CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Redhat : Security Vulnerabilities (CVSS score between 5 and 5.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
151 CVE-2018-16871 476 2019-07-30 2021-10-04
5.0
None Remote Low Not required None None Partial
A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence. This can panic the machine and deny access to the NFS server. Any outstanding disk writes to the NFS server will be lost.
152 CVE-2018-16856 532 2019-03-26 2021-08-04
5.0
None Remote Low Not required Partial None None
In a default Red Hat Openstack Platform Director installation, openstack-octavia before versions openstack-octavia 2.0.2-5 and openstack-octavia-3.0.1-0.20181009115732 creates log files that are readable by all users. Sensitive information such as private keys can appear in these log files allowing for information exposure.
153 CVE-2018-16849 200 +Info 2018-11-02 2019-10-09
5.0
None Remote Low Not required Partial None None
A flaw was found in openstack-mistral. By manipulating the SSH private key filename, the std.ssh action can be used to disclose the presence of arbitrary files within the filesystem of the executor running the action. Since std.ssh private_key_filename can take an absolute path, it can be used to assess whether or not a file exists on the executor's filesystem.
154 CVE-2018-16838 269 2019-03-25 2020-10-15
5.5
None Remote Low ??? Partial Partial None
A flaw was found in sssd Group Policy Objects implementation. When the GPO is not readable by SSSD due to a too strict permission settings on the server side, SSSD will allow all authenticated users to login instead of denying access.
155 CVE-2018-16476 502 2018-11-30 2019-10-09
5.0
None Remote Low Not required Partial None None
A Broken Access Control vulnerability in Active Job versions >= 4.2.0 allows an attacker to craft user input which can cause Active Job to deserialize it using GlobalId and give them access to information that they should not have. This vulnerability has been fixed in versions 4.2.11, 5.0.7.1, 5.1.6.1, and 5.2.1.1.
156 CVE-2018-16451 125 2019-10-03 2020-01-20
5.0
None Remote Low Not required None None Partial
The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \MAILSLOT\BROWSE and \PIPE\LANMAN.
157 CVE-2018-16230 125 2019-10-03 2020-01-20
5.0
None Remote Low Not required None None Partial
The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI).
158 CVE-2018-16229 125 2019-10-03 2020-01-20
5.0
None Remote Low Not required None None Partial
The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option().
159 CVE-2018-16228 125 2019-10-03 2020-01-20
5.0
None Remote Low Not required None None Partial
The HNCP parser in tcpdump before 4.9.3 has a buffer over-read in print-hncp.c:print_prefix().
160 CVE-2018-16227 125 2019-10-03 2020-01-20
5.0
None Remote Low Not required None None Partial
The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags subfield.
161 CVE-2018-15978 125 2018-11-29 2018-12-28
5.0
None Remote Low Not required Partial None None
Flash Player versions 31.0.0.122 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
162 CVE-2018-15967 200 +Info 2018-09-25 2019-10-03
5.0
None Remote Low Not required Partial None None
Adobe Flash Player versions 30.0.0.154 and earlier have a privilege escalation vulnerability. Successful exploitation could lead to information disclosure.
163 CVE-2018-15473 362 2018-08-17 2020-08-24
5.0
None Remote Low Not required Partial None None
OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.
164 CVE-2018-14882 125 2019-10-03 2020-01-20
5.0
None Remote Low Not required None None Partial
The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c.
165 CVE-2018-14881 125 2019-10-03 2020-01-20
5.0
None Remote Low Not required None None Partial
The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_RESTART).
166 CVE-2018-14880 125 2019-10-03 2020-01-20
5.0
None Remote Low Not required None None Partial
The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6_print_lshdr().
167 CVE-2018-14879 120 Overflow 2019-10-03 2020-01-20
5.1
None Remote High Not required Partial Partial Partial
The command-line argument parser in tcpdump before 4.9.3 has a buffer overflow in tcpdump.c:get_next_file().
168 CVE-2018-14658 601 2018-11-13 2019-10-09
5.8
None Remote Medium Not required Partial Partial None
A flaw was found in JBOSS Keycloak 3.2.1.Final. The Redirect URL for both Login and Logout are not normalized in org.keycloak.protocol.oidc.utils.RedirectUtils before the redirect url is verified. This can lead to an Open Redirection attack
169 CVE-2018-14647 909 DoS 2018-09-25 2020-07-29
5.0
None Remote Low Not required None None Partial
Python's elementtree C accelerator failed to initialise Expat's hash salt during initialization. This could make it easy to conduct denial of service attacks against Expat by constructing an XML document that would cause pathological hash collisions in Expat's internal data structures, consuming large amounts CPU and RAM. The vulnerability exists in Python versions 3.7.0, 3.6.0 through 3.6.6, 3.5.0 through 3.5.6, 3.4.0 through 3.4.9, 2.7.0 through 2.7.15.
170 CVE-2018-14645 125 DoS 2018-09-21 2019-07-23
5.0
None Remote Low Not required None None Partial
A flaw was discovered in the HPACK decoder of HAProxy, before 1.8.14, that is used for HTTP/2. An out-of-bounds read access in hpack_valid_idx() resulted in a remote crash and denial of service.
171 CVE-2018-14642 200 +Info 2018-09-18 2020-12-08
5.0
None Remote Low Not required Partial None None
An information leak vulnerability was found in Undertow. If all headers are not written out in the first write() call then the code that handles flushing the buffer will always write out the full contents of the writevBuffer buffer, which may contain data from previous requests.
172 CVE-2018-14638 415 DoS 2018-09-14 2019-10-09
5.0
None Remote Low Not required None None Partial
A flaw was found in 389-ds-base before version 1.3.8.4-13. The process ns-slapd crashes in delete_passwdPolicy function when persistent search connections are terminated unexpectedly leading to remote denial of service.
173 CVE-2018-14624 20 2018-09-06 2019-05-15
5.0
None Remote Low Not required None None Partial
A vulnerability was discovered in 389-ds-base through versions 1.3.7.10, 1.3.8.8 and 1.4.0.16. The lock controlling the error log was not correctly used when re-opening the log file in log__error_emergency(). An attacker could send a flood of modifications to a very large DN, which would cause slapd to crash.
174 CVE-2018-14622 252 2018-08-30 2020-12-04
5.0
None Remote Low Not required None None Partial
A null-pointer dereference vulnerability was found in libtirpc before version 0.3.3-rc3. The return value of makefd_xprt() was not checked in all instances, which could lead to a crash when the server exhausted the maximum number of available file descriptors. A remote attacker could cause an rpc-based application to crash by flooding it with new connections.
175 CVE-2018-14470 125 2019-10-03 2020-01-20
5.0
None Remote Low Not required None None Partial
The Babel parser in tcpdump before 4.9.3 has a buffer over-read in print-babel.c:babel_print_v2().
176 CVE-2018-14469 125 2019-10-03 2020-01-20
5.0
None Remote Low Not required None None Partial
The IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in print-isakmp.c:ikev1_n_print().
177 CVE-2018-14468 125 2019-10-03 2020-01-20
5.0
None Remote Low Not required None None Partial
The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print().
178 CVE-2018-14467 125 2019-10-03 2020-01-20
5.0
None Remote Low Not required None None Partial
The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_MP).
179 CVE-2018-14466 125 2019-10-03 2020-01-20
5.0
None Remote Low Not required None None Partial
The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and rx_cache_insert().
180 CVE-2018-14465 125 2019-10-03 2020-01-20
5.0
None Remote Low Not required None None Partial
The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print().
181 CVE-2018-14464 125 2019-10-03 2020-01-20
5.0
None Remote Low Not required None None Partial
The LMP parser in tcpdump before 4.9.3 has a buffer over-read in print-lmp.c:lmp_print_data_link_subobjs().
182 CVE-2018-14463 125 2019-10-03 2020-01-20
5.0
None Remote Low Not required None None Partial
The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print().
183 CVE-2018-14462 125 2019-10-03 2020-01-20
5.0
None Remote Low Not required None None Partial
The ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:icmp_print().
184 CVE-2018-14461 125 2019-10-03 2020-01-20
5.0
None Remote Low Not required None None Partial
The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print().
185 CVE-2018-12827 125 2018-08-29 2018-10-30
5.0
None Remote Low Not required Partial None None
Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
186 CVE-2018-12826 125 2018-08-29 2018-10-30
5.0
None Remote Low Not required Partial None None
Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
187 CVE-2018-12395 Bypass 2019-02-28 2019-10-03
5.0
None Remote Low Not required Partial None None
By rewriting the Host: request headers using the webRequest API, a WebExtension can bypass domain restrictions through domain fronting. This would allow access to domains that share a host that are otherwise restricted. This vulnerability affects Firefox ESR < 60.3 and Firefox < 63.
188 CVE-2018-12393 787 Overflow 2019-02-28 2020-08-24
5.0
None Remote Low Not required None None Partial
A potential vulnerability was found in 32-bit builds where an integer overflow during the conversion of scripts to an internal UTF-16 representation could result in allocating a buffer too small for the conversion. This leads to a possible out-of-bounds write. *Note: 64-bit builds are not vulnerable to this issue.*. This vulnerability affects Firefox < 63, Firefox ESR < 60.3, and Thunderbird < 60.3.
189 CVE-2018-12386 704 Exec Code 2018-10-18 2018-12-06
5.8
None Remote Medium Not required Partial Partial None
A vulnerability in register allocation in JavaScript can lead to type confusion, allowing for an arbitrary read and write. This leads to remote code execution inside the sandboxed content process when triggered. This vulnerability affects Firefox ESR < 60.2.2 and Firefox < 62.0.3.
190 CVE-2018-12115 787 2018-08-21 2020-03-20
5.0
None Remote Low Not required None None Partial
In all versions of Node.js prior to 6.14.4, 8.11.4 and 10.9.0 when used with UCS-2 encoding (recognized by Node.js under the names `'ucs2'`, `'ucs-2'`, `'utf16le'` and `'utf-16le'`), `Buffer#write()` can be abused to write outside of the bounds of a single `Buffer`. Writes that start from the second-to-last position of a buffer cause a miscalculation of the maximum length of the input bytes to be written.
191 CVE-2018-12023 502 2019-03-21 2020-10-20
5.1
None Remote High Not required Partial Partial Partial
An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2, and 2.9.6. When Default Typing is enabled (either globally or for a specific property), the service has the Oracle JDBC jar in the classpath, and an attacker can provide an LDAP service to access, it is possible to make the service execute a malicious payload.
192 CVE-2018-12022 502 2019-03-21 2020-10-20
5.1
None Remote High Not required Partial Partial Partial
An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2, and 2.9.6. When Default Typing is enabled (either globally or for a specific property), the service has the Jodd-db jar (for database access for the Jodd framework) in the classpath, and an attacker can provide an LDAP service to access, it is possible to make the service execute a malicious payload.
193 CVE-2018-12020 706 2018-06-08 2021-12-28
5.0
None Remote Low Not required None Partial None
mainproc.c in GnuPG before 2.2.8 mishandles the original filename during decryption and verification actions, which allows remote attackers to spoof the output that GnuPG sends on file descriptor 2 to other programs that use the "--status-fd 2" option. For example, the OpenPGP data might represent an original filename that contains line feed characters in conjunction with GOODSIG or VALIDSIG status codes.
194 CVE-2018-11759 22 Dir. Trav. Bypass 2018-10-31 2019-04-15
5.0
None Remote Low Not required Partial None None
The Apache Web Server (httpd) specific code that normalised the requested path before matching it to the URI-worker map in Apache Tomcat JK (mod_jk) Connector 1.2.0 to 1.2.44 did not handle some edge cases correctly. If only a sub-set of the URLs supported by Tomcat were exposed via httpd, then it was possible for a specially constructed request to expose application functionality through the reverse proxy that was not intended for clients accessing the application via the reverse proxy. It was also possible in some configurations for a specially constructed request to bypass the access controls configured in httpd. While there is some overlap between this issue and CVE-2018-1323, they are not identical.
195 CVE-2018-10927 20 DoS +Info 2018-09-04 2021-11-17
5.5
None Remote Low ??? Partial None Partial
A flaw was found in RPC request using gfs3_lookup_req in glusterfs server. An authenticated attacker could use this flaw to leak information and execute remote denial of service by crashing gluster brick process.
196 CVE-2018-10923 20 2018-09-04 2021-11-17
5.5
None Remote Low ??? Partial Partial None
It was found that the "mknod" call derived from mknod(2) can create files pointing to devices on a glusterfs server node. An authenticated attacker could use this to create an arbitrary device and read data from any device attached to the glusterfs server node.
197 CVE-2018-10911 200 +Info 2018-09-04 2021-11-17
5.0
None Remote Low Not required Partial None None
A flaw was found in the way dic_unserialize function of glusterfs does not handle negative key length values. An attacker could use this flaw to read memory from other locations into the stored dict value.
198 CVE-2018-10903 20 2018-07-30 2021-08-04
5.0
None Remote Low Not required Partial None None
A flaw was found in python-cryptography versions between >=1.9.0 and <2.3. The finalize_with_tag API did not enforce a minimum tag length. If a user did not validate the input length prior to passing it to finalize_with_tag an attacker could craft an invalid payload with a shortened tag (e.g. 1 byte) such that they would have a 1 in 256 chance of passing the MAC check. GCM tag forgeries can cause key leakage.
199 CVE-2018-10898 798 2018-07-30 2021-08-04
5.8
None Local Network Low Not required Partial Partial Partial
A vulnerability was found in openstack-tripleo-heat-templates before version 8.0.2-40. When deployed using Director using default configuration, Opendaylight in RHOSP13 is configured with easily guessable default credentials.
200 CVE-2018-10894 295 2018-08-01 2019-10-09
5.5
None Remote Low ??? Partial Partial None
It was found that SAML authentication in Keycloak 3.4.3.Final incorrectly authenticated expired certificates. A malicious user could use this to access unauthorized data or possibly conduct further attacks.
Total number of vulnerabilities : 690   Page : 1 2 3 4 (This Page)5 6 7 8 9 10 11 12 13 14
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.