Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat enterprise linux 5 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-3825
pam_krb5 2.2.14 in Red Hat Enterprise Linux (RHEL) 5 and previous versions, when the existing_ticket option is enabled, uses incorrect privileges when reading a Kerberos credential cache, which allows local users to gain privileges by setting the KRB5CCNAME environment variable t...
Redhat Enterprise Linux 5
Redhat Enterprise Linux Desktop 5
NA
CVE-2008-1767
Buffer overflow in pattern.c in libxslt prior to 1.1.24 allows context-dependent malicious users to cause a denial of service (crash) and possibly execute arbitrary code via an XSL style sheet file with a long XSLT "transformation match" condition that triggers a large ...
Redhat Enterprise Linux 3.0
Redhat Enterprise Linux Desktop Workstation 5
Redhat Linux Advanced Workstation 2.1
Redhat Desktop 3
Redhat Enterprise Linux 4.0
Redhat Enterprise Linux 2.1
Redhat Enterprise Linux Desktop 4
Redhat Enterprise Linux Desktop 5
Redhat Enterprise Linux 5.0
1 EDB exploit
NA
CVE-2008-1951
Untrusted search path vulnerability in a certain Red Hat build script for Standards Based Linux Instrumentation for Manageability (sblim) libraries prior to 1-13a.el4_6.1 in Red Hat Enterprise Linux (RHEL) 4, and prior to 1-31.el5_2.1 in RHEL 5, allows local users to gain privile...
Redhat Enterprise Linux 4
Redhat Enterprise Linux 5
NA
CVE-2012-2124
functions/imap_general.php in SquirrelMail, as used in Red Hat Enterprise Linux (RHEL) 4 and 5, does not properly handle 8-bit characters in passwords, which allows remote malicious users to cause a denial of service (disk consumption) by making many IMAP login attempts with diff...
Redhat Enterprise Linux 4
Squirrelmail Squirrelmail -
Redhat Enterprise Linux 5
NA
CVE-2013-4342
xinetd does not enforce the user and group configuration directives for TCPMUX services, which causes these services to be run as root and makes it easier for remote malicious users to gain privileges by leveraging another vulnerability in a service.
Xinetd Xinetd -
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 5
NA
CVE-2012-3359
Luci in Red Hat Conga stores the user's username and password in a Base64 encoded string in the __ac session cookie, which allows malicious users to gain privileges by accessing this cookie. NOTE: this issue has been SPLIT due to different vulnerability types. Use CVE-2013-7...
Redhat Conga
Redhat Enterprise Linux 5
NA
CVE-2013-7347
Luci in Red Hat Conga does not properly enforce the user session timeout, which might allow malicious users to gain access to the session by reading the __ac session cookie. NOTE: this issue has been SPLIT due to different vulnerability types. Use CVE-2012-3359 for the base64-enc...
Redhat Enterprise Linux 5
Redhat Conga
NA
CVE-2013-4282
Stack-based buffer overflow in the reds_handle_ticket function in server/reds.c in SPICE 0.12.0 allows remote malicious users to cause a denial of service (crash) via a long password in a SPICE ticket.
Spice Project Spice 0.12.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Virtualization 3.0
Redhat Enterprise Linux 5
NA
CVE-2012-2697
Unspecified vulnerability in autofs, as used in Red Hat Enterprise Linux (RHEL) 5, allows local users to cause a denial of service (autofs crash and delayed mounts) or prevent "mount expiration" via unspecified vectors related to "using an LDAP-based automount map....
Redhat Enterprise Linux 5
NA
CVE-2011-1576
The Generic Receive Offload (GRO) implementation in the Linux kernel 2.6.18 on Red Hat Enterprise Linux 5 and 2.6.32 on Red Hat Enterprise Linux 6, as used in Red Hat Enterprise Virtualization (RHEV) Hypervisor and other products, allows remote malicious users to cause a denial o...
Linux Linux Kernel 2.6.18
Redhat Enterprise Linux 5
Redhat Enterprise Linux 6.0
Redhat Enterprise Virtualization Hypervisor
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654
CVE-2024-2757
authentication bypass
CVE-2024-3194
CVE-2024-33640
CVE-2024-21111
dos
insecure direct object reference
CVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »