Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat enterprise linux 5 vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2015-8553
Xen allows guest OS users to obtain sensitive information from uninitialized locations in host OS kernel memory by not enabling memory and I/O decoding control bits. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-0777.
Xen Xen -
Redhat Enterprise Linux 5
NA
CVE-2007-6283
Red Hat Enterprise Linux 5 and Fedora install the Bind /etc/rndc.key file with world-readable permissions, which allows local users to perform unauthorized named commands, such as causing a denial of service by stopping named.
Redhat Enterprise Linux 5.0
Fedoraproject Fedora Core
Oracle Linux 5.0
Centos Centos 5
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux For Power Big Endian 5.0
Redhat Enterprise Linux Workstation 5.0
Redhat Enterprise Linux Desktop 5.0
Redhat Enterprise Linux For Ibm Z Systems 5.0 S390x
7.8
CVSSv3
CVE-2005-4890
There is a possible tty hijacking in shadow 4.x prior to 4.1.5 and sudo 1.x prior to 1.7.4 via "su - user -c program". The user session can be escaped to the parent session by using the TIOCSTI ioctl to push characters into the input buffer to be read by the next proces...
Sudo Project Sudo
Debian Shadow
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 4
Redhat Enterprise Linux 5
2 Github repositories
NA
CVE-2013-2217
cache.py in Suds 0.4, when tempdir is set to None, allows local users to redirect SOAP queries and possibly have other unspecified impact via a symlink attack on a cache file with a predictable name in /tmp/suds/.
Jeff Ortel Suds 0.4
Redhat Enterprise Linux 6.0
Opensuse Opensuse 12.3
Redhat Enterprise Linux 5
Opensuse Opensuse 12.2
NA
CVE-2009-0846
The asn1_decode_generaltime function in lib/krb5/asn.1/asn1_decode.c in the ASN.1 GeneralizedTime decoder in MIT Kerberos 5 (aka krb5) prior to 1.6.4 allows remote malicious users to cause a denial of service (daemon crash) or possibly execute arbitrary code via vectors involving...
Mit Kerberos 5
Fedoraproject Fedora 10
Fedoraproject Fedora 9
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
Apple Mac Os X
Redhat Enterprise Linux 4.0
Redhat Enterprise Linux Desktop 3.0
Redhat Enterprise Linux Desktop 4.0
Redhat Enterprise Linux Eus 4.7
Redhat Enterprise Linux Server 4.0
Redhat Enterprise Linux Workstation 4.0
Redhat Enterprise Linux Workstation 3.0
Redhat Enterprise Linux Server 3.0
Redhat Enterprise Linux Server 2.0
Redhat Enterprise Linux Workstation 2.0
NA
CVE-2012-3440
A certain Red Hat script for sudo 1.7.2 on Red Hat Enterprise Linux (RHEL) 5 allows local users to overwrite arbitrary files via a symlink attack on the /var/tmp/nsswitch.conf.bak temporary file.
Todd Miller Sudo 1.7.2
Redhat Enterprise Linux 5
NA
CVE-2012-2313
The rio_ioctl function in drivers/net/ethernet/dlink/dl2k.c in the Linux kernel prior to 3.3.7 does not restrict access to the SIOCSMIIREG command, which allows local users to write data to an Ethernet adapter via an ioctl call.
Linux Linux Kernel 3.3
Linux Linux Kernel 3.3.2
Linux Linux Kernel 3.3.3
Linux Linux Kernel
Linux Linux Kernel 3.3.4
Linux Linux Kernel 3.3.5
Linux Linux Kernel 3.3.1
Novell Suse Linux Enterprise Server 10.0
Redhat Enterprise Linux 5
Redhat Enterprise Linux Server Aus 6.2
Redhat Enterprise Linux Server Eus 6.2.z
Redhat Enterprise Linux Desktop 5.0
Redhat Enterprise Linux Server Eus 6.1.z
Redhat Enterprise Linux Eus 5.6.z
Redhat Enterprise Linux Long Life 5.6
7.5
CVSSv3
CVE-2007-1285
The Zend Engine in PHP 4.x prior to 4.4.7, and 5.x prior to 5.2.2, allows remote malicious users to cause a denial of service (stack exhaustion and PHP crash) via deeply nested arrays, which trigger deep recursion in the variable destruction routines.
Php Php
Canonical Ubuntu Linux 7.10
Novell Suse Linux 10.0
Novell Suse Linux 10.1
Suse Linux Enterprise Server 10
Suse Linux Enterprise Server 8
Redhat Enterprise Linux Desktop 3.0
Redhat Enterprise Linux Desktop 4.0
Redhat Enterprise Linux Server 4.0
Redhat Enterprise Linux Workstation 4.0
Redhat Enterprise Linux Workstation 3.0
Redhat Enterprise Linux Server 3.0
Redhat Enterprise Linux Server 2.0
Redhat Enterprise Linux Workstation 2.0
1 EDB exploit
NA
CVE-2014-5353
The krb5_ldap_get_password_policy_from_dn function in plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c in MIT Kerberos 5 (aka krb5) prior to 1.13.1, when the KDC uses LDAP, allows remote authenticated users to cause a denial of service (daemon crash) via a successful LDAP query wit...
Mit Kerberos 5
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Aus 6.6
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Eus 6.6
Redhat Enterprise Linux Server Tus 7.3
Redhat Enterprise Linux Server Aus 7.3
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Eus 7.3
Redhat Enterprise Linux Eus 7.4
Redhat Enterprise Linux Eus 7.5
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux Server Tus 6.6
Redhat Enterprise Linux Eus 7.6
Redhat Enterprise Linux Server Aus 7.7
Redhat Enterprise Linux Server Tus 7.7
Redhat Enterprise Linux Eus 7.7
Fedoraproject Fedora 22
Debian Debian Linux 7.0
NA
CVE-2012-3406
The vfprintf function in stdio-common/vfprintf.c in GNU C Library (aka glibc) 2.5, 2.12, and probably other versions does not "properly restrict the use of" the alloca function when allocating the SPECS array, which allows context-dependent malicious users to bypass the...
Canonical Ubuntu Linux 8.04
Redhat Enterprise Linux 6.0
Canonical Ubuntu Linux 11.04
Canonical Ubuntu Linux 11.10
Redhat Enterprise Virtualization 3.0
Redhat Enterprise Linux 5
Canonical Ubuntu Linux 12.04
Gnu Glibc 2.5
Canonical Ubuntu Linux 10.04
Gnu Glibc 2.12
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »