Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat enterprise linux 5 vulnerabilities and exploits
(subscribe to this query)
3.7
CVSSv2
CVE-2012-3359
Luci in Red Hat Conga stores the user's username and password in a Base64 encoded string in the __ac session cookie, which allows malicious users to gain privileges by accessing this cookie. NOTE: this issue has been SPLIT due to different vulnerability types. Use CVE-2013-7...
Redhat Conga
Redhat Enterprise Linux 5
3.7
CVSSv2
CVE-2013-7347
Luci in Red Hat Conga does not properly enforce the user session timeout, which might allow malicious users to gain access to the session by reading the __ac session cookie. NOTE: this issue has been SPLIT due to different vulnerability types. Use CVE-2012-3359 for the base64-enc...
Redhat Enterprise Linux 5
Redhat Conga
4.3
CVSSv2
CVE-2014-2497
The gdImageCreateFromXpm function in gdxpm.c in libgd, as used in PHP 5.4.26 and previous versions, allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via a crafted color table in an XPM file.
Php Php
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Suse Linux Enterprise Server 11
Suse Linux Enterprise Software Development Kit 11
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Aus 6.5
Redhat Enterprise Linux Server Tus 6.5
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Server Tus 7.3
Redhat Enterprise Linux Eus 6.5
Redhat Enterprise Linux Eus 7.3
Redhat Enterprise Linux Eus 7.4
Redhat Enterprise Linux Eus 7.5
Redhat Enterprise Linux Eus 7.6
Redhat Enterprise Linux Eus 7.7
6.8
CVSSv2
CVE-2012-3406
The vfprintf function in stdio-common/vfprintf.c in GNU C Library (aka glibc) 2.5, 2.12, and probably other versions does not "properly restrict the use of" the alloca function when allocating the SPECS array, which allows context-dependent malicious users to bypass the...
Redhat Enterprise Linux 5
Redhat Enterprise Linux 6.0
Redhat Enterprise Virtualization 3.0
Gnu Glibc 2.5
Gnu Glibc 2.12
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 11.04
Canonical Ubuntu Linux 11.10
Canonical Ubuntu Linux 12.04
6.3
CVSSv2
CVE-2013-2561
OpenFabrics ibutils 1.5.7 allows local users to overwrite arbitrary files via a symlink attack on (1) ibdiagnet.db, (2) ibdiagnet.fdbs, (3) ibdiagnet_ibis.log, (4) ibdiagnet.log, (5) ibdiagnet.lst, (6) ibdiagnet.mcfdbs, (7) ibdiagnet.pkey, (8) ibdiagnet.psl, (9) ibdiagnet.slvl, o...
Redhat Enterprise Linux 6.0
Openfabrics Ibutils 1.5.7
5
CVSSv2
CVE-2013-4282
Stack-based buffer overflow in the reds_handle_ticket function in server/reds.c in SPICE 0.12.0 allows remote malicious users to cause a denial of service (crash) via a long password in a SPICE ticket.
Spice Project Spice 0.12.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Virtualization 3.0
Redhat Enterprise Linux 5
7.6
CVSSv2
CVE-2013-4342
xinetd does not enforce the user and group configuration directives for TCPMUX services, which causes these services to be run as root and makes it easier for remote malicious users to gain privileges by leveraging another vulnerability in a service.
Xinetd Xinetd -
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 5
1.2
CVSSv2
CVE-2013-2217
cache.py in Suds 0.4, when tempdir is set to None, allows local users to redirect SOAP queries and possibly have other unspecified impact via a symlink attack on a cache file with a predictable name in /tmp/suds/.
Jeff Ortel Suds 0.4
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 5
Opensuse Opensuse 12.2
Opensuse Opensuse 12.3
4.3
CVSSv2
CVE-2013-1824
The SOAP parser in PHP prior to 5.3.22 and 5.4.x prior to 5.4.12 allows remote malicious users to read arbitrary files via a SOAP WSDL file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue in the ...
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 5
Apple Mac Os X
Php Php
6.8
CVSSv2
CVE-2013-2174
Heap-based buffer overflow in the curl_easy_unescape function in lib/escape.c in cURL and libcurl 7.7 up to and including 7.30.0 allows remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string ending in a &quo...
Haxx Curl 7.7
Haxx Curl 7.9.3
Haxx Curl 7.9.2
Haxx Curl 7.10.1
Haxx Curl 7.7.3
Haxx Curl 7.8
Haxx Curl 7.9.7
Haxx Curl 7.9.6
Haxx Curl 7.10.5
Haxx Curl 7.10.8
Haxx Curl 7.12.1
Haxx Curl 7.12.2
Haxx Curl 7.12.3
Haxx Curl 7.15.1
Haxx Curl 7.15.2
Haxx Curl 7.16.1
Haxx Curl 7.16.0
Haxx Curl 7.19.6
Haxx Curl 7.19.7
Haxx Curl 7.21.6
Haxx Curl 7.21.7
Haxx Curl 7.22.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »