Vulnerabilities (CVE)

Filtered by vendor Redhat Subscribe
Filtered by product Enterprise Linux Desktop
Total 1947 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-1000805 4 Canonical, Debian, Paramiko and 1 more 11 Ubuntu Linux, Debian Linux, Paramiko and 8 more 2024-11-21 6.5 MEDIUM 8.8 HIGH
Paramiko version 2.4.1, 2.3.2, 2.2.3, 2.1.5, 2.0.8, 1.18.5, 1.17.6 contains a Incorrect Access Control vulnerability in SSH server that can result in RCE. This attack appear to be exploitable via network connectivity.
CVE-2018-1000301 5 Canonical, Debian, Haxx and 2 more 9 Ubuntu Linux, Debian Linux, Curl and 6 more 2024-11-21 6.4 MEDIUM 9.1 CRITICAL
curl version curl 7.20.0 to and including curl 7.59.0 contains a CWE-126: Buffer Over-read vulnerability in denial of service that can result in curl can be tricked into reading data beyond the end of a heap based buffer used to store downloaded RTSP content.. This vulnerability appears to have been fixed in curl < 7.20.0 and curl >= 7.60.0.
CVE-2018-1000199 4 Canonical, Debian, Linux and 1 more 10 Ubuntu Linux, Debian Linux, Linux Kernel and 7 more 2024-11-21 4.9 MEDIUM 5.5 MEDIUM
The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. This vulnerability appears to have been fixed in git commit f67b15037a7a50c57f72e69a6d59941ad90a0f0f.
CVE-2018-1000156 4 Canonical, Debian, Gnu and 1 more 9 Ubuntu Linux, Debian Linux, Patch and 6 more 2024-11-21 6.8 MEDIUM 7.8 HIGH
GNU Patch version 2.7.6 contains an input validation vulnerability when processing patch files, specifically the EDITOR_PROGRAM invocation (using ed) can result in code execution. This attack appear to be exploitable via a patch file processed via the patch utility. This is similar to FreeBSD's CVE-2015-1418 however although they share a common ancestry the code bases have diverged over time.
CVE-2018-1000140 4 Canonical, Debian, Redhat and 1 more 9 Ubuntu Linux, Debian Linux, Enterprise Linux Desktop and 6 more 2024-11-21 7.5 HIGH 9.8 CRITICAL
rsyslog librelp version 1.2.14 and earlier contains a Buffer Overflow vulnerability in the checking of x509 certificates from a peer that can result in Remote code execution. This attack appear to be exploitable a remote attacker that can connect to rsyslog and trigger a stack buffer overflow by sending a specially crafted x509 certificate.
CVE-2018-1000122 5 Canonical, Debian, Haxx and 2 more 9 Ubuntu Linux, Debian Linux, Curl and 6 more 2024-11-21 6.4 MEDIUM 9.1 CRITICAL
A buffer over-read exists in curl 7.20.0 to and including curl 7.58.0 in the RTSP+RTP handling code that allows an attacker to cause a denial of service or information leakage
CVE-2018-1000121 5 Canonical, Debian, Haxx and 2 more 9 Ubuntu Linux, Debian Linux, Curl and 6 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
A NULL pointer dereference exists in curl 7.21.0 to and including curl 7.58.0 in the LDAP code that allows an attacker to cause a denial of service
CVE-2018-1000120 5 Canonical, Debian, Haxx and 2 more 9 Ubuntu Linux, Debian Linux, Curl and 6 more 2024-11-21 7.5 HIGH 9.8 CRITICAL
A buffer overflow exists in curl 7.12.3 to and including curl 7.58.0 in the FTP URL handling that allows an attacker to cause a denial of service or worse.
CVE-2018-1000026 4 Canonical, Debian, Linux and 1 more 7 Ubuntu Linux, Debian Linux, Linux Kernel and 4 more 2024-11-21 6.8 MEDIUM 7.7 HIGH
Linux Linux kernel version at least v4.8 onwards, probably well before contains a Insufficient input validation vulnerability in bnx2x network card driver that can result in DoS: Network card firmware assertion takes card off-line. This attack appear to be exploitable via An attacker on a must pass a very large, specially crafted packet to the bnx2x card. This can be done from an untrusted guest VM..
CVE-2018-1000007 5 Canonical, Debian, Fujitsu and 2 more 20 Ubuntu Linux, Debian Linux, M10-1 and 17 more 2024-11-21 5.0 MEDIUM 9.8 CRITICAL
libcurl 7.1 through 7.57.0 might accidentally leak authentication data to third parties. When asked to send custom headers in its HTTP requests, libcurl will send that set of headers first to the host in the initial URL but also, if asked to follow redirects and a 30X HTTP response code is returned, to the host mentioned in URL in the `Location:` response header value. Sending the same set of headers to subsequent hosts is in particular a problem for applications that pass on custom `Authorization:` headers, as this header often contains privacy sensitive information or data that could allow others to impersonate the libcurl-using client's request.
CVE-2018-1000001 3 Canonical, Gnu, Redhat 9 Ubuntu Linux, Glibc, Enterprise Linux Desktop and 6 more 2024-11-21 7.2 HIGH 7.8 HIGH
In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution.
CVE-2018-0495 5 Canonical, Debian, Gnupg and 2 more 8 Ubuntu Linux, Debian Linux, Libgcrypt and 5 more 2024-11-21 1.9 LOW 4.7 MEDIUM
Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the _gcry_ecc_ecdsa_sign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.
CVE-2018-0494 4 Canonical, Debian, Gnu and 1 more 6 Ubuntu Linux, Debian Linux, Wget and 3 more 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
GNU Wget before 1.19.5 is prone to a cookie injection vulnerability in the resp_new function in http.c via a \r\n sequence in a continuation line.
CVE-2017-9788 6 Apache, Apple, Debian and 3 more 16 Http Server, Mac Os X, Debian Linux and 13 more 2024-11-21 6.4 MEDIUM 9.1 CRITICAL
In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by mod_auth_digest. Providing an initial key with no '=' assignment could reflect the stale value of uninitialized pool memory used by the prior request, leading to leakage of potentially confidential information, and a segfault in other cases resulting in denial of service.
CVE-2017-9776 3 Debian, Freedesktop, Redhat 8 Debian Linux, Poppler, Enterprise Linux Desktop and 5 more 2024-11-21 6.8 MEDIUM 7.8 HIGH
Integer overflow leading to Heap buffer overflow in JBIG2Stream.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document.
CVE-2017-9775 3 Debian, Freedesktop, Redhat 8 Debian Linux, Poppler, Enterprise Linux Desktop and 5 more 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
Stack buffer overflow in GfxState.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service (application crash) via a crafted PDF document.
CVE-2017-9462 3 Debian, Mercurial, Redhat 8 Debian Linux, Mercurial, Enterprise Linux Desktop and 5 more 2024-11-21 9.0 HIGH 8.8 HIGH
In Mercurial before 4.1.3, "hg serve --stdio" allows remote authenticated users to launch the Python debugger, and consequently execute arbitrary code, by using --debugger as a repository name.
CVE-2017-9461 3 Debian, Redhat, Samba 8 Debian Linux, Enterprise Linux Desktop, Enterprise Linux Server and 5 more 2024-11-21 6.8 MEDIUM 6.5 MEDIUM
smbd in Samba before 4.4.10 and 4.5.x before 4.5.6 has a denial of service vulnerability (fd_open_atomic infinite loop with high CPU usage and memory consumption) due to wrongly handling dangling symlinks.
CVE-2017-9287 5 Debian, Mcafee, Openldap and 2 more 10 Debian Linux, Policy Auditor, Openldap and 7 more 2024-11-21 4.0 MEDIUM 6.5 MEDIUM
servers/slapd/back-mdb/search.c in OpenLDAP through 2.4.44 is prone to a double free vulnerability. A user with access to search the directory can crash slapd by issuing a search including the Paged Results control with a page size of 0.
CVE-2017-8291 3 Artifex, Debian, Redhat 8 Ghostscript, Debian Linux, Enterprise Linux Desktop and 5 more 2024-11-21 6.8 MEDIUM 7.8 HIGH
Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a "/OutputFile (%pipe%" substring in a crafted .eps document that is an input to the gs program, as exploited in the wild in April 2017.