Vulnerabilities (CVE)

Filtered by vendor Redhat Subscribe
Filtered by product Enterprise Linux Server
Total 1910 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-12615 4 Apache, Microsoft, Netapp and 1 more 23 Tomcat, Windows, 7-mode Transition Tool and 20 more 2024-11-21 6.8 MEDIUM 8.1 HIGH
When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.
CVE-2017-12613 3 Apache, Debian, Redhat 11 Portable Runtime, Debian Linux, Enterprise Linux Desktop and 8 more 2024-11-21 3.6 LOW 7.1 HIGH
When apr_time_exp*() or apr_os_exp_time*() functions are invoked with an invalid month field value in Apache Portable Runtime APR 1.6.2 and prior, out of bounds memory may be accessed in converting this value to an apr_time_exp_t value, potentially revealing the contents of a different static heap value or resulting in program termination, and may represent an information disclosure or denial of service vulnerability to applications which call these APR functions with unvalidated external input.
CVE-2017-12173 2 Fedoraproject, Redhat 6 Sssd, Enterprise Linux Desktop, Enterprise Linux Server and 3 more 2024-11-21 4.0 MEDIUM 4.3 MEDIUM
It was found that sssd's sysdb_search_user_by_upn_res() function before 1.16.0 did not sanitize requests when querying its local cache and was vulnerable to injection. In a centralized login environment, if a password hash was locally cached for a given user, an authenticated attacker could use this flaw to retrieve it.
CVE-2017-12171 2 Apache, Redhat 5 Http Server, Enterprise Linux, Enterprise Linux Desktop and 2 more 2024-11-21 6.4 MEDIUM 6.5 MEDIUM
A regression was found in the Red Hat Enterprise Linux 6.9 version of httpd 2.2.15-60, causing comments in the "Allow" and "Deny" configuration lines to be parsed incorrectly. A web administrator could unintentionally allow any client to access a restricted HTTP resource.
CVE-2017-12163 3 Debian, Redhat, Samba 7 Debian Linux, Enterprise Linux, Enterprise Linux Desktop and 4 more 2024-11-21 4.8 MEDIUM 4.1 MEDIUM
An information leak flaw was found in the way SMB1 protocol was implemented by Samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8. A malicious client could use this flaw to dump server memory contents to a file on the samba share or to a shared printer, though the exact area of server memory cannot be controlled by the attacker.
CVE-2017-12159 2 Keycloak, Redhat 3 Keycloak, Enterprise Linux Server, Single Sign On 2024-11-21 5.0 MEDIUM 7.5 HIGH
It was found that the cookie used for CSRF prevention in Keycloak was not unique to each session. An attacker could use this flaw to gain access to an authenticated user session, leading to possible information disclosure or further attacks.
CVE-2017-12158 2 Keycloak, Redhat 3 Keycloak, Enterprise Linux Server, Single Sign On 2024-11-21 3.5 LOW 5.4 MEDIUM
It was found that Keycloak would accept a HOST header URL in the admin console and use it to determine web resource locations. An attacker could use this flaw against an authenticated user to attain reflected XSS via a malicious server.
CVE-2017-12150 3 Debian, Redhat, Samba 7 Debian Linux, Enterprise Linux, Enterprise Linux Desktop and 4 more 2024-11-21 5.8 MEDIUM 7.4 HIGH
It was found that samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8 did not enforce "SMB signing" when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text.
CVE-2017-11468 2 Docker, Redhat 2 Docker Registry, Enterprise Linux Server 2024-11-21 5.0 MEDIUM 7.5 HIGH
Docker Registry before 2.6.2 in Docker Distribution does not properly restrict the amount of content accepted from a user, which allows remote attackers to cause a denial of service (memory consumption) via the manifest endpoint.
CVE-2017-11305 6 Adobe, Apple, Google and 3 more 11 Flash Player, Flash Player Desktop Runtime, Mac Os X and 8 more 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
A regression affecting Adobe Flash Player version 27.0.0.187 (and earlier versions) causes the unintended reset of the global settings preference file when a user clears browser data.
CVE-2017-11292 6 Adobe, Apple, Google and 3 more 11 Flash Player, Flash Player Desktop Runtime, Mac Os X and 8 more 2024-11-21 6.0 MEDIUM 8.8 HIGH
Adobe Flash Player version 27.0.0.159 and earlier has a flawed bytecode verification procedure, which allows for an untrusted value to be used in the calculation of an array index. This can lead to type confusion, and successful exploitation could lead to arbitrary code execution.
CVE-2017-11282 6 Adobe, Apple, Google and 3 more 10 Flash Player, Macos, Chrome Os and 7 more 2024-11-21 7.5 HIGH 9.8 CRITICAL
Adobe Flash Player has an exploitable memory corruption vulnerability in the MP4 atom parser. Successful exploitation could lead to arbitrary code execution. This affects 26.0.0.151 and earlier.
CVE-2017-11281 6 Adobe, Apple, Google and 3 more 10 Flash Player, Macos, Chrome Os and 7 more 2024-11-21 7.5 HIGH 9.8 CRITICAL
Adobe Flash Player has an exploitable memory corruption vulnerability in the text handling function. Successful exploitation could lead to arbitrary code execution. This affects 26.0.0.151 and earlier.
CVE-2017-11225 6 Adobe, Apple, Google and 3 more 10 Flash Player, Macos, Chrome Os and 7 more 2024-11-21 10.0 HIGH 9.8 CRITICAL
An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions. This vulnerability is an instance of a use after free vulnerability in the Primetime SDK metadata functionality. The mismatch between an old and a new object can provide an attacker with unintended memory access -- potentially leading to code corruption, control-flow hijack, or an information leak attack. Successful exploitation could lead to arbitrary code execution.
CVE-2017-11215 6 Adobe, Apple, Google and 3 more 10 Flash Player, Macos, Chrome Os and 7 more 2024-11-21 10.0 HIGH 9.8 CRITICAL
An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions. This vulnerability is an instance of a use after free vulnerability in the Primetime SDK. The mismatch between an old and a new object can provide an attacker with unintended memory access -- potentially leading to code corruption, control-flow hijack, or an information leak attack. Successful exploitation could lead to arbitrary code execution.
CVE-2017-11213 6 Adobe, Apple, Google and 3 more 10 Flash Player, Macos, Chrome Os and 7 more 2024-11-21 10.0 HIGH 9.8 CRITICAL
An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the target buffer due to an integer overflow; the computation is part of the abstraction that creates an arbitrarily sized transparent or opaque bitmap image. The use of an invalid (out-of-range) pointer offset during access of internal data structure fields causes the vulnerability. A successful attack can lead to sensitive data exposure.
CVE-2017-10978 3 Debian, Freeradius, Redhat 8 Debian Linux, Freeradius, Enterprise Linux Desktop and 5 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
An FR-GV-201 issue in FreeRADIUS 2.x before 2.2.10 and 3.x before 3.0.15 allows "Read / write overflow in make_secret()" and a denial of service.
CVE-2017-10664 3 Debian, Qemu, Redhat 11 Debian Linux, Qemu, Enterprise Linux and 8 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
qemu-nbd in QEMU (aka Quick Emulator) does not ignore SIGPIPE, which allows remote attackers to cause a denial of service (daemon crash) by disconnecting during a server-to-client reply attempt.
CVE-2017-10388 4 Debian, Netapp, Oracle and 1 more 29 Debian Linux, Active Iq Unified Manager, Cloud Backup and 26 more 2024-11-21 5.1 MEDIUM 7.5 HIGH
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Kerberos to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: Applies to the Java SE Kerberos client. CVSS 3.0 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H).
CVE-2017-10384 5 Debian, Mariadb, Netapp and 2 more 17 Debian Linux, Mariadb, Active Iq Unified Manager and 14 more 2024-11-21 4.0 MEDIUM 6.5 MEDIUM
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.57 and earlier 5.6.37 and earlier 5.7.19 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).