Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2019-18660 |
The Linux kernel before 5.4.1 on powerpc allows Information Exposure because the Spectre-RSB mitigation is not in place for all applicable CPUs, aka CID-39e72bf96f58. This is related to arch/powerpc/kernel/entry_64.S and arch/powerpc/kernel/security.c. Published: November 27, 2019; 6:15:10 PM -0500 |
V3.1: 4.7 MEDIUM V2.0: 1.9 LOW |
CVE-2011-2207 |
dirmngr before 2.1.0 improperly handles certain system calls, which allows remote attackers to cause a denial of service (DOS) via a specially-crafted certificate. Published: November 27, 2019; 2:15:11 PM -0500 |
V3.1: 5.3 MEDIUM V2.0: 5.0 MEDIUM |
CVE-2016-4980 |
A password generation weakness exists in xquest through 2016-06-13. Published: November 27, 2019; 11:15:11 AM -0500 |
V3.1: 2.5 LOW V2.0: 1.9 LOW |
CVE-2019-10216 |
In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges and access files outside of restricted areas. Published: November 27, 2019; 8:15:10 AM -0500 |
V3.1: 7.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2019-14896 |
A heap-based buffer overflow vulnerability was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. A remote attacker could cause a denial of service (system crash) or, possibly execute arbitrary code, when the lbs_ibss_join_existing function is called after a STA connects to an AP. Published: November 27, 2019; 4:15:11 AM -0500 |
V3.1: 9.8 CRITICAL V2.0: 10.0 HIGH |
CVE-2011-3632 |
Hardlink before 0.1.2 operates on full file system objects path names which can allow a local attacker to use this flaw to conduct symlink attacks. Published: November 25, 2019; 11:15:11 PM -0500 |
V3.1: 7.1 HIGH V2.0: 3.6 LOW |
CVE-2011-3631 |
Hardlink before 0.1.2 has multiple integer overflows leading to heap-based buffer overflows because of the way string lengths concatenation is done in the calculation of the required memory space to be used. A remote attacker could provide a specially-crafted directory tree and trick the local user into consolidating it, leading to hardlink executable crash or potentially arbitrary code execution with user privileges. Published: November 25, 2019; 11:15:11 PM -0500 |
V3.1: 8.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2011-3630 |
Hardlink before 0.1.2 suffer from multiple stack-based buffer overflow flaws because of the way directory trees with deeply nested directories are processed. A remote attacker could provide a specially-crafted directory tree, and trick the local user into consolidating it, leading to hardlink executable crash, or, potentially arbitrary code execution with the privileges of the user running the hardlink executable. Published: November 25, 2019; 11:15:10 PM -0500 |
V3.1: 8.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2012-5644 |
libuser has information disclosure when moving user's home directory Published: November 25, 2019; 10:15:12 AM -0500 |
V3.1: 5.5 MEDIUM V2.0: 4.9 MEDIUM |
CVE-2012-5630 |
libuser 0.56 and 0.57 has a TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees. Published: November 25, 2019; 9:15:11 AM -0500 |
V3.1: 6.3 MEDIUM V2.0: 3.3 LOW |
CVE-2012-5521 |
quagga (ospf6d) 0.99.21 has a DoS flaw in the way the ospf6d daemon performs routes removal Published: November 25, 2019; 9:15:11 AM -0500 |
V3.1: 6.5 MEDIUM V2.0: 3.3 LOW |
CVE-2019-14815 |
A vulnerability was found in Linux Kernel, where a Heap Overflow was found in mwifiex_set_wmm_params() function of Marvell Wifi Driver. Published: November 25, 2019; 6:15:11 AM -0500 |
V3.1: 7.8 HIGH V2.0: 7.2 HIGH |
CVE-2019-10174 |
A vulnerability was found in Infinispan such that the invokeAccessibly method from the public class ReflectionUtil allows any application class to invoke private methods in any class with Infinispan's privileges. The attacker can use reflection to introduce new, malicious behavior into the application. Published: November 25, 2019; 6:15:10 AM -0500 |
V3.1: 8.8 HIGH V2.0: 6.5 MEDIUM |
CVE-2012-0877 |
PyXML: Hash table collisions CPU usage Denial of Service Published: November 22, 2019; 12:15:11 PM -0500 |
V3.1: 7.5 HIGH V2.0: 7.8 HIGH |
CVE-2014-3585 |
redhat-upgrade-tool: Does not check GPG signatures when upgrading versions Published: November 22, 2019; 10:15:10 AM -0500 |
V3.1: 9.8 CRITICAL V2.0: 10.0 HIGH |
CVE-2013-1817 |
MediaWiki before 1.19.4 and 1.20.x before 1.20.3 contains an error in the api.php script which allows remote attackers to obtain sensitive information. Published: November 20, 2019; 3:15:11 PM -0500 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2013-1816 |
MediaWiki before 1.19.4 and 1.20.x before 1.20.3 allows remote attackers to cause a denial of service (application crash) by sending a specially crafted request. Published: November 20, 2019; 3:15:10 PM -0500 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2012-6136 |
tuned 2.10.0 creates its PID file with insecure permissions which allows local users to kill arbitrary processes. Published: November 20, 2019; 10:15:11 AM -0500 |
V3.1: 5.5 MEDIUM V2.0: 4.9 MEDIUM |
CVE-2011-4967 |
tog-Pegasus has a package hash collision DoS vulnerability Published: November 19, 2019; 11:15:10 AM -0500 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2014-5118 |
Trusted Boot (tboot) before 1.8.2 has a 'loader.c' Security Bypass Vulnerability Published: November 18, 2019; 6:15:11 PM -0500 |
V3.1: 5.5 MEDIUM V2.0: 2.1 LOW |