CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Redhat : Security Vulnerabilities (CVSS score between 2 and 2.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
151 CVE-2016-0607 2016-01-21 2019-04-22
2.8
None Remote Medium ??? None None Partial
Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and 5.7.9 allows remote authenticated users to affect availability via unknown vectors related to replication.
152 CVE-2016-0605 2016-01-21 2018-10-30
2.1
None Remote High ??? None None Partial
Unspecified vulnerability in Oracle MySQL 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors.
153 CVE-2015-8629 125 DoS +Info 2016-02-13 2021-02-02
2.1
None Remote High ??? Partial None None
The xdr_nullstring function in lib/kadm5/kadm_rpc_xdr.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13.4 and 1.14.x before 1.14.1 does not verify whether '\0' characters exist as expected, which allows remote authenticated users to obtain sensitive information or cause a denial of service (out-of-bounds read) via a crafted string.
154 CVE-2015-8553 200 +Info 2016-04-13 2019-08-13
2.1
None Local Low Not required Partial None None
Xen allows guest OS users to obtain sensitive information from uninitialized locations in host OS kernel memory by not enabling memory and I/O decoding control bits. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-0777.
155 CVE-2015-7837 254 Bypass 2017-09-19 2017-10-05
2.1
None Local Low Not required None Partial None
The Linux kernel, as used in Red Hat Enterprise Linux 7, kernel-rt, and Enterprise MRG 2 and when booted with UEFI Secure Boot enabled, allows local users to bypass intended securelevel/secureboot restrictions by leveraging improper handling of secure_boot flag across kexec reboot.
156 CVE-2015-6815 835 DoS 2020-01-31 2021-11-30
2.7
None Local Network Low ??? None None Partial
The process_tx_desc function in hw/net/e1000.c in QEMU before 2.4.0.1 does not properly process transmit descriptor data when sending a network packet, which allows attackers to cause a denial of service (infinite loop and guest crash) via unspecified vectors.
157 CVE-2015-5281 264 Exec Code Bypass 2015-11-24 2016-12-07
2.6
None Local High Not required Partial Partial None
The grub2 package before 2.02-0.29 in Red Hat Enterprise Linux (RHEL) 7, when used on UEFI systems, allows local users to bypass intended Secure Boot restrictions and execute non-verified code via a crafted (1) multiboot or (2) multiboot2 module in the configuration file or physically proximate attackers to bypass intended Secure Boot restrictions and execute non-verified code via the (3) boot menu.
158 CVE-2015-5160 200 +Info 2018-08-20 2020-10-15
2.1
None Local Low Not required Partial None None
libvirt before 2.2 includes Ceph credentials on the qemu command line when using RADOS Block Device (aka RBD), which allows local users to obtain sensitive information via a process listing.
159 CVE-2015-5006 200 +Info 2015-12-07 2019-06-19
2.1
None Local Low Not required Partial None None
IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR2, 7 R1 before SR3 FP20, 7 before SR9 FP20, 6 R1 before SR8 FP15, and 6 before SR16 FP15 allow physically proximate attackers to obtain sensitive information by reading the Kerberos Credential Cache.
160 CVE-2015-4910 2015-10-22 2016-12-24
2.1
None Remote High ??? None None Partial
Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Memcached.
161 CVE-2015-4836 2015-10-21 2019-12-27
2.8
None Remote Medium ??? None None Partial
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : SP.
162 CVE-2015-3245 20 DoS 2015-08-11 2018-05-20
2.1
None Local Low Not required None None Partial
Incomplete blacklist vulnerability in the chfn function in libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, allows local users to cause a denial of service (/etc/passwd corruption) via a newline character in the GECOS field.
163 CVE-2015-3201 200 +Info 2015-06-08 2016-12-31
2.1
None Local Low Not required Partial None None
Thermostat before 2.0.0 uses world-readable permissions for the web.xml configuration file, which allows local users to obtain user credentials by reading the file.
164 CVE-2015-3149 59 2017-07-25 2017-07-31
2.1
None Local Low Not required None Partial None
The Hotspot component in OpenJDK8 as packaged in Red Hat Enterprise Linux 6 and 7 allows local users to write to arbitrary files via a symlink attack.
165 CVE-2015-2877 200 +Info 2017-03-03 2020-06-04
2.1
None Local Low Not required Partial None None
** DISPUTED ** Kernel Samepage Merging (KSM) in the Linux kernel 2.6.32 through 4.x does not prevent use of a write-timing side channel, which allows guest OS users to defeat the ASLR protection mechanism on other guest OS instances via a Cross-VM ASL INtrospection (CAIN) attack. NOTE: the vendor states "Basically if you care about this attack vector, disable deduplication." Share-until-written approaches for memory conservation among mutually untrusting tenants are inherently detectable for information disclosure, and can be classified as potentially misunderstood behaviors rather than vulnerabilities.
166 CVE-2015-1870 200 +Info 2017-06-26 2018-01-05
2.1
None Local Low Not required Partial None None
The event scripts in Automatic Bug Reporting Tool (ABRT) uses world-readable permission on a copy of sosreport file in problem directories, which allows local users to obtain sensitive information from /var/log/messages via unspecified vectors.
167 CVE-2015-1350 552 DoS 2016-05-02 2020-08-03
2.1
None Local Low Not required None None Partial
The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attributes, which allows local users to cause a denial of service (capability stripping) via a failed invocation of a system call, as demonstrated by using chown to remove a capability from the ping or Wireshark dumpcap program.
168 CVE-2015-0257 264 +Info 2015-05-01 2016-06-28
2.1
None Local Low Not required Partial None None
Red Hat Enterprise Virtualization (RHEV) Manager before 3.5.1 uses weak permissions on the directories shared by the ovirt-engine-dwhd service and a plugin during service startup, which allows local users to obtain sensitive information by reading files in the directory.
169 CVE-2015-0238 200 +Info 2017-09-26 2017-10-10
2.1
None Local Low Not required Partial None None
selinux-policy as packaged in Red Hat OpenShift 2 allows attackers to obtain process listing information via a privilege escalation attack.
170 CVE-2014-9585 Bypass 2015-01-09 2020-05-21
2.1
None Local Low Not required None Partial None
The vdso_addr function in arch/x86/vdso/vma.c in the Linux kernel through 3.18.2 does not properly choose memory locations for the vDSO area, which makes it easier for local users to bypass the ASLR protection mechanism by guessing a location at the end of a PMD.
171 CVE-2014-9584 20 +Info 2015-01-09 2020-05-21
2.1
None Local Low Not required Partial None None
The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel before 3.18.2 does not validate a length value in the Extensions Reference (ER) System Use Field, which allows local users to obtain sensitive information from kernel memory via a crafted iso9660 image.
172 CVE-2014-8181 665 +Info 2019-11-06 2019-11-09
2.1
None Local Low Not required Partial None None
The kernel in Red Hat Enterprise Linux 7 and MRG-2 does not clear garbage data for SG_IO buffer, which may leaking sensitive information to userspace.
173 CVE-2014-8136 264 DoS 2014-12-19 2018-10-30
2.1
None Local Low Not required None None Partial
The (1) qemuDomainMigratePerform and (2) qemuDomainMigrateFinish2 functions in qemu/qemu_driver.c in libvirt do not unlock the domain when an ACL check fails, which allow local users to cause a denial of service via unspecified vectors.
174 CVE-2014-8135 DoS 2014-12-19 2015-01-10
2.1
None Local Low Not required None None Partial
The storageVolUpload function in storage/storage_driver.c in libvirt before 1.2.11 does not check a certain return value, which allows local users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted offset value in a "virsh vol-upload" command.
175 CVE-2014-7231 200 +Info 2014-10-08 2018-11-16
2.1
None Local Low Not required Partial None None
The strutils.mask_password function in the OpenStack Oslo utility library, Cinder, Nova, and Trove before 2013.2.4 and 2014.1 before 2014.1.3 does not properly mask passwords when logging commands, which allows local users to obtain passwords by reading the log.
176 CVE-2014-7230 200 Exec Code +Info 2014-10-08 2018-11-16
2.1
None Local Low Not required Partial None None
The processutils.execute function in OpenStack oslo-incubator, Cinder, Nova, and Trove before 2013.2.4 and 2014.1 before 2014.1.3 allows local users to obtain passwords from commands that cause a ProcessExecutionError by reading the log.
177 CVE-2014-5118 20 Bypass 2019-11-18 2020-01-10
2.1
None Local Low Not required None Partial None
Trusted Boot (tboot) before 1.8.2 has a 'loader.c' Security Bypass Vulnerability
178 CVE-2014-4660 522 +Info 2020-02-20 2020-02-25
2.1
None Local Low Not required Partial None None
Ansible before 1.5.5 constructs filenames containing user and password fields on the basis of deb lines in sources.list, which might allow local users to obtain sensitive credential information in opportunistic circumstances by leveraging existence of a file that uses the "deb http://user:pass@server:port/" format.
179 CVE-2014-4659 522 +Info 2020-02-20 2020-02-25
2.1
None Local Low Not required Partial None None
Ansible before 1.5.5 sets 0644 permissions for sources.list, which might allow local users to obtain sensitive credential information in opportunistic circumstances by reading a file that uses the "deb http://user:pass@server:port/" format.
180 CVE-2014-4658 200 +Info 2020-02-20 2020-02-25
2.1
None Local Low Not required Partial None None
The vault subsystem in Ansible before 1.5.5 does not set the umask before creation or modification of a vault file, which allows local users to obtain sensitive key information by reading a file.
181 CVE-2014-4039 264 +Info 2014-06-17 2017-01-07
2.1
None Local Low Not required Partial None None
ppc64-diag 2.6.1 uses 0775 permissions for /tmp/diagSEsnap and does not properly restrict permissions for /tmp/diagSEsnap/snapH.tar.gz, which allows local users to obtain sensitive information by reading files in this archive, as demonstrated by /var/log/messages and /etc/yaboot.conf.
182 CVE-2014-4027 200 +Info 2014-06-23 2020-08-21
2.3
None Local Network Medium ??? Partial None None
The rd_build_device_space function in drivers/target/target_core_rd.c in the Linux kernel before 3.14 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from ramdisk_mcp memory by leveraging access to a SCSI initiator.
183 CVE-2014-3672 400 DoS 2016-05-25 2017-09-08
2.1
None Local Low Not required None None Partial
The qemu implementation in libvirt before 1.3.0 and Xen allows local guest OS users to cause a denial of service (host disk consumption) by writing to stdout or stderr.
184 CVE-2014-3640 476 DoS 2014-11-07 2017-11-04
2.1
None Local Low Not required None None Partial
The sosendto function in slirp/udp.c in QEMU before 2.1.2 allows local users to cause a denial of service (NULL pointer dereference) by sending a udp packet with a value of 0 in the source port and address, which triggers access of an uninitialized socket.
185 CVE-2014-3615 200 +Info 2014-11-01 2020-08-11
2.1
None Local Low Not required Partial None None
The VGA emulator in QEMU allows local guest users to read host memory by setting the display to a high resolution.
186 CVE-2014-3602 264 +Info 2014-11-13 2019-12-17
2.1
None Local Low Not required Partial None None
Red Hat OpenShift Enterprise before 2.2 allows local users to obtain IP address and port number information for remote systems by reading /proc/net/tcp.
187 CVE-2014-3586 264 +Info 2015-04-21 2015-10-13
2.1
None Local Low Not required Partial None None
The default configuration for the Command Line Interface in Red Hat Enterprise Application Platform before 6.4.0 and WildFly (formerly JBoss Application Server) uses weak permissions for .jboss-cli-history, which allows local users to obtain sensitive information via unspecified vectors.
188 CVE-2014-3561 200 +Info 2014-12-05 2017-08-29
2.1
None Local Low Not required Partial None None
The rhevm-log-collector package in Red Hat Enterprise Virtualization 3.4 uses the PostgreSQL database password on the command line when calling sosreport, which allows local users to obtain sensitive information by listing the processes.
189 CVE-2014-3536 532 2019-12-15 2019-12-19
2.1
None Local Low Not required Partial None None
CFME (CloudForms Management Engine) 5: RHN account information is logged to top_output.log during registration
190 CVE-2014-1859 59 2018-01-08 2019-04-22
2.1
None Local Low Not required None Partial None
(1) core/tests/test_memmap.py, (2) core/tests/test_multiarray.py, (3) f2py/f2py2e.py, and (4) lib/tests/test_io.py in NumPy before 1.8.1 allow local users to write to arbitrary files via a symlink attack on a temporary file.
191 CVE-2014-1738 200 +Info 2014-05-11 2020-08-21
2.1
None Local Low Not required Partial None None
The raw_cmd_copyout function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly restrict access to certain pointers during processing of an FDRAWCMD ioctl call, which allows local users to obtain sensitive information from kernel heap memory by leveraging write access to a /dev/fd device.
192 CVE-2014-0420 2014-01-15 2019-12-17
2.8
None Remote Medium ??? None None Partial
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.34 and earlier, and 5.6.14 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Replication.
193 CVE-2014-0241 522 2019-12-13 2019-12-18
2.1
None Local Low Not required Partial None None
rubygem-hammer_cli_foreman: File /etc/hammer/cli.modules.d/foreman.yml world readable
194 CVE-2014-0202 255 +Info 2014-05-30 2014-06-26
2.1
None Local Low Not required Partial None None
The setup script in ovirt-engine-dwh, as used in the Red Hat Enterprise Virtualization Manager data warehouse (rhevm-dwh) package before 3.3.3, stores the history database password in cleartext, which allows local users to obtain sensitive information by reading an unspecified file.
195 CVE-2014-0201 264 +Info 2014-05-29 2014-05-30
2.1
None Local Low Not required Partial None None
ovirt-engine-reports, as used in the Red Hat Enterprise Virtualization reports package (rhevm-reports) before 3.3.3, uses world-readable permissions on configuration files, which allows local users to obtain sensitive information by reading the files.
196 CVE-2014-0200 264 +Info 2014-05-29 2014-05-30
2.1
None Local Low Not required Partial None None
The Red Hat Enterprise Virtualization Manager reports (rhevm-reports) package before 3.3.3-1 uses world-readable permissions on the datasource configuration file (js-jboss7-ds.xml), which allows local users to obtain sensitive information by reading the file.
197 CVE-2014-0199 310 +Info 2014-05-29 2014-05-30
2.1
None Local Low Not required Partial None None
The setup script in ovirt-engine-reports, as used in the Red Hat Enterprise Virtualization reports (rhevm-reports) package before 3.3.3, stores the reports database password in cleartext, which allows local users to obtain sensitive information by reading an unspecified file.
198 CVE-2014-0189 310 2014-05-02 2016-08-26
2.1
None Local Low Not required Partial None None
virt-who uses world-readable permissions for /etc/sysconfig/virt-who, which allows local users to obtain password for hypervisors by reading the file.
199 CVE-2014-0181 264 Bypass 2014-04-27 2020-08-26
2.1
None Local Low Not required None Partial None
The Netlink implementation in the Linux kernel through 3.14.1 does not provide a mechanism for authorizing socket operations based on the opener of a socket, which allows local users to bypass intended access restrictions and modify network configurations by using a Netlink socket for the (1) stdout or (2) stderr of a setuid program.
200 CVE-2014-0164 310 +Info 2014-05-05 2014-06-30
2.1
None Local Low Not required Partial None None
openshift-origin-broker-util, as used in Red Hat OpenShift Enterprise 1.2.7 and 2.0.5, uses world-readable permissions for the mcollective client.cfg configuration file, which allows local users to obtain credentials and other sensitive information by reading the file.
Total number of vulnerabilities : 320   Page : 1 2 3 4 (This Page)5 6 7
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.