VYPR

Vendor CVEs

Red Hat

All CVEs

3,692 total · sorted by risk
  • CVE-2013-0648HigKEVFeb 27, 2013
    risk 0.70cvss 8.8epss 0.11

    Unspecified vulnerability in the ExternalInterface ActionScript functionality in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6.602.171 on Windows and Mac OS X, and before 10.3.183.67 and 11.x before 11.2.202.273 on Linux, allows remote attackers to execute arbitrary…

  • CVE-2013-0643HigKEVFeb 27, 2013
    risk 0.70cvss 8.8epss 0.11

    The Firefox sandbox in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6.602.171 on Windows and Mac OS X, and before 10.3.183.67 and 11.x before 11.2.202.273 on Linux, does not properly restrict privileges, which makes it easier for remote attackers to execute arbitrary…

  • CVE-2017-11282CriDec 1, 2017
    risk 0.69cvss 9.8epss 0.35

    Adobe Flash Player has an exploitable memory corruption vulnerability in the MP4 atom parser. Successful exploitation could lead to arbitrary code execution. This affects 26.0.0.151 and earlier.

  • CVE-2017-11281CriDec 1, 2017
    risk 0.69cvss 9.8epss 0.34

    Adobe Flash Player has an exploitable memory corruption vulnerability in the text handling function. Successful exploitation could lead to arbitrary code execution. This affects 26.0.0.151 and earlier.

  • CVE-2017-12617HigKEVOct 4, 2017
    risk 0.69cvss 8.1epss 1.00

    When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload a JSP file to the server via…

  • CVE-2016-4138CriJun 16, 2016
    risk 0.69cvss 9.8epss 0.25

    Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

  • CVE-2002-0083CriMar 15, 2002
    risk 0.68cvss 9.8epss 0.15

    Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges.

  • CVE-2017-12629CriOct 14, 2017
    risk 0.67cvss 9.8epss 0.92

    Remote code execution occurs in Apache Solr before 7.1 with Apache Lucene before 7.1 by exploiting XXE in conjunction with use of a Config API add-listener command to reach the RunExecutableListener class. Elasticsearch, although it uses Lucene, is NOT vulnerable to this. Note…

  • CVE-2017-11610HigAug 23, 2017
    risk 0.67cvss 8.8epss 0.88

    The XML-RPC server in supervisor before 3.0.1, 3.1.x before 3.1.4, 3.2.x before 3.2.4, and 3.3.x before 3.3.3 allows remote authenticated users to execute arbitrary commands via a crafted XML-RPC request, related to nested supervisord namespace lookups.

  • CVE-2015-8103CriNov 25, 2015
    risk 0.67cvss 9.8epss 0.87

    The Jenkins CLI subsystem in Jenkins before 1.638 and LTS before 1.625.2 allows remote attackers to execute arbitrary code via a crafted serialized Java object, related to a problematic webapps/ROOT/WEB-INF/lib/commons-collections-*.jar file and the "Groovy variant in…

  • CVE-2010-3904HigKEVDec 6, 2010
    risk 0.67cvss 7.8epss 0.11

    The rds_page_copy_user function in net/rds/page.c in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel before 2.6.36 does not properly validate addresses obtained from user space, which allows local users to gain privileges via crafted use of the…

  • CVE-1999-0043CriDec 4, 1996
    risk 0.67cvss 9.8epss 0.45

    Command execution via shell metachars in INN daemon (innd) 1.5 using "newgroup" and "rmgroup" control messages, and others.

  • CVE-2017-17405HigDec 15, 2017
    risk 0.66cvss 8.8epss 0.74

    Ruby before 2.4.3 allows Net::FTP command injection. Net::FTP#get, getbinaryfile, gettextfile, put, putbinaryfile, and puttextfile use Kernel#open to open a local file. If the localfile argument starts with the "|" pipe character, the command following the pipe character is…

  • CVE-2017-7504CriMay 19, 2017
    risk 0.66cvss 9.8epss 0.29

    HTTPServerILServlet.java in JMS over HTTP Invocation Layer of the JbossMQ implementation, which is enabled by default in Red Hat Jboss Application Server <= Jboss 4.X does not restrict the classes for which it performs deserialization, which allows remote attackers to execute…

  • CVE-2023-44487HigKEVOct 10, 2023
    risk 0.65cvss 7.5epss 1.00

    The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

  • CVE-2017-3167CriJun 20, 2017
    risk 0.65cvss 9.8epss 0.20

    In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed.

  • CVE-2016-1908CriApr 11, 2017
    risk 0.65cvss 9.8epss 0.14

    The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging…

  • CVE-2016-6330CriSep 27, 2016
    risk 0.65cvss 9.8epss 0.11

    The server in Red Hat JBoss Operations Network (JON), when SSL authentication is not configured for JON server / agent communication, allows remote attackers to execute arbitrary code via a crafted HTTP request, related to message deserialization. NOTE: this vulnerability…

  • CVE-2015-4643CriMay 16, 2016
    risk 0.65cvss 9.8epss 0.17

    Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 allows remote FTP servers to execute arbitrary code via a long reply to a LIST command, leading to a heap-based buffer overflow. NOTE: this…

  • CVE-2015-4603CriMay 16, 2016
    risk 0.65cvss 9.8epss 0.11

    The exception::getTraceAsString function in Zend/zend_exceptions.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to execute arbitrary code via an unexpected data type, related to a "type confusion" issue.

  • CVE-2015-4602CriMay 16, 2016
    risk 0.65cvss 9.8epss 0.11

    The __PHP_Incomplete_Class function in ext/standard/incomplete_class.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type,…

  • CVE-2015-4600CriMay 16, 2016
    risk 0.65cvss 9.8epss 0.11

    The SoapClient implementation in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to "type confusion" issues in the (1)…

  • CVE-2015-4599CriMay 16, 2016
    risk 0.65cvss 9.8epss 0.11

    The SoapFault::__toString method in ext/soap/soap.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to obtain sensitive information, cause a denial of service (application crash), or possibly execute arbitrary code via an unexpected data…

  • CVE-2016-0639CriApr 21, 2016
    risk 0.65cvss 9.8epss 0.10

    Unspecified vulnerability in Oracle MySQL 5.6.29 and earlier and 5.7.11 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Pluggable Authentication.

  • CVE-2015-7545CriApr 13, 2016
    risk 0.65cvss 9.8epss 0.20

    The (1) git-remote-ext and (2) unspecified other remote helper programs in Git before 2.3.10, 2.4.x before 2.4.10, 2.5.x before 2.5.4, and 2.6.x before 2.6.1 do not properly restrict the allowed protocols, which might allow remote attackers to execute arbitrary code via a URL in…

  • CVE-2015-8668CriJan 8, 2016
    risk 0.65cvss 9.8epss 0.14

    Heap-based buffer overflow in the PackBitsPreEncode function in tif_packbits.c in bmp2tiff in libtiff 4.0.6 and earlier allows remote attackers to execute arbitrary code or cause a denial of service via a large width field in a BMP image.

  • CVE-2014-0130HigKEVMay 7, 2014
    risk 0.65cvss 7.5epss 0.54

    Directory traversal vulnerability in actionpack/lib/abstract_controller/base.rb in the implicit-render implementation in Ruby on Rails before 3.2.18, 4.0.x before 4.0.5, and 4.1.x before 4.1.1, when certain route globbing configurations are enabled, allows remote attackers to…

  • CVE-2013-6671CriDec 11, 2013
    risk 0.65cvss 9.8epss 0.11

    The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code via crafted use of JavaScript code for ordered list elements.

  • CVE-2013-5618CriDec 11, 2013
    risk 0.65cvss 9.8epss 0.10

    Use-after-free vulnerability in the nsNodeUtils::LastRelease function in the table-editing user interface in the editor component in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute…

  • CVE-2013-0641HigKEVFeb 14, 2013
    risk 0.65cvss 7.8epss 0.32

    Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.4, 10.x before 10.1.6, and 11.x before 11.0.02 allows remote attackers to execute arbitrary code via a crafted PDF document, as exploited in the wild in February 2013.

  • CVE-2024-47516CriMar 26, 2025
    risk 0.64cvss 9.8epss 0.01

    A vulnerability was found in Pagure. An argument injection in Git during retrieval of the repository history leads to remote code execution on the Pagure instance.

  • CVE-2024-6387HigJul 1, 2024
    risk 0.64cvss 8.1epss 1.00

    A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time…

  • CVE-2018-10870CriJul 19, 2018
    risk 0.64cvss 9.8epss 0.06

    redhat-certification does not properly sanitize paths in rhcertStore.py:__saveResultsFile. A remote attacker could use this flaw to overwrite any file, potentially gaining remote code execution.

  • CVE-2011-4973CriFeb 15, 2018
    risk 0.64cvss 9.8epss 0.01

    Authentication bypass vulnerability in mod_nss 1.0.8 allows remote attackers to assume the identity of a valid user by using their certificate and entering 'password' as the password.

  • CVE-2017-3114CriDec 9, 2017
    risk 0.64cvss 9.8epss 0.06

    An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the target buffer; the computation is part of providing language- and region- or country- specific…

  • CVE-2017-3112CriDec 9, 2017
    risk 0.64cvss 9.8epss 0.06

    An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the target buffer; the computation is part of AdobePSDK metadata. The use of an invalid (out-of-range)…

  • CVE-2017-11225CriDec 9, 2017
    risk 0.64cvss 9.8epss 0.06

    An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions. This vulnerability is an instance of a use after free vulnerability in the Primetime SDK metadata functionality. The mismatch between an old and a new object can provide an attacker with unintended…

  • CVE-2017-11215CriDec 9, 2017
    risk 0.64cvss 9.8epss 0.06

    An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions. This vulnerability is an instance of a use after free vulnerability in the Primetime SDK. The mismatch between an old and a new object can provide an attacker with unintended memory access --…

  • CVE-2017-11213CriDec 9, 2017
    risk 0.64cvss 9.8epss 0.07

    An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the target buffer due to an integer overflow; the computation is part of the abstraction that creates an…

  • CVE-2017-10906CriDec 8, 2017
    risk 0.64cvss 9.8epss 0.05

    Escape sequence injection vulnerability in Fluentd versions 0.12.29 through 0.12.40 may allow an attacker to change the terminal UI or execute arbitrary commands on the device via unspecified vectors.

  • CVE-2017-14746CriNov 27, 2017
    risk 0.64cvss 9.8epss 0.10

    Use-after-free vulnerability in Samba 4.x before 4.7.3 allows remote attackers to execute arbitrary code via a crafted SMB1 request.

  • CVE-2017-1000116CriOct 5, 2017
    risk 0.64cvss 9.8epss 0.06

    Mercurial prior to 4.3 did not adequately sanitize hostnames passed to ssh, leading to possible shell-injection attacks.

  • CVE-2017-7552CriSep 29, 2017
    risk 0.64cvss 9.8epss 0.01

    A flaw was discovered in the file editor of millicore, affecting versions before 3.19.0 and 4.x before 4.5.0, which allows files to be executed as well as created. An attacker could use this flaw to compromise other users or teams projects stored in source control management of…

  • CVE-2014-8174CriSep 19, 2017
    risk 0.64cvss 9.8epss 0.03

    eDeploy makes it easier for remote attackers to execute arbitrary code by leveraging use of HTTP to download files.

  • CVE-2017-13688CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.03

    The OLSR parser in tcpdump before 4.9.2 has a buffer over-read in print-olsr.c:olsr_print().

  • CVE-2017-13053CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.03

    The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_rt_routing_info().

  • CVE-2017-13050CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.05

    The RPKI-Router parser in tcpdump before 4.9.2 has a buffer over-read in print-rpki-rtr.c:rpki_rtr_pdu_print().

  • CVE-2017-13044CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.03

    The HNCP parser in tcpdump before 4.9.2 has a buffer over-read in print-hncp.c:dhcpv4_print().

  • CVE-2017-13036CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.03

    The OSPFv3 parser in tcpdump before 4.9.2 has a buffer over-read in print-ospf6.c:ospf6_decode_v3().

  • CVE-2017-13020CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.03

    The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print().

Page 2 of 74