Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

enterprise linux supplementary vulnerabilities and exploits

(subscribe to this query)
8.8
CVSSv3
CVE-2015-8540
Integer underflow in the png_check_keyword function in pngwutil.c in libpng 0.90 up to and including 0.99, 1.0.x prior to 1.0.66, 1.1.x and 1.2.x prior to 1.2.56, 1.3.x and 1.4.x prior to 1.4.19, and 1.5.x prior to 1.5.26 allows remote malicious users to have unspecified impact v...
Redhat Enterprise Linux Desktop Supplementary 6.0Redhat Enterprise Linux Server Supplementary 6.0Redhat Enterprise Linux Hpc Node 6.0Redhat Enterprise Linux Workstation Supplementary 6.0Redhat Enterprise Linux Server Supplementary 5.0Redhat Enterprise Linux Desktop Supplementary 5.0Libpng Libpng 1.2.14Libpng Libpng 1.2.45Libpng Libpng 1.2.46Libpng Libpng 1.2.33Libpng Libpng 1.2.16Libpng Libpng 1.2.35Libpng Libpng 1.2.29Libpng Libpng 1.2.26Libpng Libpng 1.2.54Libpng Libpng 1.2.7Libpng Libpng 1.2.43Libpng Libpng 1.2.2Libpng Libpng 1.2.4Libpng Libpng 1.2.22Libpng Libpng 1.2.39Libpng Libpng 1.2.48
7.1
CVSSv3
CVE-2022-2989
An incorrect handling of the supplementary groups in the Podman container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissio...
Podman Project PodmanRedhat Enterprise Linux 7.0Redhat Openshift Container Platform 3.11Redhat Enterprise Linux 8.0Redhat Openshift Container Platform 4.0Redhat Enterprise Linux 9.0
7.1
CVSSv3
CVE-2022-2990
An incorrect handling of the supplementary groups in the Buildah container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissi...
Buildah Project BuildahRedhat Enterprise Linux 7.0Redhat Enterprise Linux 8.0Redhat Openshift Container Platform 4.0Redhat Enterprise Linux 9.0
NA
CVE-2011-4111
Buffer overflow in the ccid_card_vscard_handle_message function in hw/ccid-card-passthru.c in QEMU prior to 0.15.2 and 1.x prior to 1.0-rc4 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted VSC_ATR message.
Redhat Enterprise Linux Server Supplementary 6.1.zRedhat Enterprise Linux 6.0Qemu Qemu 1.0Qemu Qemu 0.15.0Qemu Qemu
NA
CVE-2013-5870
Unspecified vulnerability in Oracle Java SE 7u45 and JavaFX 2.2.45 allows remote malicious users to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX.
Redhat Enterprise Linux Desktop Supplementary 6.0Redhat Enterprise Linux Server Supplementary Aus 6.5Redhat Enterprise Linux Hpc Node Supplementary 6.0Redhat Enterprise Linux Server Supplementary Eus 6.5.zRedhat Enterprise Linux Server Supplementary 6.0Redhat Enterprise Linux Workstation Supplementary 6.0Redhat Enterprise Linux Server Supplementary 5.0Redhat Enterprise Linux Desktop Supplementary 5.0Hp JdkHp JreOracle Javafx 2.2.45Oracle Jre 1.7.0
NA
CVE-2014-0418
Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote malicious users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5889, CVE-2013-5902, CVE-2014-0410, CVE-2014-0415, and...
Redhat Enterprise Linux Desktop Supplementary 6.0Redhat Enterprise Linux Server Supplementary Aus 6.5Redhat Enterprise Linux Hpc Node Supplementary 6.0Redhat Enterprise Linux Server Supplementary Eus 6.5.zRedhat Enterprise Linux Server Supplementary 6.0Redhat Enterprise Linux Workstation Supplementary 6.0Redhat Enterprise Linux Server Supplementary 5.0Redhat Enterprise Linux Desktop Supplementary 5.0Oracle Jdk 1.6.0Oracle Jre 1.6.0Oracle Jre 1.7.0Hp JdkHp Jre
NA
CVE-2013-5895
Unspecified vulnerability in Oracle Java SE 7u45 and JavaFX 2.2.45 allows remote malicious users to affect confidentiality via unknown vectors related to JavaFX.
Redhat Enterprise Linux Desktop Supplementary 6.0Redhat Enterprise Linux Server Supplementary Aus 6.5Redhat Enterprise Linux Hpc Node Supplementary 6.0Redhat Enterprise Linux Server Supplementary Eus 6.5.zRedhat Enterprise Linux Server Supplementary 6.0Redhat Enterprise Linux Workstation Supplementary 6.0Redhat Enterprise Linux Server Supplementary 5.0Redhat Enterprise Linux Desktop Supplementary 5.0Hp JdkHp JreOracle Jre 1.7.0Oracle Javafx 2.2.45
NA
CVE-2012-1053
The change_user method in the SUIDManager (lib/puppet/util/suidmanager.rb) in Puppet 2.6.x prior to 2.6.14 and 2.7.x prior to 2.7.11, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x prior to 2.0.3 does not properly manage group privileges, which allows local users to gain...
Puppet Puppet 2.6.13Puppet Puppet 2.6.5Puppet Puppet 2.6.4Puppet Puppet 2.6.10Puppet Puppet 2.6.9Puppet Puppet 2.6.8Puppet Puppet 2.6.1Puppet Puppet 2.6.0Puppet Puppet 2.6.7Puppet Puppet 2.6.6Puppet Puppet 2.6.12Puppet Puppet 2.6.11Puppet Puppet 2.6.3Puppet Puppet 2.6.2Puppet Puppet 2.7.9Puppet Puppet 2.7.8Puppet Puppet 2.7.4Puppet Puppet 2.7.3Puppet Puppet 2.7.5Puppet Puppet 2.7.2Puppet Puppet 2.7.10Puppetlabs Puppet 2.7.1
NA
CVE-2012-1054
Puppet 2.6.x prior to 2.6.14 and 2.7.x prior to 2.7.11, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x prior to 2.0.3, when managing a user login file with the k5login resource type, allows local users to gain privileges via a symlink attack on .k5login.
Puppet Puppet 2.6.11Puppet Puppet 2.6.10Puppet Puppet 2.6.3Puppet Puppet 2.6.2Puppet Puppet 2.6.7Puppet Puppet 2.6.6Puppet Puppet 2.6.13Puppet Puppet 2.6.12Puppet Puppet 2.6.5Puppet Puppet 2.6.4Puppet Puppet 2.6.9Puppet Puppet 2.6.8Puppet Puppet 2.6.1Puppet Puppet 2.6.0Puppet Puppet 2.7.10Puppet Puppet 2.7.9Puppetlabs Puppet 2.7.0Puppet Puppet 2.7.4Puppet Puppet 2.7.8Puppet Puppet 2.7.7Puppet Puppet 2.7.3Puppet Puppet 2.7.2
NA
CVE-2010-0205
The png_decompress_chunk function in pngrutil.c in libpng 1.0.x prior to 1.0.53, 1.2.x prior to 1.2.43, and 1.4.x prior to 1.4.1 does not properly handle compressed ancillary-chunk data that has a disproportionately large uncompressed representation, which allows remote malicious...
Libpng LibpngApple Mac Os XFedoraproject Fedora 11Fedoraproject Fedora 12Fedoraproject Fedora 13Opensuse Opensuse 11.0Opensuse Opensuse 11.1Opensuse Opensuse 11.2Suse Linux Enterprise Server 9Suse Linux Enterprise Server 10Suse Linux Enterprise Server 11Canonical Ubuntu Linux 6.06Canonical Ubuntu Linux 8.04Canonical Ubuntu Linux 8.10Canonical Ubuntu Linux 9.04Canonical Ubuntu Linux 9.10Debian Debian Linux 5.0Debian Debian Linux 6.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304CVE-2024-4240arbitrary CVE-2024-31601XSSCVE-2023-20198CVE-2024-4256CVE-2024-3342encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook