CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Redhat : Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1901 CVE-2017-2589 2018-07-26 2019-10-09
6.0
None Remote Medium ??? Partial Partial Partial
It was discovered that the hawtio servlet 1.4 uses a single HttpClient instance to proxy requests with a persistent cookie store (cookies are stored locally and are not passed between the client and the end URL) which means all clients using that proxy are sharing the same cookies.
1902 CVE-2017-2585 200 +Info 2018-03-12 2018-04-12
4.3
None Remote Medium Not required Partial None None
Red Hat Keycloak before version 2.5.1 has an implementation of HMAC verification for JWS tokens that uses a method that runs in non-constant time, potentially leaving the application vulnerable to timing attacks.
1903 CVE-2017-2582 200 +Info 2018-07-26 2019-01-23
4.0
None Remote Low ??? Partial None None
It was found that while parsing the SAML messages the StaxParserUtil class of keycloak before 2.5.1 replaces special strings for obtaining attribute values with system property. This could allow an attacker to determine values of system properties at the attacked system by formatting the SAML request ID field to be the chosen system property which could be obtained in the "InResponseTo" field in the response.
1904 CVE-2017-0903 502 Exec Code Bypass 2017-10-11 2019-10-09
7.5
None Remote Low Not required Partial Partial Partial
RubyGems versions between 2.0.0 and 2.6.13 are vulnerable to a possible remote code execution vulnerability. YAML deserialization of gem specifications can bypass class white lists. Specially crafted serialized objects can possibly be used to escalate to remote code execution.
1905 CVE-2017-0902 346 2017-08-31 2019-10-09
6.8
None Remote Medium Not required Partial Partial Partial
RubyGems version 2.6.12 and earlier is vulnerable to a DNS hijacking vulnerability that allows a MITM attacker to force the RubyGems client to download and install gems from a server that the attacker controls.
1906 CVE-2017-0901 20 2017-08-31 2019-10-09
6.4
None Remote Low Not required None Partial Partial
RubyGems version 2.6.12 and earlier fails to validate specification names, allowing a maliciously crafted gem to potentially overwrite any file on the filesystem.
1907 CVE-2017-0900 20 DoS 2017-08-31 2019-05-13
5.0
None Remote Low Not required None None Partial
RubyGems version 2.6.12 and earlier is vulnerable to maliciously crafted gem specifications to cause a denial of service attack against RubyGems clients who have issued a `query` command.
1908 CVE-2017-0899 94 2017-08-31 2019-10-09
7.5
None Remote Low Not required Partial Partial Partial
RubyGems version 2.6.12 and earlier is vulnerable to maliciously crafted gem specifications that include terminal escape characters. Printing the gem specification would execute terminal escape sequences.
1909 CVE-2016-1000232 20 DoS 2018-09-05 2018-10-31
5.0
None Remote Low Not required None None Partial
NodeJS Tough-Cookie version 2.2.2 contains a Regular Expression Parsing vulnerability in HTTP request Cookie Header parsing that can result in Denial of Service. This attack appear to be exploitable via Custom HTTP header passed by client. This vulnerability appears to have been fixed in 2.3.0.
1910 CVE-2016-1000229 79 XSS 2019-12-20 2019-12-31
4.3
None Remote Medium Not required None Partial None
swagger-ui has XSS in key names
1911 CVE-2016-1000037 79 XSS 2019-11-06 2019-11-08
4.3
None Remote Medium Not required None Partial None
Pagure: XSS possible in file attachment endpoint
1912 CVE-2016-1000033 295 2016-10-25 2020-02-24
4.3
None Remote Medium Not required Partial None None
Shotwell version 0.22.0 (and possibly other versions) is vulnerable to a TLS/SSL certification validation flaw resulting in a potential for man in the middle attacks.
1913 CVE-2016-1000007 79 XSS 2016-10-07 2020-05-14
4.3
None Remote Medium Not required None Partial None
Pagure 2.2.1 XSS in raw file endpoint
1914 CVE-2016-1000002 200 +Info 2019-11-05 2020-08-18
2.1
None Local Low Not required Partial None None
gdm3 3.14.2 and possibly later has an information leak before screen lock
1915 CVE-2016-10746 254 2019-04-18 2019-05-01
5.0
None Remote Low Not required None Partial None
libvirt-domain.c in libvirt before 1.3.1 supports virDomainGetTime API calls by guest agents with an RO connection, even though an RW connection was supposed to be required, a different vulnerability than CVE-2019-3886.
1916 CVE-2016-10730 264 2018-10-24 2019-01-09
7.2
None Local Low Not required Complete Complete Complete
An issue was discovered in Amanda 3.3.1. A user with backup privileges can trivially compromise a client installation. Amstar is an Amanda Application API script. It should not be run by users directly. It uses star to backup and restore data. It runs binaries with root permissions when parsing the command line argument --star-path.
1917 CVE-2016-10729 77 2018-10-24 2019-01-09
7.2
None Local Low Not required Complete Complete Complete
An issue was discovered in Amanda 3.3.1. A user with backup privileges can trivially compromise a client installation. The "runtar" setuid root binary does not check for additional arguments supplied after --create, allowing users to manipulate commands and perform command injection as root.
1918 CVE-2016-9921 369 2016-12-23 2021-08-04
2.1
None Local Low Not required None None Partial
Quick emulator (Qemu) built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to a divide by zero issue. It could occur while copying VGA data when cirrus graphics mode was set to be VGA. A privileged user inside guest could use this flaw to crash the Qemu process instance on the host, resulting in DoS.
1919 CVE-2016-9911 772 2016-12-23 2021-08-04
4.9
None Local Low Not required None None Complete
Quick Emulator (Qemu) built with the USB EHCI Emulation support is vulnerable to a memory leakage issue. It could occur while processing packet data in 'ehci_init_transfer'. A guest user/process could use this issue to leak host memory, resulting in DoS for a host.
1920 CVE-2016-9907 772 2016-12-23 2021-08-04
4.9
None Local Low Not required None None Complete
Quick Emulator (Qemu) built with the USB redirector usb-guest support is vulnerable to a memory leakage flaw. It could occur while destroying the USB redirector in 'usbredir_handle_destroy'. A guest user/process could use this issue to leak host memory, resulting in DoS for a host.
1921 CVE-2016-9905 284 2018-06-11 2018-08-09
6.8
None Remote Medium Not required Partial Partial Partial
A potentially exploitable crash in "EnumerateSubDocuments" while adding or removing sub-documents. This vulnerability affects Firefox ESR < 45.6 and Thunderbird < 45.6.
1922 CVE-2016-9904 200 +Info 2018-06-11 2018-08-01
5.0
None Remote Low Not required Partial None None
An attacker could use a JavaScript Map/Set timing attack to determine whether an atom is used by another compartment/zone in specific contexts. This could be used to leak information, such as usernames embedded in JavaScript code, across websites. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.
1923 CVE-2016-9902 346 2018-06-11 2018-08-09
5.0
None Remote Low Not required None Partial None
The Pocket toolbar button, once activated, listens for events fired from it's own pages but does not verify the origin of incoming events. This allows content from other origins to fire events and inject content and commands into the Pocket context. Note: this issue does not affect users with e10s enabled. This vulnerability affects Firefox ESR < 45.6 and Firefox < 50.1.
1924 CVE-2016-9901 20 Exec Code 2018-06-11 2018-08-01
7.5
None Remote Low Not required Partial Partial Partial
HTML tags received from the Pocket server will be processed without sanitization and any JavaScript code executed will be run in the "about:pocket-saved" (unprivileged) page, giving it access to Pocket's messaging API through HTML injection. This vulnerability affects Firefox ESR < 45.6 and Firefox < 50.1.
1925 CVE-2016-9900 254 Bypass 2018-06-11 2018-08-03
5.0
None Remote Low Not required Partial None None
External resources that should be blocked when loaded by SVG images can bypass security restrictions through the use of "data:" URLs. This could allow for cross-domain data leakage. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.
1926 CVE-2016-9899 416 2018-06-11 2018-08-03
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free while manipulating DOM events and removing audio elements due to errors in the handling of node adoption. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.
1927 CVE-2016-9898 416 2018-06-11 2018-08-03
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free resulting in potentially exploitable crash when manipulating DOM subtrees in the Editor. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.
1928 CVE-2016-9897 119 Overflow Mem. Corr. 2018-06-11 2018-08-01
5.0
None Remote Low Not required None None Partial
Memory corruption resulting in a potentially exploitable crash during WebGL functions using a vector constructor with a varying array within libGLES. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.
1929 CVE-2016-9895 254 2018-06-11 2018-08-03
4.3
None Remote Medium Not required None Partial None
Event handlers on "marquee" elements were executed despite a strict Content Security Policy (CSP) that disallowed inline JavaScript. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.
1930 CVE-2016-9893 119 Overflow Mem. Corr. 2018-06-11 2018-08-03
7.5
None Remote Low Not required Partial Partial Partial
Memory safety bugs were reported in Thunderbird 45.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.
1931 CVE-2016-9811 125 DoS 2017-01-13 2021-11-29
4.3
None Remote Medium Not required None None Partial
The windows_icon_typefind function in gst-plugins-base in GStreamer before 1.10.2, when G_SLICE is set to always-malloc, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted ico file.
1932 CVE-2016-9651 94 Exec Code 2019-01-09 2019-01-16
6.8
None Remote Medium Not required Partial Partial Partial
A missing check for whether a property of a JS object is private in V8 in Google Chrome prior to 55.0.2883.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
1933 CVE-2016-9636 119 DoS Exec Code Overflow 2017-01-27 2018-01-05
7.5
None Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by providing a 'write count' that goes beyond the initialized buffer.
1934 CVE-2016-9635 119 DoS Exec Code Overflow 2017-01-27 2018-01-05
7.5
None Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by providing a 'skip count' that goes beyond initialized buffer.
1935 CVE-2016-9634 119 DoS Exec Code Overflow 2017-01-27 2018-01-05
7.5
None Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via the start_line parameter.
1936 CVE-2016-9606 20 Exec Code 2018-03-09 2018-10-12
6.8
None Remote Medium Not required Partial Partial Partial
JBoss RESTEasy before version 3.1.2 could be forced into parsing a request with YamlProvider, resulting in unmarshalling of potentially untrusted data which could allow an attacker to execute arbitrary code with RESTEasy application permissions.
1937 CVE-2016-9603 119 Exec Code Overflow 2018-07-27 2021-08-04
9.0
None Remote Low ??? Complete Complete Complete
A heap buffer overflow flaw was found in QEMU's Cirrus CLGD 54xx VGA emulator's VNC display driver support before 2.9; the issue could occur when a VNC client attempted to update its display after a VGA operation is performed by a guest. A privileged user/process inside a guest could use this flaw to crash the QEMU process or, potentially, execute arbitrary code on the host with privileges of the QEMU process.
1938 CVE-2016-9600 476 2018-03-12 2019-10-09
4.3
None Remote Medium Not required None None Partial
JasPer before version 2.0.10 is vulnerable to a null pointer dereference was found in the decoded creation of JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash.
1939 CVE-2016-9599 284 2018-04-24 2021-08-04
6.0
None Remote Medium ??? Partial Partial Partial
puppet-tripleo before versions 5.5.0, 6.2.0 is vulnerable to an access-control flaw in the IPtables rules management, which allowed the creation of TCP/UDP rules with empty port values. If SSL is enabled, a malicious user could use these open ports to gain access to unauthorized resources.
1940 CVE-2016-9598 125 DoS 2018-08-16 2020-11-16
4.3
None Remote Medium Not required None None Partial
libxml2, as used in Red Hat JBoss Core Services, allows context-dependent attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted XML document. NOTE: this vulnerability exists because of a missing fix for CVE-2016-4483.
1941 CVE-2016-9596 400 DoS 2018-08-16 2020-11-16
4.3
None Remote Medium Not required None None Partial
libxml2, as used in Red Hat JBoss Core Services and when in recovery mode, allows context-dependent attackers to cause a denial of service (stack consumption) via a crafted XML document. NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-3627.
1942 CVE-2016-9595 59 2018-07-27 2019-10-09
3.6
None Local Low Not required None Partial Partial
A flaw was found in katello-debug before 3.4.0 where certain scripts and log files used insecure temporary files. A local user could exploit this flaw to conduct a symbolic-link attack, allowing them to overwrite the contents of arbitrary files.
1943 CVE-2016-9593 255 2018-04-16 2019-10-09
4.0
None Remote Low ??? Partial None None
foreman-debug before version 1.15.0 is vulnerable to a flaw in foreman-debug's logging. An attacker with access to the foreman log file would be able to view passwords, allowing them to access those systems.
1944 CVE-2016-9592 399 DoS 2018-04-16 2019-10-09
4.0
None Remote Low ??? None None Partial
openshift before versions 3.3.1.11, 3.2.1.23, 3.4 is vulnerable to a flaw when a volume fails to detach, which causes the delete operation to fail with 'VolumeInUse' error. Since the delete operation is retried every 30 seconds for each volume, this could lead to a denial of service attack as the number of API requests being sent to the cloud-provider exceeds the API's rate-limit.
1945 CVE-2016-9591 416 2018-03-09 2019-10-09
4.3
None Remote Medium Not required None None Partial
JasPer before version 2.0.12 is vulnerable to a use-after-free in the way it decodes certain JPEG 2000 image files resulting in a crash on the application using JasPer.
1946 CVE-2016-9590 200 +Info 2018-04-26 2021-08-04
4.0
None Remote Low ??? Partial None None
puppet-swift before versions 8.2.1, 9.4.4 is vulnerable to an information-disclosure in Red Hat OpenStack Platform director's installation of Object Storage (swift). During installation, the Puppet script responsible for deploying the service incorrectly removes and recreates the proxy-server.conf file with world-readable permissions.
1947 CVE-2016-9589 400 DoS 2018-03-12 2019-10-09
5.0
None Remote Low Not required None None Partial
Undertow in Red Hat wildfly before version 11.0.0.Beta1 is vulnerable to a resource exhaustion resulting in a denial of service. Undertow keeps a cache of seen HTTP headers in persistent connections. It was found that this cache can easily exploited to fill memory with garbage, up to "max-headers" (default 200) * "max-header-size" (default 1MB) per active TCP connection.
1948 CVE-2016-9587 20 Exec Code 2018-04-24 2021-09-13
9.3
None Remote Medium Not required Complete Complete Complete
Ansible before versions 2.1.4, 2.2.1 is vulnerable to an improper input validation in Ansible's handling of data sent from client systems. An attacker with control over a client system being managed by Ansible and the ability to send facts back to the Ansible server could use this flaw to execute arbitrary code on the Ansible server using the Ansible server privileges.
1949 CVE-2016-9585 502 DoS 2018-03-09 2019-10-09
2.6
None Remote High Not required None None Partial
Red Hat JBoss EAP version 5 is vulnerable to a deserialization of untrusted data in the JMX endpoint when deserializes the credentials passed to it. An attacker could exploit this vulnerability resulting in a denial of service attack.
1950 CVE-2016-9583 125 2018-08-01 2019-10-09
6.8
None Remote Medium Not required Partial Partial Partial
An out-of-bounds heap read vulnerability was found in the jpc_pi_nextpcrl() function of jasper before 2.0.6 when processing crafted input.
Total number of vulnerabilities : 3974   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 (This Page)40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.