Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:x86:*
  • CPE Name Search: true
There are 526 matching records.
Displaying matches 61 through 80.
Vuln ID Summary CVSS Severity
CVE-2011-3631

Hardlink before 0.1.2 has multiple integer overflows leading to heap-based buffer overflows because of the way string lengths concatenation is done in the calculation of the required memory space to be used. A remote attacker could provide a specially-crafted directory tree and trick the local user into consolidating it, leading to hardlink executable crash or potentially arbitrary code execution with user privileges.

Published: November 25, 2019; 11:15:11 PM -0500
V3.1: 8.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2011-3630

Hardlink before 0.1.2 suffer from multiple stack-based buffer overflow flaws because of the way directory trees with deeply nested directories are processed. A remote attacker could provide a specially-crafted directory tree, and trick the local user into consolidating it, leading to hardlink executable crash, or, potentially arbitrary code execution with the privileges of the user running the hardlink executable.

Published: November 25, 2019; 11:15:10 PM -0500
V3.1: 8.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2012-5644

libuser has information disclosure when moving user's home directory

Published: November 25, 2019; 10:15:12 AM -0500
V3.1: 5.5 MEDIUM
V2.0: 4.9 MEDIUM
CVE-2012-5630

libuser 0.56 and 0.57 has a TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees.

Published: November 25, 2019; 9:15:11 AM -0500
V3.1: 6.3 MEDIUM
V2.0: 3.3 LOW
CVE-2012-5521

quagga (ospf6d) 0.99.21 has a DoS flaw in the way the ospf6d daemon performs routes removal

Published: November 25, 2019; 9:15:11 AM -0500
V3.1: 6.5 MEDIUM
V2.0: 3.3 LOW
CVE-2012-0877

PyXML: Hash table collisions CPU usage Denial of Service

Published: November 22, 2019; 12:15:11 PM -0500
V3.1: 7.5 HIGH
V2.0: 7.8 HIGH
CVE-2014-3585

redhat-upgrade-tool: Does not check GPG signatures when upgrading versions

Published: November 22, 2019; 10:15:10 AM -0500
V3.1: 9.8 CRITICAL
V2.0: 10.0 HIGH
CVE-2013-1817

MediaWiki before 1.19.4 and 1.20.x before 1.20.3 contains an error in the api.php script which allows remote attackers to obtain sensitive information.

Published: November 20, 2019; 3:15:11 PM -0500
V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2013-1816

MediaWiki before 1.19.4 and 1.20.x before 1.20.3 allows remote attackers to cause a denial of service (application crash) by sending a specially crafted request.

Published: November 20, 2019; 3:15:10 PM -0500
V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2012-6136

tuned 2.10.0 creates its PID file with insecure permissions which allows local users to kill arbitrary processes.

Published: November 20, 2019; 10:15:11 AM -0500
V3.1: 5.5 MEDIUM
V2.0: 4.9 MEDIUM
CVE-2011-4967

tog-Pegasus has a package hash collision DoS vulnerability

Published: November 19, 2019; 11:15:10 AM -0500
V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2014-5118

Trusted Boot (tboot) before 1.8.2 has a 'loader.c' Security Bypass Vulnerability

Published: November 18, 2019; 6:15:11 PM -0500
V3.1: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2011-2726

An access bypass issue was found in Drupal 7.x before version 7.5. If a Drupal site has the ability to attach File upload fields to any entity type in the system or has the ability to point individual File upload fields to the private file directory in comments, and the parent node is denied access, non-privileged users can still download the file attached to the comment if they know or guess its direct URL.

Published: November 15, 2019; 12:15:12 PM -0500
V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2016-5285

A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service.

Published: November 15, 2019; 11:15:10 AM -0500
V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2012-1168

Moodle before 2.2.2 has a password and web services issue where when the user profile is updated the user password is reset if not specified.

Published: November 14, 2019; 11:15:14 AM -0500
V3.1: 8.2 HIGH
V2.0: 6.4 MEDIUM
CVE-2012-1156

Moodle before 2.2.2 has users' private files included in course backups

Published: November 14, 2019; 11:15:14 AM -0500
V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2012-1155

Moodle has a database activity export permission issue where the export function of the database activity module exports all entries even those from groups the user does not belong to

Published: November 14, 2019; 11:15:14 AM -0500
V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2011-1145

The SQLDriverConnect() function in unixODBC before 2.2.14p2 have a possible buffer overflow condition when specifying a large value for SAVEFILE parameter in the connection string.

Published: November 13, 2019; 9:15:10 PM -0500
V3.1: 7.8 HIGH
V2.0: 4.6 MEDIUM
CVE-2010-4664

In ConsoleKit before 0.4.2, an intended security policy restriction bypass was found. This flaw allows an authenticated system user to escalate their privileges by initiating a remote VNC session.

Published: November 13, 2019; 5:15:11 PM -0500
V3.1: 8.8 HIGH
V2.0: 6.5 MEDIUM
CVE-2010-4661

udisks before 1.0.3 allows a local user to load arbitrary Linux kernel modules.

Published: November 13, 2019; 4:15:11 PM -0500
V3.1: 7.8 HIGH
V2.0: 4.6 MEDIUM