CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Redhat : Security Vulnerabilities (CVSS score between 2 and 2.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
251 CVE-2009-5066 255 2012-08-13 2015-01-18
2.1
None Local Low Not required Partial None None
twiddle.sh in JBoss AS 5.0 and EAP 5.0 and earlier accepts credentials as command-line arguments, which allows local users to read the credentials by listing the process and its arguments.
252 CVE-2009-3554 200 +Info 2009-12-15 2017-08-17
2.1
None Local Low Not required Partial None None
Twiddle in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP08 and 4.3 before 4.3.0.CP07 writes the JMX password, and other command-line arguments, to the twiddle.log file, which allows local users to obtain sensitive information by reading this file.
253 CVE-2009-3552 295 2019-11-09 2019-11-12
2.9
None Local Network Medium Not required None Partial None
In RHEV-M VDC 2.2.0, it was found that the SSL certificate was not verified when using the client-side Red Hat Enterprise Virtualization Manager interface (a Windows Presentation Foundation (WPF) XAML browser application) to connect to the Red Hat Enterprise Virtualization Manager. An attacker on the local network could use this flaw to conduct a man-in-the-middle attack, tricking the user into thinking they are viewing the Red Hat Enterprise Virtualization Manager when the content is actually attacker-controlled, or modifying actions a user requested Red Hat Enterprise Virtualization Manager to perform.
254 CVE-2009-3228 909 +Info 2009-10-19 2020-08-13
2.1
None Local Low Not required Partial None None
The tc_fill_tclass function in net/sched/sch_api.c in the tc subsystem in the Linux kernel 2.4.x before 2.4.37.6 and 2.6.x before 2.6.31-rc9 does not initialize certain (1) tcm__pad1 and (2) tcm__pad2 structure members, which might allow local users to obtain sensitive information from kernel memory via unspecified vectors.
255 CVE-2009-2910 200 +Info 2009-10-20 2020-08-07
2.1
None Local Low Not required Partial None None
arch/x86/ia32/ia32entry.S in the Linux kernel before 2.6.31.4 on the x86_64 platform does not clear certain kernel registers before a return to user mode, which allows local users to read register values from an earlier process by switching an ia32 process to 64-bit mode.
256 CVE-2008-3272 200 +Info 2008-08-08 2020-07-31
2.1
None Local Low Not required Partial None None
The snd_seq_oss_synth_make_info function in sound/core/seq/oss/seq_oss_synth.c in the sound subsystem in the Linux kernel before 2.6.27-rc2 does not verify that the device number is within the range defined by max_synthdev before returning certain data to the caller, which allows local users to obtain sensitive information.
257 CVE-2008-3270 310 DoS 2008-08-18 2017-09-29
2.6
None Remote High Not required None Partial None
yum-rhn-plugin in Red Hat Enterprise Linux (RHEL) 5 does not verify the SSL certificate for a file download from a Red Hat Network (RHN) server, which makes it easier for remote man-in-the-middle attackers to cause a denial of service (loss of updates) or force the download and installation of official Red Hat packages that were not requested.
258 CVE-2008-2368 255 2009-01-20 2017-08-08
2.1
None Local Low Not required Partial None None
Red Hat Certificate System 7.2 stores passwords in cleartext in the UserDirEnrollment log, the RA wizard installer log, and unspecified other debug log files, and uses weak permissions for these files, which allows local users to discover passwords by reading the files.
259 CVE-2008-2367 264 2009-01-20 2017-08-08
2.1
None Local Low Not required Partial None None
Red Hat Certificate System 7.2 uses world-readable permissions for password.conf and unspecified other configuration files, which allows local users to discover passwords by reading these files.
260 CVE-2008-1945 2008-08-08 2020-12-16
2.1
None Local Low Not required Partial None None
QEMU 0.9.0 does not properly handle changes to removable media, which allows guest OS users to read arbitrary files on the host OS by using the diskformat: parameter in the -usbdevice option to modify the disk-image header to identify a different format, a related issue to CVE-2008-2004.
261 CVE-2007-6206 200 +Info 2007-12-04 2020-08-12
2.1
None Local Low Not required Partial None None
The do_coredump function in fs/exec.c in Linux kernel 2.4.x and 2.6.x up to 2.6.24-rc3, and possibly other versions, does not change the UID of a core dump file if it exists before a root process creates a core dump in the same location, which might allow local users to obtain sensitive information.
262 CVE-2007-6131 16 2007-11-26 2011-03-08
2.1
None Local Low Not required None Partial None
buttonpressed.sh in scanbuttond 0.2.3 allows local users to overwrite arbitrary files via a symlink attack on the (1) scan.pnm and (2) scan.jpg temporary files.
263 CVE-2007-3379 DoS 2007-09-17 2017-10-11
2.1
None Local Low Not required None None Partial
Unspecified vulnerability in the kernel in Red Hat Enterprise Linux (RHEL) 4 on the x86_64 platform allows local users to cause a denial of service (OOPS) via unspecified vectors related to the get_gate_vma function and the fuser command.
264 CVE-2007-3099 DoS 2007-06-14 2017-10-11
2.1
None Local Low Not required None None Partial
usr/mgmt_ipc.c in iscsid in open-iscsi (iscsi-initiator-utils) before 2.0-865 checks the client's UID on the listening AF_LOCAL socket instead of the new connection, which allows remote attackers to access the management interface and cause a denial of service (iscsid exit or iSCSI connection loss).
265 CVE-2006-3813 2006-08-11 2017-10-11
2.1
None Local Low Not required None Partial None
A regression error in the Perl package for Red Hat Enterprise Linux 4 omits the patch for CVE-2005-0155, which allows local users to overwrite arbitrary files with debugging information.
266 CVE-2005-2104 +Info 2005-10-07 2017-10-11
2.1
None Local Low Not required Partial None None
sysreport before 1.3.7 allows local users to obtain sensitive information via a symlink attack on a temporary directory.
267 CVE-2005-2100 DoS 2005-10-25 2017-10-11
2.1
None Local Low Not required None None Partial
The rw_vm function in usercopy.c in the 4GB split patch for the Linux kernel in Red Hat Enterprise Linux 4 does not perform proper bounds checking, which allows local users to cause a denial of service (crash).
268 CVE-2005-1918 22 Dir. Trav. 2005-12-31 2018-10-19
2.6
None Remote High Not required None Partial None
The original patch for a GNU tar directory traversal vulnerability (CVE-2002-0399) in Red Hat Enterprise Linux 3 and 2.1 uses an "incorrect optimization" that allows user-assisted attackers to overwrite arbitrary files via a crafted tar file, probably involving "/../" sequences with a leading "/".
269 CVE-2005-1038 2005-05-02 2017-10-11
2.1
None Local Low Not required Partial None None
crontab in Vixie cron 4.1, when running with the -e option, allows local users to read the cron files of other users by changing the file being edited to a symlink. NOTE: there is insufficient information to know whether this is a duplicate of CVE-2001-0235.
270 CVE-2005-0757 DoS 2005-05-18 2017-10-11
2.1
None Local Low Not required None None Partial
The xattr file system code, as backported in Red Hat Enterprise Linux 3 on 64-bit systems, does not properly handle certain offsets, which allows local users to cause a denial of service (system crash) via certain actions on an ext3 file system with extended attributes enabled.
271 CVE-2005-0736 Overflow 2005-03-09 2018-10-03
2.1
None Local Low Not required None Partial None
Integer overflow in sys_epoll_wait in eventpoll.c for Linux kernel 2.6 to 2.6.11 allows local users to overwrite kernel memory via a large number of events.
272 CVE-2005-0207 DoS 2005-05-02 2017-10-11
2.1
None Local Low Not required None None Partial
Unknown vulnerability in Linux kernel 2.4.x, 2.5.x, and 2.6.x allows NFS clients to cause a denial of service via O_DIRECT.
273 CVE-2005-0156 Exec Code Overflow 2005-02-07 2018-08-13
2.1
None Local Low Not required None Partial None
Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to execute arbitrary code by setting the PERLIO_DEBUG variable and executing a Perl script whose full pathname contains a long directory tree.
274 CVE-2005-0092 DoS 2005-02-19 2017-10-11
2.1
None Local Low Not required None None Partial
Unknown vulnerability in the Red Hat Enterprise Linux 4 kernel 4GB/4GB split patch, when running on x86 with the hugemem kernel, allows local users to cause a denial of service (crash).
275 CVE-2005-0090 DoS 2005-05-02 2017-10-11
2.1
None Local Low Not required None None Partial
A regression error in the Red Hat Enterprise Linux 4 kernel 4GB/4GB split patch omits an "access check," which allows local users to cause a denial of service (crash).
276 CVE-2005-0077 2005-05-02 2018-10-19
2.1
None Local Low Not required None Partial None
The DBI library (libdbi-perl) for Perl allows local users to overwrite arbitrary files via a symlink attack on a temporary PID file.
277 CVE-2005-0003 DoS Exec Code 2005-04-14 2017-10-11
2.1
None Local Low Not required None None Partial
The 64 bit ELF support in Linux kernel 2.6 before 2.6.10, on 64-bit architectures, does not properly check for overlapping VMA (virtual memory address) allocations, which allows local users to cause a denial of service (system crash) or execute arbitrary code via a crafted ELF or a.out file.
278 CVE-2004-1335 DoS 2004-12-15 2017-10-11
2.1
None Local Low Not required None None Partial
Memory leak in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (memory consumption) by repeatedly calling the ip_cmsg_send function.
279 CVE-2004-1334 DoS Overflow 2004-12-15 2017-07-11
2.1
None Local Low Not required None None Partial
Integer overflow in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (kernel crash) via a cmsg_len that contains a -1, which leads to a buffer overflow.
280 CVE-2004-1333 DoS Overflow 2004-12-15 2018-10-03
2.1
None Local Low Not required None None Partial
Integer overflow in the vc_resize function in the Linux kernel 2.4 and 2.6 before 2.6.10 allows local users to cause a denial of service (kernel crash) via a short new screen value, which leads to a buffer overflow.
281 CVE-2004-1270 2005-01-10 2018-10-03
2.1
None Local Low Not required None Partial None
lppasswd in CUPS 1.1.22, when run in environments that do not ensure that file descriptors 0, 1, and 2 are open when lppasswd is called, does not verify that the passwd.new file is different from STDERR, which allows local users to control output to passwd.new via certain user input that triggers an error message.
282 CVE-2004-1268 2005-01-10 2018-10-03
2.1
None Local Low Not required None Partial None
lppasswd in CUPS 1.1.22 ignores write errors when modifying the CUPS passwd file, which allows local users to corrupt the file by filling the associated file system and triggering the write errors.
283 CVE-2004-1237 DoS 2005-04-14 2017-10-11
2.1
None Local Low Not required None None Partial
Unknown vulnerability in the system call filtering code in the audit subsystem for Red Hat Enterprise Linux 3 allows local users to cause a denial of service (system crash) via unknown vectors.
284 CVE-2004-1171 2005-01-10 2017-07-11
2.1
None Local Low Not required Partial None None
KDE 3.2.x and 3.3.0 through 3.3.2, when saving credentials that are (1) manually entered by the user or (2) created by the SMB protocol handler, stores those credentials for plaintext in the user's .desktop file, which may be created with world-readable permissions, which could allow local users to obtain usernames and passwords for remote resources such as SMB shares.
285 CVE-2004-1074 DoS 2005-01-10 2017-10-11
2.1
None Local Low Not required None None Partial
The binfmt functionality in the Linux kernel, when "memory overcommit" is enabled, allows local users to cause a denial of service (kernel oops) via a malformed a.out binary.
286 CVE-2004-1073 2005-01-10 2017-10-11
2.1
None Local Low Not required Partial None None
The open_exec function in the execve functionality (exec.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, allows local users to read non-readable ELF binaries by using the interpreter (PT_INTERP) functionality.
287 CVE-2004-0977 2005-02-09 2017-10-11
2.1
None Local Low Not required None Partial None
The make_oidjoins_check script in PostgreSQL 7.4.5 and earlier allows local users to overwrite files via a symlink attack on temporary files.
288 CVE-2004-0974 2005-02-09 2017-07-11
2.1
None Local Low Not required None Partial None
The netatalk package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.
289 CVE-2004-0968 2005-02-09 2017-10-11
2.1
None Local Low Not required None Partial None
The catchsegv script in glibc 2.3.2 and earlier allows local users to overwrite files via a symlink attack on temporary files.
290 CVE-2004-0812 DoS Exec Code 2005-04-14 2017-10-11
2.1
None Local Low Not required None None Partial
Unknown vulnerability in the Linux kernel before 2.4.23, on the AMD AMD64 and Intel EM64T architectures, associated with "setting up TSS limits," allows local users to cause a denial of service (crash) and possibly execute arbitrary code.
291 CVE-2004-0587 DoS 2004-08-06 2017-10-11
2.1
None Local Low Not required None None Partial
Insecure permissions for the /proc/scsi/qla2300/HbaApiNode file in Linux allows local users to cause a denial of service.
292 CVE-2004-0554 DoS 2004-08-06 2017-10-11
2.1
None Local Low Not required None None Partial
Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a "crash.c" program.
293 CVE-2004-0497 2004-12-06 2017-10-11
2.1
None Local Low Not required None Partial None
Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4.
294 CVE-2004-0491 2004-12-31 2017-10-11
2.1
None Local Low Not required None Partial None
The linux-2.4.21-mlock.patch in Red Hat Enterprise Linux 3 does not properly maintain the mlock page count when one process unlocks pages that belong to another process, which allows local users to mlock more memory than specified by the rlimit.
295 CVE-2004-0415 2004-11-23 2017-10-11
2.1
None Local Low Not required Partial None None
Linux kernel does not properly convert 64-bit file offset pointers to 32 bits, which allows local users to access portions of kernel memory.
296 CVE-2003-1295 2003-12-31 2008-09-05
2.1
None Local Low Not required None None Partial
Unspecified vulnerability in xscreensaver 4.12, and possibly other versions, allows attackers to cause xscreensaver to crash via unspecified vectors "while verifying the user-password."
297 CVE-2003-0547 2003-08-27 2017-10-11
2.1
None Local Low Not required Partial None None
GDM before 2.4.1.6, when using the "examine session errors" feature, allows local users to read arbitrary files via a symlink attack on the ~/.xsession-errors file.
298 CVE-2003-0461 +Info 2003-08-27 2017-10-11
2.1
None Local Low Not required Partial None None
/proc/tty/driver/serial in Linux 2.4.x reveals the exact number of characters used in serial links, which could allow local users to obtain potentially sensitive information such as the length of passwords.
299 CVE-2002-1890 2002-12-31 2008-09-05
2.1
None Local Low Not required None Partial None
rhmask 1.0-9 in Red Hat Linux 7.1 allows local users to overwrite arbitrary files via a symlink attack on the mask file.
300 CVE-2002-0080 269 2002-03-15 2020-11-16
2.1
None Local Low Not required Partial None None
rsync, when running in daemon mode, does not properly call setgroups before dropping privileges, which could provide supplemental group privileges to local users, who could then read certain files that would otherwise be disallowed.
Total number of vulnerabilities : 320   Page : 1 2 3 4 5 6 (This Page)7
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.