VYPR

Vendor CVEs

Red Hat

All CVEs

3,692 total · sorted by risk
  • CVE-2010-2526Aug 5, 2010
    risk 0.00cvss epss 0.01

    The cluster logical volume manager daemon (clvmd) in lvm2-cluster in LVM2 before 2.02.72, as used in Red Hat Global File System (GFS) and other products, does not verify client credentials upon a socket connection, which allows local users to cause a denial of service (daemon…

  • CVE-2010-2598Jul 2, 2010
    risk 0.00cvss epss 0.02

    LibTIFF in Red Hat Enterprise Linux (RHEL) 3 on x86_64 platforms, as used in tiff2rgba, attempts to process image data even when the required compression functionality is not configured, which allows remote attackers to cause a denial of service via a crafted TIFF image, related…

  • CVE-2010-2224Jun 24, 2010
    risk 0.00cvss epss 0.00

    The snapshot merging functionality in Red Hat Enterprise Virtualization Manager (aka RHEV-M) before 2.2 does not properly pass the postzero parameter during operations on deleted volumes, which allows guest OS users to obtain sensitive information by examining the disk blocks…

  • CVE-2010-2223Jun 24, 2010
    risk 0.00cvss epss 0.00

    Virtual Desktop Server Manager (VDSM) in Red Hat Enterprise Virtualization Hypervisor (aka RHEV-H or rhev-hypervisor) before 5.5-2.2 does not properly perform VM post-zeroing after the removal of a virtual machine's data, which allows guest OS users to obtain sensitive…

  • CVE-2010-2197Jun 8, 2010
    risk 0.00cvss epss 0.01

    rpmbuild in RPM 4.8.0 and earlier does not properly parse the syntax of spec files, which allows user-assisted remote attackers to remove home directories via vectors involving a ;~ (semicolon tilde) sequence in a Name tag.

  • CVE-2010-1439Jun 7, 2010
    risk 0.00cvss epss 0.00

    yum-rhn-plugin in Red Hat Network Client Tools (aka rhn-client-tools) on Red Hat Enterprise Linux (RHEL) 5 and Fedora uses world-readable permissions for the /var/spool/up2date/loginAuth.pkl file, which allows local users to access the Red Hat Network profile, and possibly…

  • CVE-2010-0730May 12, 2010
    risk 0.00cvss epss 0.02

    The MMIO instruction decoder in the Xen hypervisor in the Linux kernel 2.6.18 in Red Hat Enterprise Linux (RHEL) 5 allows guest OS users to cause a denial of service (32-bit guest OS crash) via vectors that trigger an unspecified instruction emulation.

  • CVE-2010-0729Mar 16, 2010
    risk 0.00cvss epss 0.00

    A certain Red Hat patch for the Linux kernel in Red Hat Enterprise Linux (RHEL) 4 on the ia64 platform allows local users to use ptrace on an arbitrary process, and consequently gain privileges, via vectors related to a missing ptrace_check_attach call.

  • CVE-2010-0727Mar 16, 2010
    risk 0.00cvss epss 0.01

    The gfs2_lock function in the Linux kernel before 2.6.34-rc1-next-20100312, and the gfs_lock function in the Linux kernel on Red Hat Enterprise Linux (RHEL) 5 and 6, does not properly remove POSIX locks on files that are setgid without group-execute permission, which allows…

  • CVE-2010-0419Mar 5, 2010
    risk 0.00cvss epss 0.00

    The x86 emulator in KVM 83, when a guest is configured for Symmetric Multiprocessing (SMP), does not properly restrict writing of segment selectors to segment registers, which might allow guest OS users to cause a denial of service (guest OS crash) or gain privileges on the…

  • CVE-2010-0306Feb 12, 2010
    risk 0.00cvss epss 0.00

    The x86 emulator in KVM 83, when a guest is configured for Symmetric Multiprocessing (SMP), does not use the Current Privilege Level (CPL) and I/O Privilege Level (IOPL) to restrict instruction execution, which allows guest OS users to cause a denial of service (guest OS crash)…

  • CVE-2009-3556Jan 27, 2010
    risk 0.00cvss epss 0.00

    A certain Red Hat configuration step for the qla2xxx driver in the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5, when N_Port ID Virtualization (NPIV) hardware is used, sets world-writable permissions for the (1) vport_create and (2) vport_delete files under…

  • CVE-2009-4133Dec 23, 2009
    risk 0.00cvss epss 0.02

    Condor 6.5.4 through 7.2.4, 7.3.x, and 7.4.0, as used in MRG, Grid for MRG, and Grid Execute Node for MRG, allows remote authenticated users to queue jobs as an arbitrary user, and thereby gain privileges, by using a Condor command-line tool to modify an unspecified job…

  • CVE-2009-3554Dec 15, 2009
    risk 0.00cvss epss 0.00

    Twiddle in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP08 and 4.3 before 4.3.0.CP07 writes the JMX password, and other command-line arguments, to the twiddle.log file, which allows local users to obtain sensitive information by…

  • CVE-2009-2405Dec 15, 2009
    risk 0.00cvss epss 0.03

    Multiple cross-site scripting (XSS) vulnerabilities in the Web Console in the Application Server in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2.0 before 4.2.0.CP08, 4.2.2GA, 4.3 before 4.3.0.CP07, and 5.1.0GA allow remote attackers to inject…

  • CVE-2009-1380Dec 15, 2009
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in JMX-Console in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP08 and 4.3 before 4.3.0.CP07 allows remote attackers to inject arbitrary web script or HTML via the filter parameter,…

  • CVE-2009-4033Dec 8, 2009
    risk 0.00cvss epss 0.00

    A certain Red Hat patch for acpid 1.0.4 effectively triggers a call to the open function with insufficient arguments, which might allow local users to leverage weak permissions on /var/log/acpid, and obtain sensitive information by reading this file, cause a denial of service by…

  • CVE-2009-3080Nov 20, 2009
    risk 0.00cvss epss 0.00

    Array index error in the gdth_read_event function in drivers/scsi/gdth.c in the Linux kernel before 2.6.32-rc8 allows local users to cause a denial of service or possibly gain privileges via a negative event index in an IOCTL request.

  • CVE-2009-2911Oct 22, 2009
    risk 0.00cvss epss 0.00

    SystemTap 1.0, when the --unprivileged option is used, does not properly restrict certain data sizes, which allows local users to (1) cause a denial of service or gain privileges via a print operation with a large number of arguments that trigger a kernel stack overflow, (2)…

  • CVE-2009-2910Oct 20, 2009
    risk 0.00cvss epss 0.00

    arch/x86/ia32/ia32entry.S in the Linux kernel before 2.6.31.4 on the x86_64 platform does not clear certain kernel registers before a return to user mode, which allows local users to read register values from an earlier process by switching an ia32 process to 64-bit mode.

  • CVE-2009-3228Oct 19, 2009
    risk 0.00cvss epss 0.00

    The tc_fill_tclass function in net/sched/sch_api.c in the tc subsystem in the Linux kernel 2.4.x before 2.4.37.6 and 2.6.x before 2.6.31-rc9 does not initialize certain (1) tcm__pad1 and (2) tcm__pad2 structure members, which might allow local users to obtain sensitive…

  • CVE-2009-2904Oct 1, 2009
    risk 0.00cvss epss 0.00

    A certain Red Hat modification to the ChrootDirectory feature in OpenSSH 4.8, as used in sshd in OpenSSH 4.3 in Red Hat Enterprise Linux (RHEL) 5.4 and Fedora 11, allows local users to gain privileges via hard links to setuid programs that use configuration files within the…

  • CVE-2009-2697Sep 4, 2009
    risk 0.00cvss epss 0.02

    The Red Hat build script for the GNOME Display Manager (GDM) before 2.16.0-56 on Red Hat Enterprise Linux (RHEL) 5 omits TCP Wrapper support, which might allow remote attackers to bypass intended access restrictions via XDMCP connections, a different vulnerability than…

  • CVE-2009-2848Aug 18, 2009
    risk 0.00cvss epss 0.01

    The execve function in the Linux kernel, possibly 2.6.30-rc6 and earlier, does not properly clear the current->clear_child_tid pointer, which allows local users to cause a denial of service (memory corruption) or possibly gain privileges via a clone system call with…

  • CVE-2009-1896Aug 10, 2009
    risk 0.00cvss epss 0.03

    The Java Web Start framework in IcedTea in OpenJDK before 1.6.0.0-20.b16.fc10 on Fedora 10, and before 1.6.0.0-27.b16.fc11 on Fedora 11, trusts an entire application when at least one of the listed jar files is trusted, which allows context-dependent attackers to execute…

  • CVE-2009-1893Jul 17, 2009
    risk 0.00cvss epss 0.01

    The configtest function in the Red Hat dhcpd init script for DHCP 3.0.1 in Red Hat Enterprise Linux (RHEL) 3 allows local users to overwrite arbitrary files via a symlink attack on an unspecified temporary file, related to the "dhcpd -t" command.

  • CVE-2009-0588May 27, 2009
    risk 0.00cvss epss 0.01

    agent/request/op.cgi in the Registration Authority (RA) component in Red Hat Certificate System (RHCS) 7.3 and Dogtag Certificate System allows remote authenticated users to approve certificate requests queued for arbitrary agent groups via a modified request ID field.

  • CVE-2009-1573May 6, 2009
    risk 0.00cvss epss 0.00

    xvfb-run 1.6.1 in Debian GNU/Linux, Ubuntu, Fedora 10, and possibly other operating systems place the magic cookie (MCOOKIE) on the command line, which allows local users to gain privileges by listing the process and its arguments.

  • CVE-2008-6560Mar 31, 2009
    risk 0.00cvss epss 0.02

    Buffer overflow in CMAN - The Cluster Manager before 2.03.09-1 on Fedora 9 and Red Hat Enterprise Linux (RHEL) 5 allows attackers to cause a denial of service (CPU consumption and memory corruption) via a cluster.conf file with many lines. NOTE: it is not clear whether this…

  • CVE-2008-6552Mar 30, 2009
    risk 0.00cvss epss 0.00

    Red Hat Cluster Project 2.x allows local users to modify or overwrite arbitrary files via symlink attacks on files in /tmp, involving unspecified components in Resource Group Manager (aka rgmanager) before 2.03.09-1, gfs2-utils before 2.03.09-1, and CMAN - The Cluster Manager…

  • CVE-2009-0027Mar 9, 2009
    risk 0.00cvss epss 0.02

    The request handler in JBossWS in JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP06 and 4.3 before 4.3.0.CP04 does not properly validate the resource path during a request for a WSDL file with a custom web-service endpoint, which allows remote…

  • CVE-2009-0834Mar 6, 2009
    risk 0.00cvss epss 0.00

    The audit_syscall_entry function in the Linux kernel 2.6.28.7 and earlier on the x86_64 platform does not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass certain syscall audit…

  • CVE-2009-0577Feb 20, 2009
    risk 0.00cvss epss 0.04

    Integer overflow in the WriteProlog function in texttops in CUPS 1.1.17 on Red Hat Enterprise Linux (RHEL) 3 allows remote attackers to execute arbitrary code via a crafted PostScript file that triggers a heap-based buffer overflow. NOTE: this issue exists because of an…

  • CVE-2008-6123Feb 12, 2009
    risk 0.00cvss epss 0.03

    The netsnmp_udp_fmtaddr function (snmplib/snmpUDPDomain.c) in net-snmp 5.0.9 through 5.4.2.1, when using TCP wrappers for client authorization, does not properly parse hosts.allow rules, which allows remote attackers to bypass intended access restrictions and execute SNMP…

  • CVE-2008-5082Jan 30, 2009
    risk 0.00cvss epss 0.01

    The verifyProof function in the Token Processing System (TPS) component in Red Hat Certificate System (RHCS) 7.1 through 7.3 and Dogtag Certificate System 1.0 returns successfully even when token enrollment did not use the hardware key, which allows remote authenticated users…

  • CVE-2009-0030Jan 21, 2009
    risk 0.00cvss epss 0.02

    A certain Red Hat patch for SquirrelMail 1.4.8 sets the same SQMSESSID cookie value for all sessions, which allows remote authenticated users to access other users' folder lists and configuration data in opportunistic circumstances by using the standard webmail.php interface. …

  • CVE-2009-0180Jan 20, 2009
    risk 0.00cvss epss 0.02

    Certain Fedora build scripts for nfs-utils before 1.1.2-9.fc9 on Fedora 9, and before 1.1.4-6.fc10 on Fedora 10, omit TCP Wrapper support, which might allow remote attackers to bypass intended access restrictions, possibly a related issue to CVE-2008-1376.

  • CVE-2008-2368Jan 20, 2009
    risk 0.00cvss epss 0.00

    Red Hat Certificate System 7.2 stores passwords in cleartext in the UserDirEnrollment log, the RA wizard installer log, and unspecified other debug log files, and uses weak permissions for these files, which allows local users to discover passwords by reading the files.

  • CVE-2008-2367Jan 20, 2009
    risk 0.00cvss epss 0.00

    Red Hat Certificate System 7.2 uses world-readable permissions for password.conf and unspecified other configuration files, which allows local users to discover passwords by reading these files.

  • CVE-2008-4539Dec 29, 2008
    risk 0.00cvss epss 0.01

    Heap-based buffer overflow in the Cirrus VGA implementation in (1) KVM before kvm-82 and (2) QEMU on Debian GNU/Linux and Ubuntu might allow local users to gain privileges by using the VNC console for a connection, aka the LGD-54XX "bitblt" heap overflow. NOTE: this issue…

  • CVE-2008-4315Nov 27, 2008
    risk 0.00cvss epss 0.03

    tog-pegasus in OpenGroup Pegasus 2.7.0 on Red Hat Enterprise Linux (RHEL) 5, Fedora 9, and Fedora 10 does not log failed authentication attempts to the OpenPegasus CIM server, which makes it easier for remote attackers to avoid detection of password guessing attacks.

  • CVE-2008-4313Nov 27, 2008
    risk 0.00cvss epss 0.01

    A certain Red Hat patch for tog-pegasus in OpenGroup Pegasus 2.7.0 does not properly configure the PAM tty name, which allows remote authenticated users to bypass intended access restrictions and send requests to OpenPegasus WBEM services.

  • CVE-2008-4870Nov 1, 2008
    risk 0.00cvss epss 0.00

    dovecot 1.0.7 in Red Hat Enterprise Linux (RHEL) 5, and possibly Fedora, uses world-readable permissions for dovecot.conf, which allows local users to obtain the ssl_key_password parameter value.

  • CVE-2008-3825Oct 3, 2008
    risk 0.00cvss epss 0.00

    pam_krb5 2.2.14 in Red Hat Enterprise Linux (RHEL) 5 and earlier, when the existing_ticket option is enabled, uses incorrect privileges when reading a Kerberos credential cache, which allows local users to gain privileges by setting the KRB5CCNAME environment variable to an…

  • CVE-2008-3522Oct 2, 2008
    risk 0.00cvss epss 0.05

    Buffer overflow in the jas_stream_printf function in libjasper/base/jas_stream.c in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via vectors related to the mif_hdr_put function and use of vsprintf.

  • CVE-2008-3524Sep 29, 2008
    risk 0.00cvss epss 0.00

    rc.sysinit in initscripts before 8.76.3-1 on Fedora 9 and other Linux platforms allows local users to delete arbitrary files via a symlink attack on a file or directory under (1) /var/lock or (2) /var/run.

  • CVE-2008-3519Sep 23, 2008
    risk 0.00cvss epss 0.02

    The default configuration of the JBossAs component in Red Hat JBoss Enterprise Application Platform (aka JBossEAP or EAP), possibly 4.2 before CP04 and 4.3 before CP02, when a production environment is enabled, sets the DownloadServerClasses property to true, which allows remote…

  • CVE-2008-3274Sep 12, 2008
    risk 0.00cvss epss 0.02

    The default configuration of Red Hat Enterprise IPA 1.0.0 and FreeIPA before 1.1.1 places ldap:///anyone on the read ACL for the krbMKey attribute, which allows remote attackers to obtain the Kerberos master key via an anonymous LDAP query.

  • CVE-2008-2932Sep 12, 2008
    risk 0.00cvss epss 0.03

    Heap-based buffer overflow in Red Hat adminutil 1.1.6 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via % (percent) encoded HTTP input to unspecified CGI scripts in Fedora Directory Server. NOTE: this vulnerability exists…

  • CVE-2008-2929Aug 29, 2008
    risk 0.00cvss epss 0.02

    Multiple cross-site scripting (XSS) vulnerabilities in the adminutil library in the Directory Server Administration Express and Directory Server Gateway (DSGW) web interface in Red Hat Directory Server 7.1 before SP7 and 8 EL4 and EL5, and Fedora Directory Server, allow remote…

Page 67 of 74