Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
redhat enterprise linux 5 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-3825
pam_krb5 2.2.14 in Red Hat Enterprise Linux (RHEL) 5 and earlier, when the existing_ticket option is enabled, uses incorrect privileges when reading a Kerberos credential cache, which allows local users to gain privileges by setting the KRB5CCNAME environment variable to an...
Redhat Enterprise Linux 5
Redhat Enterprise Linux Desktop 5
NA
CVE-2008-1767
Buffer overflow in pattern.c in libxslt before 1.1.24 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XSL style sheet file with a long XSLT "transformation match" condition that triggers a large number...
Redhat Enterprise Linux 3.0
Redhat Enterprise Linux Desktop Workstation 5
Redhat Linux Advanced Workstation 2.1
Redhat Desktop 3
Redhat Enterprise Linux 4.0
Redhat Enterprise Linux 2.1
Redhat Enterprise Linux Desktop 4
Redhat Enterprise Linux Desktop 5
Redhat Enterprise Linux 5.0
1 EDB exploit available
1 Github repository available
NA
CVE-2008-1951
Untrusted search path vulnerability in a certain Red Hat build script for Standards Based Linux Instrumentation for Manageability (sblim) libraries before 1-13a.el4_6.1 in Red Hat Enterprise Linux (RHEL) 4, and before 1-31.el5_2.1 in RHEL 5, allows local users to gain privileges...
Redhat Enterprise Linux 5
Redhat Enterprise Linux 4
NA
CVE-2012-2124
functions/imap_general.php in SquirrelMail, as used in Red Hat Enterprise Linux (RHEL) 4 and 5, does not properly handle 8-bit characters in passwords, which allows remote attackers to cause a denial of service (disk consumption) by making many IMAP login attempts with different...
Redhat Enterprise Linux 4
Redhat Enterprise Linux 5
Squirrelmail Squirrelmail -
NA
CVE-2013-4342
xinetd does not enforce the user and group configuration directives for TCPMUX services, which causes these services to be run as root and makes it easier for remote attackers to gain privileges by leveraging another vulnerability in a service....
Xinetd Xinetd -
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 5
NA
CVE-2014-0249
The System Security Services Daemon (SSSD) 1.11.6 does not properly identify group membership when a non-POSIX group is in a group membership chain, which allows local users to bypass access restrictions via unspecified vectors....
Redhat Enterprise Linux 5
Fedoraproject Sssd 1.11.6
Redhat Enterprise Linux 6.0
NA
CVE-2012-3359
Luci in Red Hat Conga stores the user's username and password in a Base64 encoded string in the __ac session cookie, which allows attackers to gain privileges by accessing this cookie. NOTE: this issue has been SPLIT due to different vulnerability types. Use CVE-2013-7347...
Redhat Enterprise Linux 5
Redhat Conga
NA
CVE-2012-2697
Unspecified vulnerability in autofs, as used in Red Hat Enterprise Linux (RHEL) 5, allows local users to cause a denial of service (autofs crash and delayed mounts) or prevent "mount expiration" via unspecified vectors related to "using an LDAP-based automount...
Redhat Enterprise Linux 5
NA
CVE-2013-1976
The (1) tomcat5, (2) tomcat6, and (3) tomcat7 init scripts, as used in the RPM distribution of Tomcat for JBoss Enterprise Web Server 1.0.2 and 2.0.0, and Red Hat Enterprise Linux 5 and 6, allow local users to change the ownership of arbitrary files via a symlink attack on (a)...
Redhat Enterprise Linux 5
Redhat Enterprise Linux 6.0
Redhat Jboss Enterprise Web Server 1.0.2
Redhat Jboss Enterprise Web Server 2.0.0
NA
CVE-2013-4282
Stack-based buffer overflow in the reds_handle_ticket function in server/reds.c in SPICE 0.12.0 allows remote attackers to cause a denial of service (crash) via a long password in a SPICE ticket....
Spice Project Spice 0.12.0
Redhat Enterprise Virtualization 3.0
Redhat Enterprise Linux 5
Redhat Enterprise Linux 6.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48285
CVE-2023-23621
bypass
CVE-2019-25053
file inclusion
CVE-2023-24055
logic flaw
CVE-2023-23560
CVE-2022-48012
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »