Vulnerabilities (CVE)

Filtered by vendor Redhat Subscribe
Filtered by product Enterprise Linux Server
Total 1910 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2013-2375 3 Mariadb, Oracle, Redhat 7 Mariadb, Mysql, Enterprise Linux Desktop and 4 more 2024-11-21 6.5 MEDIUM N/A
Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
CVE-2013-1896 4 Apache, Canonical, Opensuse and 1 more 10 Http Server, Ubuntu Linux, Opensuse and 7 more 2024-11-21 4.3 MEDIUM N/A
mod_dav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service (segmentation fault) via a MERGE request in which the URI is configured for handling by the mod_dav_svn module, but a certain href attribute in XML data refers to a non-DAV URI.
CVE-2013-1862 5 Apache, Canonical, Opensuse and 2 more 11 Http Server, Ubuntu Linux, Opensuse and 8 more 2024-11-21 5.1 MEDIUM N/A
mod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via an HTTP request containing an escape sequence for a terminal emulator.
CVE-2013-1690 6 Canonical, Debian, Mozilla and 3 more 15 Ubuntu Linux, Debian Linux, Firefox and 12 more 2024-11-21 9.3 HIGH 8.8 HIGH
Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not properly handle onreadystatechange events in conjunction with page reloading, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted web site that triggers an attempt to execute data at an unmapped memory location.
CVE-2013-1675 5 Canonical, Debian, Mozilla and 2 more 18 Ubuntu Linux, Debian Linux, Firefox and 15 more 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 do not properly initialize data structures for the nsDOMSVGZoomEvent::mPreviousScale and nsDOMSVGZoomEvent::mNewScale functions, which allows remote attackers to obtain sensitive information from process memory via a crafted web site.
CVE-2013-1620 4 Canonical, Mozilla, Oracle and 1 more 15 Ubuntu Linux, Network Security Services, Enterprise Manager Ops Center and 12 more 2024-11-21 4.3 MEDIUM N/A
The TLS implementation in Mozilla Network Security Services (NSS) does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169.
CVE-2013-1555 3 Mariadb, Oracle, Redhat 7 Mariadb, Mysql, Enterprise Linux Desktop and 4 more 2024-11-21 4.0 MEDIUM N/A
Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, and 5.5.29 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Partition.
CVE-2013-1552 3 Mariadb, Oracle, Redhat 7 Mariadb, Mysql, Enterprise Linux Desktop and 4 more 2024-11-21 6.5 MEDIUM N/A
Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
CVE-2013-1548 3 Mariadb, Oracle, Redhat 6 Mariadb, Mysql, Enterprise Linux Desktop and 3 more 2024-11-21 3.5 LOW N/A
Unspecified vulnerability in Oracle MySQL 5.1.63 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Types.
CVE-2013-1544 3 Mariadb, Oracle, Redhat 7 Mariadb, Mysql, Enterprise Linux Desktop and 4 more 2024-11-21 4.0 MEDIUM N/A
Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.
CVE-2013-1532 3 Mariadb, Oracle, Redhat 7 Mariadb, Mysql, Enterprise Linux Desktop and 4 more 2024-11-21 4.0 MEDIUM N/A
Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Information Schema.
CVE-2013-1531 3 Mariadb, Oracle, Redhat 7 Mariadb, Mysql, Enterprise Linux Desktop and 4 more 2024-11-21 6.5 MEDIUM N/A
Unspecified vulnerability in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Server Privileges.
CVE-2013-1521 3 Mariadb, Oracle, Redhat 7 Mariadb, Mysql, Enterprise Linux Desktop and 4 more 2024-11-21 6.5 MEDIUM N/A
Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Server Locking.
CVE-2013-1506 3 Mariadb, Oracle, Redhat 7 Mariadb, Mysql, Enterprise Linux Desktop and 4 more 2024-11-21 2.8 LOW N/A
Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, 5.5.29 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Locking.
CVE-2013-1416 4 Fedoraproject, Mit, Opensuse and 1 more 8 Fedora, Kerberos 5, Opensuse and 5 more 2024-11-21 4.0 MEDIUM N/A
The prep_reprocess_req function in do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.5 does not properly perform service-principal realm referral, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted TGS-REQ request.
CVE-2013-0791 4 Canonical, Mozilla, Oracle and 1 more 12 Ubuntu Linux, Firefox, Network Security Services and 9 more 2024-11-21 5.0 MEDIUM N/A
The CERT_DecodeCertPackage function in Mozilla Network Security Services (NSS), as used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to cause a denial of service (out-of-bounds read and memory corruption) via a crafted certificate.
CVE-2013-0783 5 Canonical, Debian, Mozilla and 2 more 12 Ubuntu Linux, Debian Linux, Firefox and 9 more 2024-11-21 9.3 HIGH N/A
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVE-2013-0782 5 Canonical, Debian, Mozilla and 2 more 12 Ubuntu Linux, Debian Linux, Firefox and 9 more 2024-11-21 9.3 HIGH N/A
Heap-based buffer overflow in the nsSaveAsCharset::DoCharsetConversion function in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code via unspecified vectors.
CVE-2013-0780 5 Canonical, Debian, Mozilla and 2 more 12 Ubuntu Linux, Debian Linux, Firefox and 9 more 2024-11-21 9.3 HIGH N/A
Use-after-free vulnerability in the nsOverflowContinuationTracker::Finish function in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted document that uses Cascading Style Sheets (CSS) -moz-column-* properties.
CVE-2013-0776 5 Canonical, Debian, Mozilla and 2 more 12 Ubuntu Linux, Debian Linux, Firefox and 9 more 2024-11-21 4.0 MEDIUM N/A
Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allow man-in-the-middle attackers to spoof the address bar by operating a proxy server that provides a 407 HTTP status code accompanied by web script, as demonstrated by a phishing attack on an HTTPS site.