Vendor CVEs
Red Hat
All CVEs
3,692 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-5111 | Hig | 0.57 | 8.8 | 0.01 | Oct 27, 2017 | A use after free in PDFium in Google Chrome prior to 61.0.3163.79 for Linux, Windows, and Mac allowed a remote attacker to potentially exploit memory corruption via a crafted PDF file. | ||
| CVE-2017-5108 | Hig | 0.57 | 8.8 | 0.01 | Oct 27, 2017 | Type confusion in PDFium in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to potentially maliciously modify objects via a crafted PDF file. | ||
| CVE-2017-5100 | Hig | 0.57 | 8.8 | 0.01 | Oct 27, 2017 | A use after free in Apps in Google Chrome prior to 60.0.3112.78 for Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. | ||
| CVE-2017-5095 | Hig | 0.57 | 8.8 | 0.02 | Oct 27, 2017 | Stack overflow in PDFium in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to potentially exploit stack corruption via a crafted PDF file. | ||
| CVE-2017-5091 | Hig | 0.57 | 8.8 | 0.02 | Oct 27, 2017 | A use after free in IndexedDB in Google Chrome prior to 60.0.3112.78 for Linux, Android, Windows, and Mac allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. | ||
| CVE-2017-5088 | Hig | 0.57 | 8.8 | 0.03 | Oct 27, 2017 | Insufficient validation of untrusted input in V8 in Google Chrome prior to 59.0.3071.104 for Mac, Windows, and Linux, and 59.0.3071.117 for Android, allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. | ||
| CVE-2017-5087 | Hig | 0.57 | 8.8 | 0.01 | Oct 27, 2017 | A use after free in Blink in Google Chrome prior to 59.0.3071.104 for Mac, Windows, and Linux, and 59.0.3071.117 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page, aka an IndexedDB sandbox escape. | ||
| CVE-2017-5078 | Hig | 0.57 | 8.8 | 0.03 | Oct 27, 2017 | Insufficient validation of untrusted input in Blink's mailto: handling in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac allowed a remote attacker to perform command injection via a crafted HTML page, a similar issue to CVE-2004-0121. For example, characters… | ||
| CVE-2017-5077 | Hig | 0.57 | 8.8 | 0.03 | Oct 27, 2017 | Insufficient validation of untrusted input in Skia in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. | ||
| CVE-2017-5073 | Hig | 0.57 | 8.8 | 0.01 | Oct 27, 2017 | Use after free in print preview in Blink in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. | ||
| CVE-2017-5063 | Hig | 0.57 | 8.8 | 0.02 | Oct 27, 2017 | A numeric overflow in Skia in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac, and 58.0.3029.83 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. | ||
| CVE-2017-5062 | Hig | 0.57 | 8.8 | 0.01 | Oct 27, 2017 | A use after free in Chrome Apps in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.0.3029.83 for Android, allowed a remote attacker to potentially perform out of bounds memory access via a crafted Chrome extension. | ||
| CVE-2017-5059 | Hig | 0.57 | 8.8 | 0.03 | Oct 27, 2017 | Type confusion in Blink in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac, and 58.0.3029.83 for Android, allowed a remote attacker to potentially obtain code execution via a crafted HTML page. | ||
| CVE-2017-5057 | Hig | 0.57 | 8.8 | 0.02 | Oct 27, 2017 | Type confusion in PDFium in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.0.3029.83 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file. | ||
| CVE-2017-5056 | Hig | 0.57 | 8.8 | 0.01 | Oct 27, 2017 | A use after free in Blink in Google Chrome prior to 57.0.2987.133 for Linux, Windows, and Mac, and 57.0.2987.132 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. | ||
| CVE-2017-5054 | Hig | 0.57 | 8.8 | 0.01 | Oct 27, 2017 | An out-of-bounds read in V8 in Google Chrome prior to 57.0.2987.133 for Linux, Windows, and Mac, and 57.0.2987.132 for Android, allowed a remote attacker to obtain heap memory contents via a crafted HTML page. | ||
| CVE-2017-5052 | Hig | 0.57 | 8.8 | 0.01 | Oct 27, 2017 | An incorrect assumption about block structure in Blink in Google Chrome prior to 57.0.2987.133 for Mac, Windows, and Linux, and 57.0.2987.132 for Android, allowed a remote attacker to potentially exploit memory corruption via a crafted HTML page that triggers improper casting. | ||
| CVE-2015-5740 | Cri | 0.57 | 9.8 | 0.04 | Oct 18, 2017 | The net/http library in net/http/transfer.go in Go before 1.4.3 does not properly parse HTTP headers, which allows remote attackers to conduct HTTP request smuggling attacks via a request with two Content-length headers. | ||
| CVE-2015-5739 | Cri | 0.57 | 9.8 | 0.10 | Oct 18, 2017 | The net/http library in net/textproto/reader.go in Go before 1.4.3 does not properly parse HTTP header keys, which allows remote attackers to conduct HTTP request smuggling attacks via a space instead of a hyphen, as demonstrated by "Content Length" instead of "Content-Length." | ||
| CVE-2017-15041 | Cri | 0.57 | 9.8 | 0.09 | Oct 5, 2017 | Go before 1.8.4 and 1.9.x before 1.9.1 allows "go get" remote command execution. Using custom domains, it is possible to arrange things so that example.com/pkg1 points to a Subversion repository but example.com/pkg1/pkg2 points to a Git repository. If the Subversion repository… | ||
| CVE-2017-14496 | Hig | 0.57 | 7.5 | 0.66 | Oct 3, 2017 | Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request. | ||
| CVE-2014-8170 | Hig | 0.57 | 8.8 | 0.04 | Sep 26, 2017 | ovirt_safe_delete_config in ovirtfunctions.py and other unspecified locations in ovirt-node 3.0.0-474-gb852fd7 as packaged in Red Hat Enterprise Virtualization 3 do not properly quote input strings, which allows remote authenticated users and physically proximate attackers to… | ||
| CVE-2015-5182 | Hig | 0.57 | 8.8 | 0.01 | Sep 25, 2017 | Cross-site request forgery (CSRF) vulnerability in the jolokia API in A-MQ. | ||
| CVE-2017-14167 | Hig | 0.57 | 8.8 | 0.01 | Sep 8, 2017 | Integer overflow in the load_multiboot function in hw/i386/multiboot.c in QEMU (aka Quick Emulator) allows local guest OS users to execute arbitrary code on the host via crafted multiboot header address values, which trigger an out-of-bounds write. | ||
| CVE-2017-5208 | Hig | 0.57 | 8.8 | 0.04 | Aug 22, 2017 | Integer overflow in the wrestool program in icoutils before 0.31.1 allows remote attackers to cause a denial of service (memory corruption) via a crafted executable, which triggers a denial of service (application crash) or the possibility of execution of arbitrary code. | ||
| CVE-2016-4471 | Hig | 0.57 | 8.8 | 0.02 | Jun 8, 2017 | ManageIQ in CloudForms before 4.1 allows remote authenticated users to execute arbitrary code. | ||
| CVE-2016-5177 | Hig | 0.57 | 8.8 | 0.01 | May 23, 2017 | Use-after-free vulnerability in V8 in Google Chrome before 53.0.2785.143 allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact via unknown vectors. | ||
| CVE-2017-5043 | Hig | 0.57 | 8.8 | 0.01 | Apr 24, 2017 | Chrome Apps in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac had a use after free bug in GuestView, which allowed a remote attacker to perform an out of bounds memory read via a crafted Chrome extension. | ||
| CVE-2017-5029 | Hig | 0.57 | 8.8 | 0.02 | Apr 24, 2017 | The xsltAddTextString function in transform.c in libxslt 1.1.29, as used in Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android, lacked a check for integer overflow during a size calculation, which allowed a remote attacker to… | ||
| CVE-2016-5401 | Hig | 0.57 | 8.8 | 0.01 | Apr 20, 2017 | Cross-site request forgery (CSRF) vulnerability in Red Hat JBoss BRMS and BPMS 6 allows remote attackers to hijack the authentication of users for requests that modify instances via a crafted web page. | ||
| CVE-2014-5009 | Cri | 0.57 | 9.8 | 0.05 | Mar 31, 2017 | Snoopy allows remote attackers to execute arbitrary commands. NOTE: this vulnerability exists due to an incomplete fix for CVE-2014-5008. | ||
| CVE-2017-5929 | Cri | 0.57 | 9.8 | 0.07 | Mar 13, 2017 | QOS.ch Logback before 1.2.0 has a serialization vulnerability affecting the SocketServer and ServerSocketReceiver components. | ||
| CVE-2016-7545 | Hig | 0.57 | 8.8 | 0.00 | Jan 19, 2017 | SELinux policycoreutils allows local users to execute arbitrary commands outside of the sandbox via a crafted TIOCSTI ioctl call. | ||
| CVE-2016-7040 | Hig | 0.57 | 8.8 | 0.02 | Oct 7, 2016 | Red Hat CloudForms Management Engine 4.1 does not properly handle regular expressions passed to the expression engine via the JSON API and the web-based UI, which allows remote authenticated users to execute arbitrary shell commands by leveraging the ability to view and filter… | ||
| CVE-2016-5406 | Hig | 0.57 | 8.8 | 0.03 | Sep 26, 2016 | The domain controller in Red Hat JBoss Enterprise Application Platform (EAP) 7.x before 7.0.2 allows remote authenticated users to gain privileges by leveraging failure to propagate administrative RBAC configuration to all slaves. | ||
| CVE-2016-5422 | Hig | 0.57 | 8.8 | 0.02 | Sep 7, 2016 | The web console in Red Hat JBoss Operations Network (JON) before 3.3.7 does not properly authorize requests to add users with the super user role, which allows remote authenticated users to gain admin privileges via a crafted POST request. | ||
| CVE-2016-7034 | Hig | 0.57 | 8.8 | 0.01 | Sep 7, 2016 | The dashbuilder in Red Hat JBoss BPM Suite 6.3.2 does not properly handle CSRF tokens generated during an active session and includes them in query strings, which makes easier for remote attackers to (1) bypass CSRF protection mechanisms or (2) conduct cross-site request forgery… | ||
| CVE-2016-5383 | Hig | 0.57 | 8.8 | 0.03 | Aug 26, 2016 | The web UI in Red Hat CloudForms 4.1 allows remote authenticated users to execute arbitrary code via vectors involving "Lack of field filters." | ||
| CVE-2016-5131 | Hig | 0.57 | 8.8 | 0.02 | Jul 23, 2016 | Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function. | ||
| CVE-2016-5387 | Hig | 0.57 | 8.1 | 0.56 | Jul 19, 2016 | The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP… | ||
| CVE-2016-5385 | Hig | 0.57 | 8.1 | 0.50 | Jul 19, 2016 | PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an… | ||
| CVE-2016-1704 | Hig | 0.57 | 8.8 | 0.01 | Jul 3, 2016 | Multiple unspecified vulnerabilities in Google Chrome before 51.0.2704.103 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | ||
| CVE-2016-4474 | Hig | 0.57 | 8.8 | 0.01 | Jun 30, 2016 | The image build process for the overcloud images in Red Hat OpenStack Platform 8.0 (Liberty) director and Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) director (aka overcloud-full) use a default root password of ROOTPW, which allows attackers to gain access via… | ||
| CVE-2016-2141 | Cri | 0.57 | 9.8 | 0.05 | Jun 30, 2016 | It was found that JGroups did not require necessary headers for encrypt and auth protocols from new nodes joining the cluster. An attacker could use this flaw to bypass security restrictions, and use this vulnerability to send and receive messages within the cluster, leading to… | ||
| CVE-2016-3738 | Hig | 0.57 | 8.8 | 0.02 | Jun 8, 2016 | Red Hat OpenShift Enterprise 3.2 does not properly restrict access to STI builds, which allows remote authenticated users to access the Docker socket and gain privileges via vectors related to build-pod. | ||
| CVE-2016-1703 | Hig | 0.57 | 8.8 | 0.01 | Jun 5, 2016 | Multiple unspecified vulnerabilities in Google Chrome before 51.0.2704.79 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | ||
| CVE-2016-1701 | Hig | 0.57 | 8.8 | 0.01 | Jun 5, 2016 | The Autofill implementation in Google Chrome before 51.0.2704.79 mishandles the interaction between field updates and JavaScript code that triggers a frame deletion, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other… | ||
| CVE-2016-1697 | Hig | 0.57 | 8.8 | 0.02 | Jun 5, 2016 | The FrameLoader::startLoad function in WebKit/Source/core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 51.0.2704.79, does not prevent frame navigations during DocumentLoader detach operations, which allows remote attackers to bypass the Same Origin Policy via… | ||
| CVE-2016-1696 | Hig | 0.57 | 8.8 | 0.01 | Jun 5, 2016 | The extensions subsystem in Google Chrome before 51.0.2704.79 does not properly restrict bindings access, which allows remote attackers to bypass the Same Origin Policy via unspecified vectors. | ||
| CVE-2016-1695 | Hig | 0.57 | 8.8 | 0.01 | Jun 5, 2016 | Multiple unspecified vulnerabilities in Google Chrome before 51.0.2704.63 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. |
- risk 0.57cvss 8.8epss 0.01
A use after free in PDFium in Google Chrome prior to 61.0.3163.79 for Linux, Windows, and Mac allowed a remote attacker to potentially exploit memory corruption via a crafted PDF file.
- risk 0.57cvss 8.8epss 0.01
Type confusion in PDFium in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to potentially maliciously modify objects via a crafted PDF file.
- risk 0.57cvss 8.8epss 0.01
A use after free in Apps in Google Chrome prior to 60.0.3112.78 for Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
- risk 0.57cvss 8.8epss 0.02
Stack overflow in PDFium in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to potentially exploit stack corruption via a crafted PDF file.
- risk 0.57cvss 8.8epss 0.02
A use after free in IndexedDB in Google Chrome prior to 60.0.3112.78 for Linux, Android, Windows, and Mac allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
- risk 0.57cvss 8.8epss 0.03
Insufficient validation of untrusted input in V8 in Google Chrome prior to 59.0.3071.104 for Mac, Windows, and Linux, and 59.0.3071.117 for Android, allowed a remote attacker to perform out of bounds memory access via a crafted HTML page.
- risk 0.57cvss 8.8epss 0.01
A use after free in Blink in Google Chrome prior to 59.0.3071.104 for Mac, Windows, and Linux, and 59.0.3071.117 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page, aka an IndexedDB sandbox escape.
- risk 0.57cvss 8.8epss 0.03
Insufficient validation of untrusted input in Blink's mailto: handling in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac allowed a remote attacker to perform command injection via a crafted HTML page, a similar issue to CVE-2004-0121. For example, characters…
- risk 0.57cvss 8.8epss 0.03
Insufficient validation of untrusted input in Skia in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
- risk 0.57cvss 8.8epss 0.01
Use after free in print preview in Blink in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
- risk 0.57cvss 8.8epss 0.02
A numeric overflow in Skia in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac, and 58.0.3029.83 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
- risk 0.57cvss 8.8epss 0.01
A use after free in Chrome Apps in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.0.3029.83 for Android, allowed a remote attacker to potentially perform out of bounds memory access via a crafted Chrome extension.
- risk 0.57cvss 8.8epss 0.03
Type confusion in Blink in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac, and 58.0.3029.83 for Android, allowed a remote attacker to potentially obtain code execution via a crafted HTML page.
- risk 0.57cvss 8.8epss 0.02
Type confusion in PDFium in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.0.3029.83 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file.
- risk 0.57cvss 8.8epss 0.01
A use after free in Blink in Google Chrome prior to 57.0.2987.133 for Linux, Windows, and Mac, and 57.0.2987.132 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
- risk 0.57cvss 8.8epss 0.01
An out-of-bounds read in V8 in Google Chrome prior to 57.0.2987.133 for Linux, Windows, and Mac, and 57.0.2987.132 for Android, allowed a remote attacker to obtain heap memory contents via a crafted HTML page.
- risk 0.57cvss 8.8epss 0.01
An incorrect assumption about block structure in Blink in Google Chrome prior to 57.0.2987.133 for Mac, Windows, and Linux, and 57.0.2987.132 for Android, allowed a remote attacker to potentially exploit memory corruption via a crafted HTML page that triggers improper casting.
- risk 0.57cvss 9.8epss 0.04
The net/http library in net/http/transfer.go in Go before 1.4.3 does not properly parse HTTP headers, which allows remote attackers to conduct HTTP request smuggling attacks via a request with two Content-length headers.
- risk 0.57cvss 9.8epss 0.10
The net/http library in net/textproto/reader.go in Go before 1.4.3 does not properly parse HTTP header keys, which allows remote attackers to conduct HTTP request smuggling attacks via a space instead of a hyphen, as demonstrated by "Content Length" instead of "Content-Length."
- risk 0.57cvss 9.8epss 0.09
Go before 1.8.4 and 1.9.x before 1.9.1 allows "go get" remote command execution. Using custom domains, it is possible to arrange things so that example.com/pkg1 points to a Subversion repository but example.com/pkg1/pkg2 points to a Git repository. If the Subversion repository…
- risk 0.57cvss 7.5epss 0.66
Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request.
- risk 0.57cvss 8.8epss 0.04
ovirt_safe_delete_config in ovirtfunctions.py and other unspecified locations in ovirt-node 3.0.0-474-gb852fd7 as packaged in Red Hat Enterprise Virtualization 3 do not properly quote input strings, which allows remote authenticated users and physically proximate attackers to…
- risk 0.57cvss 8.8epss 0.01
Cross-site request forgery (CSRF) vulnerability in the jolokia API in A-MQ.
- risk 0.57cvss 8.8epss 0.01
Integer overflow in the load_multiboot function in hw/i386/multiboot.c in QEMU (aka Quick Emulator) allows local guest OS users to execute arbitrary code on the host via crafted multiboot header address values, which trigger an out-of-bounds write.
- risk 0.57cvss 8.8epss 0.04
Integer overflow in the wrestool program in icoutils before 0.31.1 allows remote attackers to cause a denial of service (memory corruption) via a crafted executable, which triggers a denial of service (application crash) or the possibility of execution of arbitrary code.
- risk 0.57cvss 8.8epss 0.02
ManageIQ in CloudForms before 4.1 allows remote authenticated users to execute arbitrary code.
- risk 0.57cvss 8.8epss 0.01
Use-after-free vulnerability in V8 in Google Chrome before 53.0.2785.143 allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact via unknown vectors.
- risk 0.57cvss 8.8epss 0.01
Chrome Apps in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac had a use after free bug in GuestView, which allowed a remote attacker to perform an out of bounds memory read via a crafted Chrome extension.
- risk 0.57cvss 8.8epss 0.02
The xsltAddTextString function in transform.c in libxslt 1.1.29, as used in Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android, lacked a check for integer overflow during a size calculation, which allowed a remote attacker to…
- risk 0.57cvss 8.8epss 0.01
Cross-site request forgery (CSRF) vulnerability in Red Hat JBoss BRMS and BPMS 6 allows remote attackers to hijack the authentication of users for requests that modify instances via a crafted web page.
- risk 0.57cvss 9.8epss 0.05
Snoopy allows remote attackers to execute arbitrary commands. NOTE: this vulnerability exists due to an incomplete fix for CVE-2014-5008.
- risk 0.57cvss 9.8epss 0.07
QOS.ch Logback before 1.2.0 has a serialization vulnerability affecting the SocketServer and ServerSocketReceiver components.
- risk 0.57cvss 8.8epss 0.00
SELinux policycoreutils allows local users to execute arbitrary commands outside of the sandbox via a crafted TIOCSTI ioctl call.
- risk 0.57cvss 8.8epss 0.02
Red Hat CloudForms Management Engine 4.1 does not properly handle regular expressions passed to the expression engine via the JSON API and the web-based UI, which allows remote authenticated users to execute arbitrary shell commands by leveraging the ability to view and filter…
- risk 0.57cvss 8.8epss 0.03
The domain controller in Red Hat JBoss Enterprise Application Platform (EAP) 7.x before 7.0.2 allows remote authenticated users to gain privileges by leveraging failure to propagate administrative RBAC configuration to all slaves.
- risk 0.57cvss 8.8epss 0.02
The web console in Red Hat JBoss Operations Network (JON) before 3.3.7 does not properly authorize requests to add users with the super user role, which allows remote authenticated users to gain admin privileges via a crafted POST request.
- risk 0.57cvss 8.8epss 0.01
The dashbuilder in Red Hat JBoss BPM Suite 6.3.2 does not properly handle CSRF tokens generated during an active session and includes them in query strings, which makes easier for remote attackers to (1) bypass CSRF protection mechanisms or (2) conduct cross-site request forgery…
- risk 0.57cvss 8.8epss 0.03
The web UI in Red Hat CloudForms 4.1 allows remote authenticated users to execute arbitrary code via vectors involving "Lack of field filters."
- risk 0.57cvss 8.8epss 0.02
Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function.
- risk 0.57cvss 8.1epss 0.56
The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP…
- risk 0.57cvss 8.1epss 0.50
PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an…
- risk 0.57cvss 8.8epss 0.01
Multiple unspecified vulnerabilities in Google Chrome before 51.0.2704.103 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
- risk 0.57cvss 8.8epss 0.01
The image build process for the overcloud images in Red Hat OpenStack Platform 8.0 (Liberty) director and Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) director (aka overcloud-full) use a default root password of ROOTPW, which allows attackers to gain access via…
- risk 0.57cvss 9.8epss 0.05
It was found that JGroups did not require necessary headers for encrypt and auth protocols from new nodes joining the cluster. An attacker could use this flaw to bypass security restrictions, and use this vulnerability to send and receive messages within the cluster, leading to…
- risk 0.57cvss 8.8epss 0.02
Red Hat OpenShift Enterprise 3.2 does not properly restrict access to STI builds, which allows remote authenticated users to access the Docker socket and gain privileges via vectors related to build-pod.
- risk 0.57cvss 8.8epss 0.01
Multiple unspecified vulnerabilities in Google Chrome before 51.0.2704.79 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
- risk 0.57cvss 8.8epss 0.01
The Autofill implementation in Google Chrome before 51.0.2704.79 mishandles the interaction between field updates and JavaScript code that triggers a frame deletion, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other…
- risk 0.57cvss 8.8epss 0.02
The FrameLoader::startLoad function in WebKit/Source/core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 51.0.2704.79, does not prevent frame navigations during DocumentLoader detach operations, which allows remote attackers to bypass the Same Origin Policy via…
- risk 0.57cvss 8.8epss 0.01
The extensions subsystem in Google Chrome before 51.0.2704.79 does not properly restrict bindings access, which allows remote attackers to bypass the Same Origin Policy via unspecified vectors.
- risk 0.57cvss 8.8epss 0.01
Multiple unspecified vulnerabilities in Google Chrome before 51.0.2704.63 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
Page 7 of 74