redhat vulnerabilities and exploits

6.9
CVSSv2
CVE-2012-0056

The mem_write function in the Linux kernel before 3.2.2, when ASLR is disabled, does not properly check permissions when writing to /proc/<pid>/mem, which allows local users to gain privileges by modifying process memory, as demonstrated by Mempodipper....

LinuxLinux Kernel
7.2
CVSSv2
CVE-2003-0127

The kernel module loader in Linux kernel 2.2.x before 2.2.25, and 2.4.x before 2.4.21, allows local users to gain root privileges by using ptrace to attach to a child process that is spawned by the kernel....

LinuxLinux Kernel
7.2
CVSSv2
CVE-2011-2005

afd.sys in the Ancillary Function Driver in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly validate user-mode input passed to kernel mode, which allows local users to gain privileges via a crafted application, aka "Ancillary Function Driver Elevation...

MicrosoftWindows 2003 ServerWindows Server 2003Windows Xp
7.2
CVSSv2
CVE-2010-0232

The kernel in Microsoft Windows NT 3.1 through Windows 7, including Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, and Windows Server 2008 Gold and SP2, when access to 16-bit applications is enabled on a 32-bit x86 platform,...

MicrosoftWindows 2000Windows 7Windows NtWindows Server 2003Windows Server 2008Windows VistaWindows Xp
NA
CVE-2019-11706

Mozilla Thunderbird is vulnerable to a denial of service, caused by a type confusion in the implementation of iCal in icaltimezone_get_vtimezone_properties. By persuading a victim to open a specially crafted email, an attacker could exploit this vulnerability to cause the...

NA
CVE-2019-11705

Mozilla Thunderbird is vulnerable to a denial of service, caused by a stack-based buffer overflow in the implementation of iCal in icalrecur_add_bydayrules. By persuading a victim to open a specially crafted email, an attacker could exploit this vulnerability to cause the...

NA
CVE-2019-11704

A flaw in Thunderbird's implementation of iCal before 60.7.1 causes a heap buffer overflow in icalmemory_strdup_and_dequote when processing certain email messages, resulting in a potentially exploitable crash....

NA
CVE-2019-11703

Mozilla Thunderbird is vulnerable to a denial of service, caused by a heap-based buffer overflow in the implementation of iCal in parser_get_next_char. By persuading a victim to open a specially crafted email, an attacker could exploit this vulnerability to cause the application...

4.3
CVSSv2
CVE-2019-10150

It was found that OpenShift Container Platform versions 3.6.x - 4.6.0 does not perform SSH Host Key checking when using ssh key authentication during builds. An attacker, with the ability to redirect network traffic, could use this to alter the resulting build output....

3.5
CVSSv2
CVE-2019-3872

It was found that a SAMLRequest containing a script could be processed by Picketlink versions shipped in Jboss Application Platform 7.2.x and 7.1.x. An attacker could use this to send a malicious script to achieve cross-site scripting and obtain unauthorized information or...