redhat enterprise linux 7.0 vulnerabilities and exploits

(subscribe to this query)

4.9

CVSSv2

sudo: It was discovered that the default sudo configuration on Red Hat Enterprise Linux and possibly other Linux implementations preserves the value of INPUTRC which could lead to information disclosure. A local user with sudo access to a restricted program that uses readline...

Redhat Enterprise Linux Redhat Enterprise Linux Desktop 7.0 Redhat Enterprise Linux Hpc Node 7.0 Redhat Enterprise Linux Server 7.0 Redhat Enterprise Linux Workstation 7.0

7.5

CVSSv2

SerializableProvider in RESTEasy in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux Workstation 7 allows remote attackers to execute arbitrary code....

Redhat Enterprise Linux Desktop 7.0 Redhat Enterprise Linux Hpc Node 7.0 Redhat Enterprise Linux Server 7.0 Redhat Enterprise Linux Workstation 7.01 Github repository available

5

CVSSv2

389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allows remote attackers to read the default Access Control...

Redhat Enterprise Linux Desktop 6.0 Redhat Enterprise Linux Desktop 7.0 Redhat Enterprise Linux Hpc Node 6.0 Redhat Enterprise Linux Hpc Node 7.0 Redhat Enterprise Linux Server 6.0 Redhat Enterprise Linux Server 7.0 Redhat Enterprise Linux Workstation 6.0 Redhat Enterprise Linux Workstation 7.0

2.1

CVSSv2

The Subscription Manager package (aka subscription-manager) before 1.17.7-1 for Candlepin uses weak permissions (755) for subscription-manager cache directories, which allows local users to obtain sensitive information by reading files in the directories....

Redhat Enterprise Linux Desktop 6.0 Redhat Enterprise Linux Desktop 7.0 Redhat Enterprise Linux Hpc Node 6.0 Redhat Enterprise Linux Hpc Node 7.0 Redhat Enterprise Linux Server 6.0 Redhat Enterprise Linux Server 7.0 Redhat Enterprise Linux Workstation 6.0 Redhat Enterprise Linux Workstation 7.0 Redhat Subscription-manager

5

CVSSv2

The calloc function in the glibc package in Red Hat Enterprise Linux (RHEL) 6.7 and 7.2 does not properly initialize memory areas, which might allow context-dependent attackers to cause a denial of service (hang or crash) via unspecified vectors....

Redhat Enterprise Linux 6.7 Redhat Enterprise Linux 7.2 Redhat Enterprise Linux Desktop 7.0 Redhat Enterprise Linux Hpc Node 7.0 Redhat Enterprise Linux Hpc Node Eus 7.2 Redhat Enterprise Linux Server 7.0 Redhat Enterprise Linux Server Aus 7.2 Redhat Enterprise Linux Server Eus 7.2 Redhat Enterprise Linux Workstation 7.01 Github repository available

7.2

CVSSv2

Integer overflow in lib/asn1_decoder.c in the Linux kernel before 4.6 allows local users to gain privileges via crafted ASN.1 data....

Redhat Enterprise Linux Desktop 7.0 Redhat Enterprise Linux Hpc Node 7.0 Redhat Enterprise Linux Hpc Node Eus 7.2 Redhat Enterprise Linux Server 7.0 Redhat Enterprise Linux Server Aus 7.2 Redhat Enterprise Linux Server Eus 7.2 Redhat Enterprise Linux Workstation 7.0 Linux Linux Kernel3 Github repositories available

5.5

CVSSv2

A vulnerability was found in ipa before 4.4. IdM's ca-del, ca-disable, and ca-enable commands did not properly check the user's permissions while modifying CAs in Dogtag. An authenticated, unauthorized attacker could use this flaw to delete, disable, or enable CAs...

Freeipa Freeipa Redhat Enterprise Linux 7.0 Redhat Enterprise Linux Desktop 7.0 Redhat Enterprise Linux Server 7.0 Redhat Enterprise Linux Server Aus 7.3 Redhat Enterprise Linux Server Aus 7.4 Redhat Enterprise Linux Server Eus 7.3 Redhat Enterprise Linux Server Eus 7.4 Redhat Enterprise Linux Server Eus 7.5 Redhat Enterprise Linux Workstation 7.0

4

CVSSv2

Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DDL....

Oracle Mysql Redhat Enterprise Linux Desktop 7.0 Redhat Enterprise Linux Hpc Node 7.0 Redhat Enterprise Linux Hpc Node Eus 7.2 Redhat Enterprise Linux Server 7.0 Redhat Enterprise Linux Server Aus 7.2 Redhat Enterprise Linux Server Eus 7.2 Redhat Enterprise Linux Workstation 7.0 Oracle Linux 7 Oracle Solaris 11.3 Opensuse Leap 42.1 Redhat Enterprise Linux 6.0 Redhat Enterprise Linux 7.01 Github repository available

6.9

CVSSv2

Race condition in the worker_update_monitors_config function in SPICE 0.12.4 allows a remote authenticated guest user to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possibly execute arbitrary code on the host via unspecified vectors....

Spice Project Spice 0.12.4 Redhat Enterprise Linux 6.0 Redhat Enterprise Linux 7.0 Redhat Enterprise Linux Desktop 6.0 Redhat Enterprise Linux Desktop 7.0 Redhat Enterprise Linux Hpc Node 6 Redhat Enterprise Linux Hpc Node 7.0 Redhat Enterprise Linux Server 6.0 Redhat Enterprise Linux Server 7.0 Redhat Enterprise Linux Workstation 6.0 Redhat Enterprise Linux Workstation 7.0

10

CVSSv2

PHP before 5.6.7 might allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to "type confusion" issues in (1) ext/soap/php_encoding.c, (2) ext/soap/php_http.c, and (3)...

Redhat Enterprise Linux Desktop 7.0 Redhat Enterprise Linux Hpc Node 7.0 Redhat Enterprise Linux Hpc Node Eus 7.1 Redhat Enterprise Linux Server 7.0 Redhat Enterprise Linux Server Eus 7.1 Redhat Enterprise Linux Workstation 7.0 Php Php

Get Started

1 2 3 4 5 6 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook