National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/o:redhat:enterprise_linux_server_tus:7.6
There are 239 matching records.
Displaying matches 181 through 200.
Vuln ID Summary CVSS Severity
CVE-2015-5739

The net/http library in net/textproto/reader.go in Go before 1.4.3 does not properly parse HTTP header keys, which allows remote attackers to conduct HTTP request smuggling attacks via a space instead of a hyphen, as demonstrated by "Content Length" instead of "Content-Length."

Published: October 18, 2017; 04:29:00 PM -04:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2017-0903

RubyGems versions between 2.0.0 and 2.6.13 are vulnerable to a possible remote code execution vulnerability. YAML deserialization of gem specifications can bypass class white lists. Specially crafted serialized objects can possibly be used to escalate to remote code execution.

Published: October 11, 2017; 02:29:00 PM -04:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2017-1000116

Mercurial prior to 4.3 did not adequately sanitize hostnames passed to ssh, leading to possible shell-injection attacks.

Published: October 04, 2017; 09:29:04 PM -04:00
V3: 9.8 CRITICAL
V2: 10.0 HIGH
CVE-2017-1000115

Mercurial prior to version 4.3 is vulnerable to a missing symlink check that can malicious repositories to modify files outside the repository

Published: October 04, 2017; 09:29:04 PM -04:00
V3: 7.5 HIGH
V2: 5.0 MEDIUM
CVE-2017-1000111

Linux kernel: heap out-of-bounds in AF_PACKET sockets. This new issue is analogous to previously disclosed CVE-2016-8655. In both cases, a socket option that changes socket state may race with safety checks in packet_set_ring. Previously with PACKET_VERSION. This time with PACKET_RESERVE. The solution is similar: lock the socket for the update. This issue may be exploitable, we did not investigate further. As this issue affects PF_PACKET sockets, it requires CAP_NET_RAW in the process namespace. But note that with user namespaces enabled, any process can create a namespace in which it has CAP_NET_RAW.

Published: October 04, 2017; 09:29:04 PM -04:00
V3: 7.8 HIGH
V2: 7.2 HIGH
CVE-2017-1000083

backend/comics/comics-document.c (aka the comic book backend) in GNOME Evince before 3.24.1 allows remote attackers to execute arbitrary commands via a .cbt file that is a TAR archive containing a filename beginning with a "--" command-line option substring, as demonstrated by a --checkpoint-action=exec=bash at the beginning of the filename.

Published: September 05, 2017; 02:29:00 AM -04:00
V3: 7.8 HIGH
V2: 6.8 MEDIUM
CVE-2017-0902

RubyGems version 2.6.12 and earlier is vulnerable to a DNS hijacking vulnerability that allows a MITM attacker to force the RubyGems client to download and install gems from a server that the attacker controls.

Published: August 31, 2017; 04:29:00 PM -04:00
V3: 8.1 HIGH
V2: 6.8 MEDIUM
CVE-2017-0901

RubyGems version 2.6.12 and earlier fails to validate specification names, allowing a maliciously crafted gem to potentially overwrite any file on the filesystem.

Published: August 31, 2017; 04:29:00 PM -04:00
V3: 7.5 HIGH
V2: 6.4 MEDIUM
CVE-2017-0900

RubyGems version 2.6.12 and earlier is vulnerable to maliciously crafted gem specifications to cause a denial of service attack against RubyGems clients who have issued a `query` command.

Published: August 31, 2017; 04:29:00 PM -04:00
V3: 7.5 HIGH
V2: 5.0 MEDIUM
CVE-2017-0899

RubyGems version 2.6.12 and earlier is vulnerable to maliciously crafted gem specifications that include terminal escape characters. Printing the gem specification would execute terminal escape sequences.

Published: August 31, 2017; 04:29:00 PM -04:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2017-14064

Ruby through 2.2.7, 2.3.x through 2.3.4, and 2.4.x through 2.4.1 can expose arbitrary memory during a JSON.generate call. The issues lies in using strdup in ext/json/ext/generator/generator.c, which will stop after encountering a '\0' byte, returning a pointer to a string of length zero, which is not the length stored in space_len.

Published: August 31, 2017; 01:29:00 PM -04:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2017-5208

Integer overflow in the wrestool program in icoutils before 0.31.1 allows remote attackers to cause a denial of service (memory corruption) via a crafted executable, which triggers a denial of service (application crash) or the possibility of execution of arbitrary code.

Published: August 22, 2017; 02:29:00 PM -04:00
V3: 8.8 HIGH
V2: 6.8 MEDIUM
CVE-2017-3641

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Published: August 08, 2017; 11:29:08 AM -04:00
V3: 4.9 MEDIUM
V2: 4.0 MEDIUM
CVE-2017-3636

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.56 and earlier and 5.6.36 and earlier. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L).

Published: August 08, 2017; 11:29:08 AM -04:00
V3: 5.3 MEDIUM
V2: 4.6 MEDIUM
CVE-2017-7980

Heap-based buffer overflow in Cirrus CLGD 54xx VGA Emulator in Quick Emulator (Qemu) 2.8 and earlier allows local guest OS users to execute arbitrary code or cause a denial of service (crash) via vectors related to a VNC client updating its display after a VGA operation.

Published: July 25, 2017; 10:29:00 AM -04:00
V3: 7.8 HIGH
V2: 4.6 MEDIUM
CVE-2017-10978

An FR-GV-201 issue in FreeRADIUS 2.x before 2.2.10 and 3.x before 3.0.15 allows "Read / write overflow in make_secret()" and a denial of service.

Published: July 17, 2017; 01:29:00 PM -04:00
V3: 7.5 HIGH
V2: 5.0 MEDIUM
CVE-2017-9788

In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by mod_auth_digest. Providing an initial key with no '=' assignment could reflect the stale value of uninitialized pool memory used by the prior request, leading to leakage of potentially confidential information, and a segfault in other cases resulting in denial of service.

Published: July 13, 2017; 12:29:00 PM -04:00
V3: 9.1 CRITICAL
V2: 6.4 MEDIUM
CVE-2017-9776

Integer overflow leading to Heap buffer overflow in JBIG2Stream.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document.

Published: June 22, 2017; 05:29:00 PM -04:00
V3: 7.8 HIGH
V2: 6.8 MEDIUM
CVE-2017-9775

Stack buffer overflow in GfxState.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service (application crash) via a crafted PDF document.

Published: June 22, 2017; 05:29:00 PM -04:00
V3: 6.5 MEDIUM
V2: 4.3 MEDIUM
CVE-2017-1000366

glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening changes have been made to glibc to prevent manipulation of stack and heap memory but these issues are not directly exploitable, as such they have not been given a CVE. This affects glibc 2.25 and earlier.

Published: June 19, 2017; 12:29:00 PM -04:00
V3: 7.8 HIGH
V2: 7.2 HIGH