CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Redhat : Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
351 CVE-2017-12160 287 2017-10-26 2020-08-19
6.5
None Remote Low ??? Partial Partial Partial
It was found that Keycloak oauth would permit an authenticated resource to obtain an access/refresh token pair from the authentication server, permitting indefinite usage in the case of permission revocation. An attacker on an already compromised resource could use this flaw to grant himself continued permissions and possibly conduct further attacks.
352 CVE-2017-9788 200 DoS +Info 2017-07-13 2021-06-06
6.4
None Remote Low Not required Partial None Partial
In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by mod_auth_digest. Providing an initial key with no '=' assignment could reflect the stale value of uninitialized pool memory used by the prior request, leading to leakage of potentially confidential information, and a segfault in other cases resulting in denial of service.
353 CVE-2017-9776 190 DoS Overflow 2017-06-22 2019-03-12
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow leading to Heap buffer overflow in JBIG2Stream.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document.
354 CVE-2017-9461 835 DoS 2017-06-06 2019-10-03
6.8
None Remote Low ??? None None Complete
smbd in Samba before 4.4.10 and 4.5.x before 4.5.6 has a denial of service vulnerability (fd_open_atomic infinite loop with high CPU usage and memory consumption) due to wrongly handling dangling symlinks.
355 CVE-2017-7846 74 2018-06-11 2018-08-07
6.8
None Remote Medium Not required Partial Partial Partial
It is possible to execute JavaScript in the parsed RSS feed when RSS feed is viewed as a website, e.g. via "View -> Feed article -> Website" or in the standard format of "View -> Feed article -> default format". This vulnerability affects Thunderbird < 52.5.2.
356 CVE-2017-7814 20 Bypass 2018-06-11 2018-08-06
6.8
None Remote Medium Not required Partial Partial Partial
File downloads encoded with "blob:" and "data:" URL elements bypassed normal file download checks though the Phishing and Malware Protection feature and its block lists of suspicious sites and files. This would allow malicious sites to lure users into downloading executables that would otherwise be detected as suspicious. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4.
357 CVE-2017-7798 94 Exec Code 2018-06-11 2018-08-09
6.8
None Remote Medium Not required Partial Partial Partial
The Developer Tools feature suffers from a XUL injection vulnerability due to improper sanitization of the web page source code. In the worst case, this could allow arbitrary code execution when opening a malicious page with the style editor tool. This vulnerability affects Firefox ESR < 52.3 and Firefox < 55.
358 CVE-2017-7758 125 2018-06-11 2018-08-03
6.4
None Remote Low Not required Partial None Partial
An out-of-bounds read vulnerability with the Opus encoder when the number of channels in an audio stream changes while the encoder is in use. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.
359 CVE-2017-7753 125 2018-06-11 2018-08-03
6.4
None Remote Low Not required Partial None Partial
An out-of-bounds read occurs when applying style rules to pseudo-elements, such as ::first-line, using cached style data. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.
360 CVE-2017-7752 416 2018-06-11 2018-08-03
6.8
None Remote Medium Not required Partial Partial Partial
A use-after-free vulnerability during specific user interactions with the input method editor (IME) in some languages due to how events are handled. This results in a potentially exploitable crash but would require specific user interaction to trigger. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.
361 CVE-2017-7553 918 2017-09-29 2017-12-31
6.5
None Remote Low ??? Partial Partial Partial
The external_request api call in App Studio (millicore) allows server side request forgery (SSRF). An attacker could use this flaw to probe the network internal resources, and access restricted endpoints.
362 CVE-2017-7530 2018-07-26 2019-10-09
6.5
None Remote Low ??? Partial Partial Partial
In CloudForms Management Engine (cfme) before 5.7.3 and 5.8.x before 5.8.1, it was found that privilege check is missing when invoking arbitrary methods via filtering on VMs that MiqExpression will execute that is triggerable by API users. An attacker could use this to execute actions they should not be allowed to (e.g. destroying VMs).
363 CVE-2017-7000 119 DoS Exec Code Overflow Mem. Corr. 2018-04-03 2018-04-27
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. The issue involves the "SQLite" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
364 CVE-2017-5465 125 2018-06-11 2018-08-07
6.4
None Remote Low Not required Partial None Partial
An out-of-bounds read while processing SVG content in "ConvolvePixel". This results in a crash and also allows for otherwise inaccessible memory being copied into SVG graphic content, which could then displayed. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
365 CVE-2017-5447 416 2018-06-11 2018-08-07
6.4
None Remote Low Not required Partial None Partial
An out-of-bounds read during the processing of glyph widths during text layout. This results in a potentially exploitable crash and could allow an attacker to read otherwise inaccessible memory. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
366 CVE-2017-5436 787 2018-06-11 2018-08-07
6.8
None Remote Medium Not required Partial Partial Partial
An out-of-bounds write in the Graphite 2 library triggered with a maliciously crafted Graphite font. This results in a potentially exploitable crash. This issue was fixed in the Graphite 2 library as well as Mozilla products. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
367 CVE-2017-5333 190 DoS Exec Code Overflow 2019-11-04 2019-11-07
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in the extract_group_icon_cursor_resource function in b/wrestool/extract.c in icoutils before 0.31.1 allows local users to cause a denial of service (process crash) or execute arbitrary code via a crafted executable file.
368 CVE-2017-5332 119 DoS Exec Code Overflow 2019-11-04 2019-11-06
6.8
None Remote Medium Not required Partial Partial Partial
The extract_group_icon_cursor_resource in wrestool/extract.c in icoutils before 0.31.1 can access unallocated memory, which allows local users to cause a denial of service (process crash) and execute arbitrary code via a crafted executable.
369 CVE-2017-5208 190 DoS Exec Code Overflow Mem. Corr. 2017-08-22 2019-03-20
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in the wrestool program in icoutils before 0.31.1 allows remote attackers to cause a denial of service (memory corruption) via a crafted executable, which triggers a denial of service (application crash) or the possibility of execution of arbitrary code.
370 CVE-2017-3600 2017-04-24 2019-10-03
6.0
None Remote Medium ??? Partial Partial Partial
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in takeover of MySQL Server. Note: CVE-2017-3600 is equivalent to CVE-2016-5483. CVSS 3.0 Base Score 6.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H).
371 CVE-2017-2673 863 2018-07-19 2021-08-04
6.5
None Remote Low ??? Partial Partial Partial
An authorization-check flaw was discovered in federation configurations of the OpenStack Identity service (keystone). An authenticated federated user could request permissions to a project and unintentionally be granted all related roles including administrative roles.
372 CVE-2017-2666 444 XSS +Info 2018-07-27 2019-10-09
6.4
None Remote Low Not required Partial Partial None
It was discovered in Undertow that the code that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack, or obtain sensitive information from requests other than their own.
373 CVE-2017-2638 287 2018-07-16 2019-10-09
6.4
None Remote Low Not required Partial Partial None
It was found that the REST API in Infinispan before version 9.0.0 did not properly enforce auth constraints. An attacker could use this vulnerability to read or modify data in the default cache or a known cache name.
374 CVE-2017-2619 362 2018-03-12 2019-10-09
6.0
None Remote Medium ??? Partial Partial Partial
Samba before versions 4.6.1, 4.5.7 and 4.4.11 are vulnerable to a malicious client using a symlink race to allow access to areas of the server file system not exported under the share definition.
375 CVE-2017-2589 2018-07-26 2019-10-09
6.0
None Remote Medium ??? Partial Partial Partial
It was discovered that the hawtio servlet 1.4 uses a single HttpClient instance to proxy requests with a persistent cookie store (cookies are stored locally and are not passed between the client and the end URL) which means all clients using that proxy are sharing the same cookies.
376 CVE-2017-0902 346 2017-08-31 2019-10-09
6.8
None Remote Medium Not required Partial Partial Partial
RubyGems version 2.6.12 and earlier is vulnerable to a DNS hijacking vulnerability that allows a MITM attacker to force the RubyGems client to download and install gems from a server that the attacker controls.
377 CVE-2017-0901 20 2017-08-31 2019-10-09
6.4
None Remote Low Not required None Partial Partial
RubyGems version 2.6.12 and earlier fails to validate specification names, allowing a maliciously crafted gem to potentially overwrite any file on the filesystem.
378 CVE-2016-9905 284 2018-06-11 2018-08-09
6.8
None Remote Medium Not required Partial Partial Partial
A potentially exploitable crash in "EnumerateSubDocuments" while adding or removing sub-documents. This vulnerability affects Firefox ESR < 45.6 and Thunderbird < 45.6.
379 CVE-2016-9651 94 Exec Code 2019-01-09 2019-01-16
6.8
None Remote Medium Not required Partial Partial Partial
A missing check for whether a property of a JS object is private in V8 in Google Chrome prior to 55.0.2883.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
380 CVE-2016-9606 20 Exec Code 2018-03-09 2018-10-12
6.8
None Remote Medium Not required Partial Partial Partial
JBoss RESTEasy before version 3.1.2 could be forced into parsing a request with YamlProvider, resulting in unmarshalling of potentially untrusted data which could allow an attacker to execute arbitrary code with RESTEasy application permissions.
381 CVE-2016-9599 284 2018-04-24 2021-08-04
6.0
None Remote Medium ??? Partial Partial Partial
puppet-tripleo before versions 5.5.0, 6.2.0 is vulnerable to an access-control flaw in the IPtables rules management, which allowed the creation of TCP/UDP rules with empty port values. If SSL is enabled, a malicious user could use these open ports to gain access to unauthorized resources.
382 CVE-2016-9583 125 2018-08-01 2019-10-09
6.8
None Remote Medium Not required Partial Partial Partial
An out-of-bounds heap read vulnerability was found in the jpc_pi_nextpcrl() function of jasper before 2.0.6 when processing crafted input.
383 CVE-2016-9577 119 Exec Code Overflow 2018-07-27 2019-10-09
6.5
None Remote Low ??? Partial Partial Partial
A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling. An authenticated attacker could send crafted messages to the SPICE server causing a heap overflow leading to a crash or possible code execution.
384 CVE-2016-9560 787 Overflow 2017-02-15 2021-03-15
6.8
None Remote Medium Not required Partial Partial Partial
Stack-based buffer overflow in the jpc_tsfb_getbands2 function in jpc_tsfb.c in JasPer before 1.900.30 allows remote attackers to have unspecified impact via a crafted image.
385 CVE-2016-8654 119 Overflow 2018-08-01 2019-10-09
6.8
None Remote Medium Not required Partial Partial Partial
A heap-buffer overflow vulnerability was found in QMFB code in JPC codec caused by buffer being allocated with too small size. jasper versions before 2.0.0 are affected.
386 CVE-2016-8648 502 Exec Code 2018-08-01 2019-10-09
6.5
None Remote Low ??? Partial Partial Partial
It was found that the Karaf container used by Red Hat JBoss Fuse 6.x, and Red Hat JBoss A-MQ 6.x, deserializes objects passed to MBeans via JMX operations. An attacker could use this flaw to execute remote code on the server as the user running the Java Virtual Machine if the target MBean contain deserialization gadgets in its classpath.
387 CVE-2016-8626 20 DoS 2018-07-31 2019-10-09
6.8
None Remote Low ??? None None Complete
A flaw was found in Red Hat Ceph before 0.94.9-8. The way Ceph Object Gateway handles POST object requests permits an authenticated attacker to launch a denial of service attack by sending null or specially crafted POST object requests.
388 CVE-2016-7075 295 Bypass 2018-09-10 2019-10-09
6.8
None Remote Medium Not required Partial Partial Partial
It was found that Kubernetes as used by Openshift Enterprise 3 did not correctly validate X.509 client intermediate certificate host name fields. An attacker could use this flaw to bypass authentication requirements by using a specially crafted X.509 certificate.
389 CVE-2016-7065 502 DoS Exec Code 2016-10-13 2016-12-23
6.5
None Remote Low ??? Partial Partial Partial
The JMX servlet in Red Hat JBoss Enterprise Application Platform (EAP) 4 and 5 allows remote authenticated users to cause a denial of service and possibly execute arbitrary code via a crafted serialized Java object.
390 CVE-2016-7041 22 Dir. Trav. Bypass 2018-09-10 2019-10-09
6.8
None Remote Low ??? Complete None None
Drools Workbench contains a path traversal vulnerability. The vulnerability allows a remote, authenticated attacker to bypass the directory restrictions and retrieve arbitrary files from the affected host.
391 CVE-2016-7034 352 Bypass CSRF 2016-09-07 2018-02-15
6.8
None Remote Medium Not required Partial Partial Partial
The dashbuilder in Red Hat JBoss BPM Suite 6.3.2 does not properly handle CSRF tokens generated during an active session and includes them in query strings, which makes easier for remote attackers to (1) bypass CSRF protection mechanisms or (2) conduct cross-site request forgery (CSRF) attacks by obtaining an old token.
392 CVE-2016-5766 190 DoS Overflow 2016-08-07 2019-04-22
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in the _gd2GetHeader function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via crafted chunk dimensions in an image.
393 CVE-2016-5422 264 +Priv 2016-09-07 2016-09-08
6.5
None Remote Low ??? Partial Partial Partial
The web console in Red Hat JBoss Operations Network (JON) before 3.3.7 does not properly authorize requests to add users with the super user role, which allows remote authenticated users to gain admin privileges via a crafted POST request.
394 CVE-2016-5401 352 CSRF 2017-04-20 2017-04-26
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in Red Hat JBoss BRMS and BPMS 6 allows remote attackers to hijack the authentication of users for requests that modify instances via a crafted web page.
395 CVE-2016-5392 200 +Info 2016-08-05 2016-08-05
6.8
None Remote Low ??? Complete None None
The API server in Kubernetes, as used in Red Hat OpenShift Enterprise 3.2, in a multi tenant environment allows remote authenticated users with knowledge of other project names to obtain sensitive project and user information via vectors related to the watch-cache list.
396 CVE-2016-5386 284 2016-07-19 2019-12-27
6.8
None Remote Medium Not required Partial Partial Partial
The net/http package in Go through 1.6 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect a CGI application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue.
397 CVE-2016-5383 284 Exec Code 2016-08-26 2016-08-26
6.5
None Remote Low ??? Partial Partial Partial
The web UI in Red Hat CloudForms 4.1 allows remote authenticated users to execute arbitrary code via vectors involving "Lack of field filters."
398 CVE-2016-5314 787 DoS Overflow 2018-03-12 2018-04-05
6.8
None Remote Medium Not required Partial Partial Partial
Buffer overflow in the PixarLogDecode function in tif_pixarlog.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by overwriting the vgetparent function pointer with rgb2ycbcr.
399 CVE-2016-5177 416 DoS 2017-05-23 2018-10-30
6.8
None Remote Medium Not required Partial Partial Partial
Use-after-free vulnerability in V8 in Google Chrome before 53.0.2785.143 allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact via unknown vectors.
400 CVE-2016-5131 416 DoS 2016-07-23 2019-03-26
6.8
None Remote Medium Not required Partial Partial Partial
Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function.
Total number of vulnerabilities : 638   Page : 1 2 3 4 5 6 7 8 (This Page)9 10 11 12 13
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.