Search Results (Refine Search)
- Keyword (text search): cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:intel64:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2011-2726 |
An access bypass issue was found in Drupal 7.x before version 7.5. If a Drupal site has the ability to attach File upload fields to any entity type in the system or has the ability to point individual File upload fields to the private file directory in comments, and the parent node is denied access, non-privileged users can still download the file attached to the comment if they know or guess its direct URL. Published: November 15, 2019; 12:15:12 PM -0500 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2016-5285 |
A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service. Published: November 15, 2019; 11:15:10 AM -0500 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2012-1168 |
Moodle before 2.2.2 has a password and web services issue where when the user profile is updated the user password is reset if not specified. Published: November 14, 2019; 11:15:14 AM -0500 |
V3.1: 8.2 HIGH V2.0: 6.4 MEDIUM |
CVE-2012-1156 |
Moodle before 2.2.2 has users' private files included in course backups Published: November 14, 2019; 11:15:14 AM -0500 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2012-1155 |
Moodle has a database activity export permission issue where the export function of the database activity module exports all entries even those from groups the user does not belong to Published: November 14, 2019; 11:15:14 AM -0500 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2011-1145 |
The SQLDriverConnect() function in unixODBC before 2.2.14p2 have a possible buffer overflow condition when specifying a large value for SAVEFILE parameter in the connection string. Published: November 13, 2019; 9:15:10 PM -0500 |
V3.1: 7.8 HIGH V2.0: 4.6 MEDIUM |
CVE-2010-4664 |
In ConsoleKit before 0.4.2, an intended security policy restriction bypass was found. This flaw allows an authenticated system user to escalate their privileges by initiating a remote VNC session. Published: November 13, 2019; 5:15:11 PM -0500 |
V3.1: 8.8 HIGH V2.0: 6.5 MEDIUM |
CVE-2010-4661 |
udisks before 1.0.3 allows a local user to load arbitrary Linux kernel modules. Published: November 13, 2019; 4:15:11 PM -0500 |
V3.1: 7.8 HIGH V2.0: 4.6 MEDIUM |
CVE-2010-4657 |
PHP5 before 5.4.4 allows passing invalid utf-8 strings via the xmlTextWriterWriteAttribute, which are then misparsed by libxml2. This results in memory leak into the resulting output. Published: November 13, 2019; 4:15:11 PM -0500 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2019-10219 |
A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack. Published: November 08, 2019; 10:15:11 AM -0500 |
V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2016-4983 |
A postinstall script in the dovecot rpm allows local users to read the contents of newly created SSL/TLS key files. Published: November 05, 2019; 5:15:10 PM -0500 |
V3.1: 3.3 LOW V2.0: 2.1 LOW |
CVE-2013-5661 |
Cache Poisoning issue exists in DNS Response Rate Limiting. Published: November 05, 2019; 2:15:10 PM -0500 |
V3.1: 5.9 MEDIUM V2.0: 2.6 LOW |
CVE-2013-4409 |
An eval() vulnerability exists in Python Software Foundation Djblets 0.7.21 and Beanbag Review Board before 1.7.15 when parsing JSON requests. Published: November 04, 2019; 4:15:11 PM -0500 |
V3.1: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2013-4251 |
The scipy.weave component in SciPy before 0.12.1 creates insecure temporary directories. Published: November 04, 2019; 3:15:09 PM -0500 |
V3.1: 7.8 HIGH V2.0: 4.6 MEDIUM |
CVE-2005-4890 |
There is a possible tty hijacking in shadow 4.x before 4.1.5 and sudo 1.x before 1.7.4 via "su - user -c program". The user session can be escaped to the parent session by using the TIOCSTI ioctl to push characters into the input buffer to be read by the next process. Published: November 04, 2019; 2:15:10 PM -0500 |
V3.1: 7.8 HIGH V2.0: 7.2 HIGH |
CVE-2013-4518 |
RHUI (Red Hat Update Infrastructure) 2.1.3 has world readable PKI entitlement certificates Published: November 04, 2019; 8:15:10 AM -0500 |
V3.1: 5.5 MEDIUM V2.0: 2.1 LOW |
CVE-2013-4751 |
php-symfony2-Validator has loss of information during serialization Published: November 01, 2019; 9:15:11 AM -0400 |
V3.1: 8.1 HIGH V2.0: 4.9 MEDIUM |
CVE-2019-14823 |
A flaw was found in the "Leaf and Chain" OCSP policy implementation in JSS' CryptoManager versions after 4.4.6, 4.5.3, 4.6.0, where it implicitly trusted the root certificate of a certificate chain. Applications using this policy may not properly verify the chain and could be vulnerable to attacks such as Man in the Middle. Published: October 14, 2019; 4:15:10 PM -0400 |
V3.1: 7.4 HIGH V2.0: 5.8 MEDIUM |
CVE-2019-14838 |
A flaw was found in wildfly-core before 7.2.5.GA. The Management users with Monitor, Auditor and Deployer Roles should not be allowed to modify the runtime state of the server Published: October 14, 2019; 11:15:09 AM -0400 |
V3.1: 4.9 MEDIUM V2.0: 4.0 MEDIUM |
CVE-2019-17267 |
A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to net.sf.ehcache.hibernate.EhcacheJtaTransactionManagerLookup. Published: October 06, 2019; 8:15:10 PM -0400 |
V3.1: 9.8 CRITICAL V2.0: 7.5 HIGH |