cause a denial of service (prevent host start) by creating a long snapshot chain.
476 CVE-2014-9751 20 2015-10-06 2021-09-08
6.8
None Remote Medium Not required Partial Partial Partial
The read_network_packet function in ntp_io.c in ntpd in NTP 4.x before 4.2.8p1 on Linux and OS X does not properly determine whether a source IP address is an IPv6 loopback address, which makes it easier for remote attackers to spoof restricted packets, and read or write to the runtime state, by leveraging the ability to reach the ntpd machine's network interface with a packet from the ::1 address.
477 CVE-2014-9673 119 DoS Overflow 2015-02-08 2018-10-30
6.8
None Remote Medium Not required Partial Partial Partial
Integer signedness error in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted Mac font.
478 CVE-2014-9669 125 DoS Overflow Mem. Corr. 2015-02-08 2018-10-30
6.8
None Remote Medium Not required Partial Partial Partial
Multiple integer overflows in sfnt/ttcmap.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service (out-of-bounds read or memory corruption) or possibly have unspecified other impact via a crafted cmap SFNT table.
479 CVE-2014-9667 119 DoS Overflow 2015-02-08 2018-10-30
6.8
None Remote Medium Not required Partial Partial Partial
sfnt/ttload.c in FreeType before 2.5.4 proceeds with offset+length calculations without restricting the values, which allows remote attackers to cause a denial of service (integer overflow and out-of-bounds read) or possibly have unspecified other impact via a crafted SFNT table.
480 CVE-2014-9666 189 DoS Overflow 2015-02-08 2018-10-30
6.8
None Remote Medium Not required Partial Partial Partial
The tt_sbit_decoder_init function in sfnt/ttsbit.c in FreeType before 2.5.4 proceeds with a count-to-size association without restricting the count value, which allows remote attackers to cause a denial of service (integer overflow and out-of-bounds read) or possibly have unspecified other impact via a crafted embedded bitmap.
481 CVE-2014-9664 119 DoS Overflow 2015-02-08 2018-10-30
6.8
None Remote Medium Not required Partial Partial Partial
FreeType before 2.5.4 does not check for the end of the data during certain parsing actions, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted Type42 font, related to type42/t42parse.c and type1/t1load.c.
482 CVE-2014-9529 362 DoS Mem. Corr. 2015-01-09 2020-05-21
6.9
None Local Medium Not required Complete Complete Complete
Race condition in the key_gc_unused_keys function in security/keys/gc.c in the Linux kernel through 3.18.2 allows local users to cause a denial of service (memory corruption or panic) or possibly have unspecified other impact via keyctl commands that trigger access to a key structure member during garbage collection of a key.
483 CVE-2014-8769 119 DoS Overflow +Info 2014-11-20 2018-10-09
6.4
None Remote Low Not required Partial None Partial
tcpdump 3.8 through 4.6.2 might allow remote attackers to obtain sensitive information from memory or cause a denial of service (packet loss or segmentation fault) via a crafted Ad hoc On-Demand Distance Vector (AODV) packet, which triggers an out-of-bounds memory access.
484 CVE-2014-8183 284 2019-08-01 2019-10-09
6.5
None Remote Low ??? Partial Partial Partial
It was found that foreman, versions 1.x.x before 1.15.6, in Satellite 6 did not properly enforce access controls on certain resources. An attacker with access to the API and knowledge of the resource name can access resources in other organizations.
485 CVE-2014-8175 264 Bypass 2015-07-08 2015-07-09
6.0
None Remote Medium ??? Partial Partial Partial
Red Hat JBoss Fuse before 6.2.0 allows remote authenticated users to bypass intended restrictions and access the HawtIO console by leveraging an account defined in the users.properties file.
486 CVE-2014-8158 119 DoS Exec Code Overflow 2015-01-26 2018-10-30
6.8
None Remote Medium Not required Partial Partial Partial
Multiple stack-based buffer overflows in jpc_qmfb.c in JasPer 1.900.1 and earlier allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 image.
487 CVE-2014-8141 787 Exec Code Overflow 2020-01-31 2020-02-05
6.8
None Remote Medium Not required Partial Partial Partial
Heap-based buffer overflow in the getZip64Data function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.
488 CVE-2014-8140 787 Exec Code Overflow 2020-01-31 2020-02-05
6.8
None Remote Medium Not required Partial Partial Partial
Heap-based buffer overflow in the test_compr_eb function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.
489 CVE-2014-8139 787 Exec Code Overflow 2020-01-31 2020-02-05
6.8
None Remote Medium Not required Partial Partial Partial
Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.
490 CVE-2014-8137 DoS Exec Code 2014-12-24 2018-01-05
6.8
None Remote Medium Not required Partial Partial Partial
Double free vulnerability in the jas_iccattrval_destroy function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted ICC color profile in a JPEG 2000 image file.
491 CVE-2014-8129 787 DoS 2018-03-12 2018-04-06
6.8
None Remote Medium Not required Partial Partial Partial
LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by failure of tif_next.c to verify that the BitsPerSample value is 2, and the t2p_sample_lab_signed_to_unsigned function in tiff2pdf.c.
492 CVE-2014-8115 264 Bypass 2015-02-20 2015-03-23
6.5
None Remote Low ??? Partial Partial Partial
The default authorization constrains in KIE Workbench 6.0.x allows remote authenticated users to read or write to arbitrary files, bypass intended access restrictions, and possibly have other unspecified impact via unknown vectors.
493 CVE-2014-8114 264 Exec Code 2015-02-20 2019-04-12
6.8
None Remote Medium Not required Partial Partial Partial
The UberFire Framework 0.3.x does not properly restrict paths, which allows remote attackers to (1) execute arbitrary code by uploading crafted content to FileUploadServlet or (2) read arbitrary files via vectors involving FileDownloadServlet.
494 CVE-2014-7851 264 +Priv 2017-10-16 2019-11-06
6.0
None Remote Medium ??? Partial Partial Partial
oVirt 3.2.2 through 3.5.0 does not invalidate the restapi session after logout from the webadmin, which allows remote authenticated users with knowledge of another user's session data to gain that user's privileges by replacing their session token with that of another user.
495 CVE-2014-7839 20 2014-11-25 2015-04-23
6.4
None Remote Low Not required Partial None Partial
DocumentProvider in RESTEasy 2.3.7 and 3.0.9 does not configure the (1) external-general-entities or (2) external-parameter-entities features, which allows remote attackers to conduct XML external entity (XXE) attacks via unspecified vectors.
496 CVE-2014-7814 89 Exec Code Sql 2015-01-16 2015-01-20
6.5
None Remote Low ??? Partial Partial Partial
SQL injection vulnerability in Red Hat CloudForms 3.1 Management Engine (CFME) 5.3 allows remote authenticated users to execute arbitrary SQL commands via a crafted REST API request to an SQL filter.
497 CVE-2014-6055 119 DoS Exec Code Overflow 2014-09-30 2020-10-23
6.5
None Remote Low ??? Partial Partial Partial
Multiple stack-based buffer overflows in the File Transfer feature in rfbserver.c in LibVNCServer 0.9.9 and earlier allow remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a (1) long file or (2) directory name or the (3) FileTime attribute in a rfbFileTransferOffer message.
498 CVE-2014-5075 310 2014-10-25 2016-11-28
6.8
None Remote Medium Not required Partial Partial Partial
The Ignite Realtime Smack XMPP API 4.x before 4.0.2, and 3.x and 2.x when a custom SSLContext is used, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
499 CVE-2014-5045 59 DoS 2014-08-01 2020-08-14
6.2
None Local High Not required Complete Complete Complete
The mountpoint_last function in fs/namei.c in the Linux kernel before 3.15.8 does not properly maintain a certain reference count during attempts to use the umount system call in conjunction with a symlink, which allows local users to cause a denial of service (memory consumption or use-after-free) or possibly have unspecified other impact via the umount program.
500 CVE-2014-4943 269 1 +Priv 2014-07-19 2020-08-14
6.9
None Local Medium Not required Complete Complete Complete
The PPPoL2TP feature in net/l2tp/l2tp_ppp.c in the Linux kernel through 3.15.6 allows local users to gain privileges by leveraging data-structure differences between an l2tp socket and an inet socket.
Total number of vulnerabilities : 638   Page : 1 2 3 4 5 6 7 8 9 10 (This Page)11 12 13
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.