CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Redhat : Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
2051 CVE-2016-5402 94 Exec Code 2018-10-31 2019-10-09
9.0
None Remote Low ??? Complete Complete Complete
A code injection flaw was found in the way capacity and utilization imported control files are processed. A remote, authenticated attacker with access to the capacity and utilization feature could use this flaw to execute arbitrary code as the user CFME runs as.
2052 CVE-2016-5401 352 CSRF 2017-04-20 2017-04-26
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in Red Hat JBoss BRMS and BPMS 6 allows remote attackers to hijack the authentication of users for requests that modify instances via a crafted web page.
2053 CVE-2016-5398 79 XSS 2016-10-03 2016-10-04
3.5
None Remote Medium ??? None Partial None
Cross-site scripting (XSS) vulnerability in Business Process Editor in Red Hat JBoss BPM Suite before 6.3.3 allows remote authenticated users to inject arbitrary web script or HTML by levering permission to create business processes.
2054 CVE-2016-5392 200 +Info 2016-08-05 2016-08-05
6.8
None Remote Low ??? Complete None None
The API server in Kubernetes, as used in Red Hat OpenShift Enterprise 3.2, in a multi tenant environment allows remote authenticated users with knowledge of other project names to obtain sensitive project and user information via vectors related to the watch-cache list.
2055 CVE-2016-5388 284 2016-07-19 2020-08-14
5.1
None Remote High Not required Partial Partial Partial
Apache Tomcat 7.x through 7.0.70 and 8.x through 8.5.4, when the CGI Servlet is enabled, follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue. NOTE: the vendor states "A mitigation is planned for future releases of Tomcat, tracked as CVE-2016-5388"; in other words, this is not a CVE ID for a vulnerability.
2056 CVE-2016-5386 284 2016-07-19 2019-12-27
6.8
None Remote Medium Not required Partial Partial Partial
The net/http package in Go through 1.6 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect a CGI application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue.
2057 CVE-2016-5385 284 2016-07-19 2021-09-29
5.1
None Remote High Not required Partial Partial Partial
PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, as demonstrated by (1) an application that makes a getenv('HTTP_PROXY') call or (2) a CGI configuration of PHP, aka an "httpoxy" issue.
2058 CVE-2016-5383 284 Exec Code 2016-08-26 2016-08-26
6.5
None Remote Low ??? Partial Partial Partial
The web UI in Red Hat CloudForms 4.1 allows remote authenticated users to execute arbitrary code via vectors involving "Lack of field filters."
2059 CVE-2016-5314 787 DoS Overflow 2018-03-12 2018-04-05
6.8
None Remote Medium Not required Partial Partial Partial
Buffer overflow in the PixarLogDecode function in tif_pixarlog.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by overwriting the vgetparent function pointer with rgb2ycbcr.
2060 CVE-2016-5285 476 DoS 2019-11-15 2020-01-09
5.0
None Remote Low Not required None None Partial
A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service.
2061 CVE-2016-5244 200 +Info 2016-06-27 2019-04-22
5.0
None Remote Low Not required Partial None None
The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which allows remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message.
2062 CVE-2016-5195 362 +Priv 2016-11-10 2021-11-17
7.2
None Local Low Not required Complete Complete Complete
Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."
2063 CVE-2016-5178 20 DoS 2017-05-23 2018-10-30
7.5
None Remote Low Not required Partial Partial Partial
Multiple unspecified vulnerabilities in Google Chrome before 53.0.2785.143 allow remote attackers to cause a denial of service or possibly have other impact via unknown vectors.
2064 CVE-2016-5177 416 DoS 2017-05-23 2018-10-30
6.8
None Remote Medium Not required Partial Partial Partial
Use-after-free vulnerability in V8 in Google Chrome before 53.0.2785.143 allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact via unknown vectors.
2065 CVE-2016-5131 416 DoS 2016-07-23 2019-03-26
6.8
None Remote Medium Not required Partial Partial Partial
Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function.
2066 CVE-2016-5126 787 DoS Exec Code Overflow 2016-06-01 2021-08-04
4.6
None Local Low Not required Partial Partial Partial
Heap-based buffer overflow in the iscsi_aio_ioctl function in block/iscsi.c in QEMU allows local guest OS users to cause a denial of service (QEMU process crash) or possibly execute arbitrary code via a crafted iSCSI asynchronous I/O ioctl call.
2067 CVE-2016-5011 DoS 2017-04-11 2020-09-11
4.9
None Local Low Not required None None Complete
The parse_dos_extended function in partitions/dos.c in the libblkid library in util-linux allows physically proximate attackers to cause a denial of service (memory consumption) via a crafted MSDOS partition table with an extended partition boot record at zero offset.
2068 CVE-2016-5009 20 DoS 2016-07-12 2017-01-18
4.0
None Remote Low ??? None None Partial
The handle_command function in mon/Monitor.cc in Ceph allows remote authenticated users to cause a denial of service (segmentation fault and ceph monitor crash) via an (1) empty or (2) crafted prefix.
2069 CVE-2016-5008 284 Bypass 2016-07-13 2018-03-16
4.3
None Remote Medium Not required None Partial None
libvirt before 2.0.0 improperly disables password checking when the password on a VNC server is set to an empty string, which allows remote attackers to bypass authentication and establish a VNC session by connecting to the server.
2070 CVE-2016-4999 89 Exec Code Sql 2016-08-05 2021-04-27
7.5
None Remote Low Not required Partial Partial Partial
SQL injection vulnerability in the getStringParameterSQL method in main/java/org/dashbuilder/dataprovider/sql/dialect/DefaultDialect.java in Dashbuilder before 0.6.0.Beta1 allows remote attackers to execute arbitrary SQL commands via a data set lookup filter in the (1) Data Set Authoring or (2) Displayer editor UI.
2071 CVE-2016-4992 200 +Info 2017-06-08 2017-06-16
5.0
None Remote Low Not required Partial None None
389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allows remote attackers to infer the existence of RDN component objects.
2072 CVE-2016-4989 77 Exec Code Bypass 2017-04-11 2017-04-17
6.9
None Local Medium Not required Complete Complete Complete
setroubleshoot allows local users to bypass an intended container protection mechanism and execute arbitrary commands by (1) triggering an SELinux denial with a crafted file name, which is handled by the _set_tpath function in audit_data.py or via a crafted (2) local_id or (3) analysis_id field in a crafted XML document to the run_fix function in SetroubleshootFixit.py, related to the subprocess.check_output and commands.getstatusoutput functions, a different vulnerability than CVE-2016-4445.
2073 CVE-2016-4985 200 +Info 2016-07-12 2021-08-04
5.0
None Remote Low Not required Partial None None
The ironic-api service in OpenStack Ironic before 4.2.5 (Liberty) and 5.x before 5.1.2 (Mitaka) allows remote attackers to obtain sensitive information about a registered node by leveraging knowledge of the MAC address of a network card belonging to that node and sending a crafted POST request to the v1/drivers/$DRIVER_NAME/vendor_passthru resource.
2074 CVE-2016-4983 732 2019-11-05 2019-11-08
2.1
None Local Low Not required Partial None None
A postinstall script in the dovecot rpm allows local users to read the contents of newly created SSL/TLS key files.
2075 CVE-2016-4980 330 2019-11-27 2020-01-09
1.9
None Local Medium Not required None Partial None
A password generation weakness exists in xquest through 2016-06-13.
2076 CVE-2016-4970 835 DoS 2017-04-13 2021-02-14
7.8
None Remote Low Not required None None Complete
handler/ssl/OpenSslEngine.java in Netty 4.0.x before 4.0.37.Final and 4.1.x before 4.1.1.Final allows remote attackers to cause a denial of service (infinite loop).
2077 CVE-2016-4809 20 DoS 2016-09-21 2019-12-27
5.0
None Remote Low Not required None None Partial
The archive_read_format_cpio_read_header function in archive_read_support_format_cpio.c in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a CPIO archive with a large symlink.
2078 CVE-2016-4805 416 DoS Mem. Corr. 2016-05-23 2019-12-27
7.2
None Local Low Not required Complete Complete Complete
Use-after-free vulnerability in drivers/net/ppp/ppp_generic.c in the Linux kernel before 4.5.2 allows local users to cause a denial of service (memory corruption and system crash, or spinlock) or possibly have unspecified other impact by removing a network namespace, related to the ppp_register_net_channel and ppp_unregister_channel functions.
2079 CVE-2016-4578 200 +Info 2016-05-23 2019-03-25
2.1
None Local Low Not required Partial None None
sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the (1) snd_timer_user_ccallback and (2) snd_timer_user_tinterrupt functions.
2080 CVE-2016-4474 200 +Info 2016-06-30 2021-08-04
3.3
None Local Network Low Not required Partial None None
The image build process for the overcloud images in Red Hat OpenStack Platform 8.0 (Liberty) director and Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) director (aka overcloud-full) use a default root password of ROOTPW, which allows attackers to gain access via unspecified vectors.
2081 CVE-2016-4471 264 Exec Code 2017-06-08 2017-06-15
6.5
None Remote Low ??? Partial Partial Partial
ManageIQ in CloudForms before 4.1 allows remote authenticated users to execute arbitrary code.
2082 CVE-2016-4470 DoS 2016-06-27 2019-12-27
4.9
None Local Low Not required None None Complete
The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command.
2083 CVE-2016-4459 119 Overflow 2017-04-12 2019-04-22
7.8
None Remote Low Not required None None Complete
Stack-based buffer overflow in native/mod_manager/node.c in mod_cluster 1.2.9.
2084 CVE-2016-4457 310 2017-06-08 2018-01-05
5.0
None Remote Low Not required Partial None None
CloudForms Management Engine before 5.8 includes a default SSL/TLS certificate.
2085 CVE-2016-4455 264 +Info 2017-04-14 2020-09-02
2.1
None Local Low Not required Partial None None
The Subscription Manager package (aka subscription-manager) before 1.17.7-1 for Candlepin uses weak permissions (755) for subscription-manager cache directories, which allows local users to obtain sensitive information by reading files in the directories.
2086 CVE-2016-4448 134 2016-06-09 2019-12-27
10.0
None Remote Low Not required Complete Complete Complete
Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in unknown vectors.
2087 CVE-2016-4446 77 Exec Code 2017-04-11 2017-04-17
6.9
None Local Medium Not required Complete Complete Complete
The allow_execstack plugin for setroubleshoot allows local users to execute arbitrary commands by triggering an execstack SELinux denial with a crafted filename, related to the commands.getoutput function.
2088 CVE-2016-4445 77 Exec Code 2017-04-11 2017-04-17
6.9
None Local Medium Not required Complete Complete Complete
The fix_lookup_id function in sealert in setroubleshoot before 3.2.23 allows local users to execute arbitrary commands as root by triggering an SELinux denial with a crafted file name, related to executing external commands with the commands.getstatusoutput function.
2089 CVE-2016-4444 77 Exec Code 2017-04-11 2017-04-17
6.9
None Local Medium Not required Complete Complete Complete
The allow_execmod plugin for setroubleshoot before 3.2.23 allows local users to execute arbitrary commands by triggering an execmod SELinux denial with a crafted binary filename, related to the commands.getstatusoutput function.
2090 CVE-2016-4443 532 +Info 2016-12-14 2016-12-16
2.1
None Local Low Not required Partial None None
Red Hat Enterprise Virtualization (RHEV) Manager 3.6 allows local users to obtain encryption keys, certificates, and other sensitive information by reading the engine-setup log file.
2091 CVE-2016-4428 79 XSS 2016-07-12 2021-08-04
3.5
None Remote Medium ??? None Partial None
Cross-site scripting (XSS) vulnerability in OpenStack Dashboard (Horizon) 8.0.1 and earlier and 9.0.0 through 9.0.1 allows remote authenticated users to inject arbitrary web script or HTML by injecting an AngularJS template in a dashboard form.
2092 CVE-2016-4302 119 Exec Code Overflow 2016-09-21 2017-11-04
6.8
None Remote Medium Not required Partial Partial Partial
Heap-based buffer overflow in the parse_codes function in archive_read_support_format_rar.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a RAR file with a zero-sized dictionary.
2093 CVE-2016-4300 190 Exec Code Overflow 2016-09-21 2017-11-04
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in the read_SubStreamsInfo function in archive_read_support_format_7zip.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a 7zip file with a large number of substreams, which triggers a heap-based buffer overflow.
2094 CVE-2016-4286 284 Bypass 2016-10-13 2019-05-16
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to bypass intended access restrictions via unspecified vectors.
2095 CVE-2016-4273 119 DoS Exec Code Overflow Mem. Corr. 2016-10-13 2019-08-19
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6982, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, CVE-2016-6989, and CVE-2016-6990.
2096 CVE-2016-4171 Exec Code 2016-06-16 2021-11-26
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier allows remote attackers to execute arbitrary code via unknown vectors, as exploited in the wild in June 2016.
2097 CVE-2016-4166 2016-06-16 2018-10-12
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
2098 CVE-2016-4156 2016-06-16 2021-11-19
9.3
None Remote Medium Not required Complete Complete Complete
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
2099 CVE-2016-4155 2016-06-16 2021-11-19
9.3
None Remote Medium Not required Complete Complete Complete
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
2100 CVE-2016-4154 2016-06-16 2021-11-19
9.3
None Remote Medium Not required Complete Complete Complete
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
Total number of vulnerabilities : 3974   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 (This Page)43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.