CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Redhat : Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1851 CVE-2017-3106 704 Exec Code 2017-08-11 2021-12-07
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Flash Player versions 26.0.0.137 and earlier have an exploitable type confusion vulnerability when parsing SWF files. Successful exploitation could lead to arbitrary code execution.
1852 CVE-2017-3100 119 Overflow Mem. Corr. 2017-07-17 2021-11-23
5.0
None Remote Low Not required Partial None None
Adobe Flash Player versions 26.0.0.131 and earlier have an exploitable memory corruption vulnerability in the Action Script 2 BitmapData class. Successful exploitation could lead to memory address disclosure.
1853 CVE-2017-3099 119 Exec Code Overflow Mem. Corr. 2017-07-17 2021-11-23
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player versions 26.0.0.131 and earlier have an exploitable memory corruption vulnerability in the Action Script 3 raster data model. Successful exploitation could lead to arbitrary code execution.
1854 CVE-2017-3085 200 Bypass +Info 2017-08-11 2021-12-01
5.0
None Remote Low Not required Partial None None
Adobe Flash Player versions 26.0.0.137 and earlier have a security bypass vulnerability that leads to information disclosure when performing URL redirect.
1855 CVE-2017-3080 200 Bypass +Info 2017-07-17 2021-11-26
5.0
None Remote Low Not required Partial None None
Adobe Flash Player versions 26.0.0.131 and earlier have a security bypass vulnerability related to the Flash API used by Internet Explorer. Successful exploitation could lead to information disclosure.
1856 CVE-2017-3074 119 Exec Code Overflow Mem. Corr. 2017-05-09 2021-11-26
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Graphics class. Successful exploitation could lead to arbitrary code execution.
1857 CVE-2017-3073 416 Exec Code Mem. Corr. 2017-05-09 2021-11-26
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when handling multiple mask properties of display objects, aka memory corruption. Successful exploitation could lead to arbitrary code execution.
1858 CVE-2017-3072 119 Exec Code Overflow Mem. Corr. 2017-05-09 2021-11-26
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BitmapData class. Successful exploitation could lead to arbitrary code execution.
1859 CVE-2017-3071 416 Exec Code 2017-05-09 2021-11-26
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when masking display objects. Successful exploitation could lead to arbitrary code execution.
1860 CVE-2017-3070 119 Exec Code Overflow Mem. Corr. 2017-05-09 2021-11-26
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the ConvolutionFilter class. Successful exploitation could lead to arbitrary code execution.
1861 CVE-2017-3069 119 Exec Code Overflow Mem. Corr. 2017-05-09 2021-11-26
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BlendMode class. Successful exploitation could lead to arbitrary code execution.
1862 CVE-2017-3068 119 Exec Code Overflow Mem. Corr. 2017-05-09 2021-11-23
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Advanced Video Coding engine. Successful exploitation could lead to arbitrary code execution.
1863 CVE-2017-2885 119 Exec Code Overflow 2018-04-24 2020-12-07
7.5
None Remote Low Not required Partial Partial Partial
An exploitable stack based buffer overflow vulnerability exists in the GNOME libsoup 2.58. A specially crafted HTTP request can cause a stack overflow resulting in remote code execution. An attacker can send a special HTTP request to the vulnerable server to trigger this vulnerability.
1864 CVE-2017-2674 79 XSS 2018-07-27 2019-10-09
3.5
None Remote Medium ??? None Partial None
JBoss BRMS 6 and BPM Suite 6 before 6.4.3 are vulnerable to a stored XSS via several lists in Business Central. The flaw is due to lack of sanitation of user input when creating new lists. Remote, authenticated attackers that have privileges to create lists can store scripts in them, which are not properly sanitized before showing to other users, including admins.
1865 CVE-2017-2673 863 2018-07-19 2021-08-04
6.5
None Remote Low ??? Partial Partial Partial
An authorization-check flaw was discovered in federation configurations of the OpenStack Identity service (keystone). An authenticated federated user could request permissions to a project and unintentionally be granted all related roles including administrative roles.
1866 CVE-2017-2672 269 2018-06-21 2019-10-09
4.0
None Remote Low ??? Partial None None
A flaw was found in foreman before version 1.15 in the logging of adding and registering images. An attacker with access to the foreman log file would be able to view passwords for provisioned systems in the log file, allowing them to access those systems.
1867 CVE-2017-2670 835 2018-07-27 2019-10-09
5.0
None Remote Low Not required None None Partial
It was found in Undertow before 1.3.28 that with non-clean TCP close, the Websocket server gets into infinite loop on every IO thread, effectively causing DoS.
1868 CVE-2017-2668 476 DoS 2018-06-22 2019-10-09
4.3
None Remote Medium Not required None None Partial
389-ds-base before versions 1.3.5.17 and 1.3.6.10 is vulnerable to an invalid pointer dereference in the way LDAP bind requests are handled. A remote unauthenticated attacker could use this flaw to make ns-slapd crash via a specially crafted LDAP bind request, resulting in denial of service.
1869 CVE-2017-2666 444 XSS +Info 2018-07-27 2019-10-09
6.4
None Remote Low Not required Partial Partial None
It was discovered in Undertow that the code that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack, or obtain sensitive information from requests other than their own.
1870 CVE-2017-2665 522 2018-07-06 2019-10-09
1.9
None Local Medium Not required Partial None None
The skyring-setup command creates random password for mongodb skyring database but it writes password in plain text to /etc/skyring/skyring.conf file which is owned by root but read by local user. Any local user who has access to system running skyring service will be able to get password in plain text.
1871 CVE-2017-2664 2018-07-26 2019-10-09
4.0
None Remote Low ??? None Partial None
CloudForms Management Engine (cfme) before 5.7.3 and 5.8.x before 5.8.1 lacks RBAC controls on certain methods in the rails application portion of CloudForms. An attacker with access could use a variety of methods within the rails application portion of CloudForms to escalate privileges.
1872 CVE-2017-2663 +Priv 2018-07-27 2019-10-09
4.6
None Local Low Not required Partial Partial Partial
It was found that subscription-manager's DBus interface before 1.19.4 let unprivileged user access the com.redhat.RHSM1.Facts.GetFacts and com.redhat.RHSM1.Config.Set methods. An unprivileged local attacker could use these methods to gain access to private information, or launch a privilege escalation attack.
1873 CVE-2017-2658 20 2018-07-27 2019-10-09
4.3
None Remote Medium Not required None Partial None
It was discovered that the Dashbuilder login page as used in Red Hat JBoss BPM Suite before 6.4.2 and Red Hat JBoss Data Virtualization & Services before 6.4.3 could be opened in an IFRAME, which made it possible to intercept and manipulate requests. An attacker could use this flaw to trick a user into performing arbitrary actions in the Console (clickjacking).
1874 CVE-2017-2653 20 XSS Bypass 2018-07-27 2019-10-09
4.0
None Remote Low ??? None Partial None
A number of unused delete routes are present in CloudForms before 5.7.2.1 which can be accessed via GET requests instead of just POST requests. This could allow an attacker to bypass the protect_from_forgery XSRF protection causing the routes to be used. This attack would require additional cross-site scripting or similar attacks in order to execute.
1875 CVE-2017-2646 835 DoS 2018-07-27 2019-10-09
5.0
None Remote Low Not required None None Partial
It was found that when Keycloak before 2.5.5 receives a Logout request with a Extensions in the middle of the request, the SAMLSloRequestParser.parse() method ends in a infinite loop. An attacker could use this flaw to conduct denial of service attacks.
1876 CVE-2017-2640 787 Exec Code 2018-07-27 2019-10-09
7.5
None Remote Low Not required Partial Partial Partial
An out-of-bounds write flaw was found in the way Pidgin before 2.12.0 processed XML content. A malicious remote server could potentially use this flaw to crash Pidgin or execute arbitrary code in the context of the pidgin process.
1877 CVE-2017-2639 295 2018-07-27 2019-10-09
5.0
None Remote Low Not required Partial None None
It was found that CloudForms does not verify that the server hostname matches the domain name in the certificate when using a custom CA and communicating with Red Hat Virtualization (RHEV) and OpenShift. This would allow an attacker to spoof RHEV or OpenShift systems and potentially harvest sensitive information from CloudForms.
1878 CVE-2017-2638 287 2018-07-16 2019-10-09
6.4
None Remote Low Not required Partial Partial None
It was found that the REST API in Infinispan before version 9.0.0 did not properly enforce auth constraints. An attacker could use this vulnerability to read or modify data in the default cache or a known cache name.
1879 CVE-2017-2637 306 2018-07-26 2021-08-04
10.0
None Remote Low Not required Complete Complete Complete
A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host.
1880 CVE-2017-2635 476 DoS 2018-08-22 2019-10-09
4.0
None Remote Low ??? None None Partial
A NULL pointer deference flaw was found in the way libvirt from 2.5.0 to 3.0.0 handled empty drives. A remote authenticated attacker could use this flaw to crash libvirtd daemon resulting in denial of service.
1881 CVE-2017-2634 119 Overflow Mem. Corr. 2018-07-27 2019-10-09
7.8
None Remote Low Not required None None Complete
It was found that the Linux kernel's Datagram Congestion Control Protocol (DCCP) implementation before 2.6.22.17 used the IPv4-only inet_sk_rebuild_header() function for both IPv4 and IPv6 DCCP connections, which could result in memory corruptions. A remote attacker could use this flaw to crash the system.
1882 CVE-2017-2633 125 2018-07-27 2019-10-09
4.0
None Remote Low ??? None None Partial
An out-of-bounds memory access issue was found in Quick Emulator (QEMU) before 1.7.2 in the VNC display driver. This flaw could occur while refreshing the VNC display surface area in the 'vnc_refresh_server_surface'. A user inside a guest could use this flaw to crash the QEMU process.
1883 CVE-2017-2632 863 2018-07-27 2019-10-09
4.0
None Remote Low ??? None Partial None
A logic error in valid_role() in CloudForms role validation before 5.7.1.3 could allow a tenant administrator to create groups with a higher privilege level than the tenant administrator should have. This would allow an attacker with tenant administration access to elevate privileges.
1884 CVE-2017-2627 22 Dir. Trav. 2018-08-22 2021-08-04
7.2
None Local Low Not required Complete Complete Complete
A flaw was found in openstack-tripleo-common as shipped with Red Hat Openstack Enterprise 10 and 11. The sudoers file as installed with OSP's openstack-tripleo-common package is much too permissive. It contains several lines for the mistral user that have wildcards that allow directory traversal with '..' and it grants full passwordless root access to the validations user.
1885 CVE-2017-2626 331 2018-07-27 2019-07-14
2.1
None Local Low Not required Partial None None
It was discovered that libICE before 1.0.9-8 used a weak entropy to generate keys. A local attacker could potentially use this flaw for session hijacking using the information available from the process list.
1886 CVE-2017-2625 320 2018-07-27 2019-10-09
2.1
None Local Low Not required Partial None None
It was discovered that libXdmcp before 1.1.2 including used weak entropy to generate session keys. On a multi-user system using xdmcp, a local attacker could potentially use information available from the process list to brute force the key, allowing them to hijack other users' sessions.
1887 CVE-2017-2623 295 2018-07-27 2019-10-09
4.3
None Remote Medium Not required None Partial None
It was discovered that rpm-ostree and rpm-ostree-client before 2017.3 fail to properly check GPG signatures on packages when doing layering. Packages with unsigned or badly signed content could fail to be rejected as expected. This issue is partially mitigated on RHEL Atomic Host, where certificate pinning is used by default.
1888 CVE-2017-2622 200 +Info 2018-07-27 2021-08-04
2.1
None Local Low Not required Partial None None
An accessibility flaw was found in the OpenStack Workflow (mistral) service where a service log directory was improperly made world readable. A malicious system user could exploit this flaw to access sensitive information.
1889 CVE-2017-2621 532 2018-07-27 2021-08-04
2.1
None Local Low Not required Partial None None
An access-control flaw was found in the OpenStack Orchestration (heat) service before 8.0.0, 6.1.0 and 7.0.2 where a service log directory was improperly made world readable. A malicious system user could exploit this flaw to access sensitive information.
1890 CVE-2017-2620 125 Exec Code 2018-07-27 2021-08-04
9.0
None Remote Low ??? Complete Complete Complete
Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. The issue could occur while copying VGA data in cirrus_bitblt_cputovideo. A privileged user inside guest could use this flaw to crash the QEMU process OR potentially execute arbitrary code on host with privileges of the QEMU process.
1891 CVE-2017-2619 362 2018-03-12 2019-10-09
6.0
None Remote Medium ??? Partial Partial Partial
Samba before versions 4.6.1, 4.5.7 and 4.4.11 are vulnerable to a malicious client using a symlink race to allow access to areas of the server file system not exported under the share definition.
1892 CVE-2017-2618 682 2018-07-27 2019-10-09
4.9
None Local Low Not required None None Complete
A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr files before 4.9.10. An empty (null) write to this file can crash the system by causing the system to attempt to access unmapped kernel memory.
1893 CVE-2017-2616 362 2018-07-27 2019-10-09
4.7
None Local Medium Not required None None Complete
A race condition was found in util-linux before 2.32.1 in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions.
1894 CVE-2017-2615 125 Exec Code 2018-07-03 2021-08-04
9.0
None Remote Low ??? Complete Complete Complete
Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue. It could occur while copying VGA data via bitblt copy in backward mode. A privileged user inside a guest could use this flaw to crash the QEMU process resulting in DoS or potentially execute arbitrary code on the host with privileges of QEMU process on the host.
1895 CVE-2017-2614 640 2018-07-27 2019-10-09
2.1
None Local Low Not required None Partial None
When updating a password in the rhvm database the ovirt-aaa-jdbc-tool tools before 1.1.3 fail to correctly check for the current password if it is expired. This would allow access to an attacker with access to change the password on accounts with expired passwords, gaining access to those accounts.
1896 CVE-2017-2611 863 2018-05-08 2020-09-09
4.0
None Remote Low ??? None None Partial
Jenkins before versions 2.44, 2.32.2 is vulnerable to an insufficient permission check for periodic processes (SECURITY-389). The URLs /workspaceCleanup and /fingerprintCleanup did not perform permission checks, allowing users with read access to Jenkins to trigger these background processes (that are otherwise performed daily), possibly causing additional load on Jenkins master and agents.
1897 CVE-2017-2591 125 2018-04-30 2019-10-09
5.0
None Remote Low Not required None None Partial
389-ds-base before version 1.3.6 is vulnerable to an improperly NULL terminated array in the uniqueness_entry_to_config() function in the "attribute uniqueness" plugin of 389 Directory Server. An authenticated, or possibly unauthenticated, attacker could use this flaw to force an out-of-bound heap memory read, possibly triggering a crash of the LDAP service.
1898 CVE-2017-2590 275 DoS 2018-07-27 2019-10-09
5.5
None Remote Low ??? None Partial Partial
A vulnerability was found in ipa before 4.4. IdM's ca-del, ca-disable, and ca-enable commands did not properly check the user's permissions while modifying CAs in Dogtag. An authenticated, unauthorized attacker could use this flaw to delete, disable, or enable CAs causing various denial of service problems with certificate issuance, OCSP signing, and deletion of secret keys.
1899 CVE-2017-2589 2018-07-26 2019-10-09
6.0
None Remote Medium ??? Partial Partial Partial
It was discovered that the hawtio servlet 1.4 uses a single HttpClient instance to proxy requests with a persistent cookie store (cookies are stored locally and are not passed between the client and the end URL) which means all clients using that proxy are sharing the same cookies.
1900 CVE-2017-2585 200 +Info 2018-03-12 2018-04-12
4.3
None Remote Medium Not required Partial None None
Red Hat Keycloak before version 2.5.1 has an implementation of HMAC verification for JWS tokens that uses a method that runs in non-constant time, potentially leaving the application vulnerable to timing attacks.
Total number of vulnerabilities : 3974   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 (This Page)39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.