Filtered by vendor Redhat
Subscribe
Total
5752 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-5077 | 5 Apple, Google, Linux and 2 more | 8 Macos, Android, Chrome and 5 more | 2025-04-20 | 6.8 MEDIUM | 8.8 HIGH |
| Insufficient validation of untrusted input in Skia in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. | |||||
| CVE-2017-1000111 | 3 Debian, Linux, Redhat | 9 Debian Linux, Linux Kernel, Enterprise Linux and 6 more | 2025-04-20 | 7.2 HIGH | 7.8 HIGH |
| Linux kernel: heap out-of-bounds in AF_PACKET sockets. This new issue is analogous to previously disclosed CVE-2016-8655. In both cases, a socket option that changes socket state may race with safety checks in packet_set_ring. Previously with PACKET_VERSION. This time with PACKET_RESERVE. The solution is similar: lock the socket for the update. This issue may be exploitable, we did not investigate further. As this issue affects PF_PACKET sockets, it requires CAP_NET_RAW in the process namespace. But note that with user namespaces enabled, any process can create a namespace in which it has CAP_NET_RAW. | |||||
| CVE-2023-3640 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-04-15 | N/A | 7.0 HIGH |
| A possible unauthorized memory access flaw was found in the Linux kernel's cpu_entry_area mapping of X86 CPU data to memory, where a user may guess the location of exception stacks or other important data. Based on the previous CVE-2023-0597, the 'Randomize per-cpu entry area' feature was implemented in /arch/x86/mm/cpu_entry_area.c, which works through the init_cea_offsets() function when KASLR is enabled. However, despite this feature, there is still a risk of per-cpu entry area leaks. This issue could allow a local user to gain access to some important data with memory in an expected location and potentially escalate their privileges on the system. | |||||
| CVE-2018-1000156 | 4 Canonical, Debian, Gnu and 1 more | 9 Ubuntu Linux, Debian Linux, Patch and 6 more | 2025-04-14 | 6.8 MEDIUM | 7.8 HIGH |
| GNU Patch version 2.7.6 contains an input validation vulnerability when processing patch files, specifically the EDITOR_PROGRAM invocation (using ed) can result in code execution. This attack appear to be exploitable via a patch file processed via the patch utility. This is similar to FreeBSD's CVE-2015-1418 however although they share a common ancestry the code bases have diverged over time. | |||||
| CVE-2022-4130 | 1 Redhat | 1 Satellite | 2025-04-14 | N/A | 4.5 MEDIUM |
| A blind site-to-site request forgery vulnerability was found in Satellite server. It is possible to trigger an external interaction to an attacker's server by modifying the Referer header in an HTTP request of specific resources in the server. | |||||
| CVE-2022-4144 | 3 Fedoraproject, Qemu, Redhat | 4 Extra Packages For Enterprise Linux, Fedora, Qemu and 1 more | 2025-04-14 | N/A | 6.5 MEDIUM |
| An out-of-bounds read flaw was found in the QXL display device emulation in QEMU. The qxl_phys2virt() function does not check the size of the structure pointed to by the guest physical address, potentially reading past the end of the bar space into adjacent pages. A malicious guest user could use this flaw to crash the QEMU process on the host causing a denial of service condition. | |||||
| CVE-2015-5260 | 4 Canonical, Debian, Redhat and 1 more | 9 Ubuntu Linux, Debian Linux, Enterprise Linux Desktop and 6 more | 2025-04-12 | 7.2 HIGH | 7.8 HIGH |
| Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possibly execute arbitrary code on the host via QXL commands related to the surface_id parameter. | |||||
| CVE-2016-3727 | 2 Jenkins, Redhat | 2 Jenkins, Openshift | 2025-04-12 | 4.0 MEDIUM | 4.3 MEDIUM |
| The API URL computer/(master)/api/xml in Jenkins before 2.3 and LTS before 1.651.2 allows remote authenticated users with extended read permission for the master node to obtain sensitive information about the global configuration via unspecified vectors. | |||||
| CVE-2015-4756 | 2 Oracle, Redhat | 2 Mysql, Enterprise Linux | 2025-04-12 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB, a different vulnerability than CVE-2015-0439. | |||||
| CVE-2016-5403 | 5 Canonical, Debian, Oracle and 2 more | 13 Ubuntu Linux, Debian Linux, Linux and 10 more | 2025-04-12 | 4.9 MEDIUM | 5.5 MEDIUM |
| The virtqueue_pop function in hw/virtio/virtio.c in QEMU allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by submitting requests without waiting for completion. | |||||
| CVE-2016-1682 | 6 Canonical, Debian, Google and 3 more | 9 Ubuntu Linux, Debian Linux, Chrome and 6 more | 2025-04-12 | 4.3 MEDIUM | 6.1 MEDIUM |
| The ServiceWorkerContainer::registerServiceWorkerImpl function in WebKit/Source/modules/serviceworkers/ServiceWorkerContainer.cpp in Blink, as used in Google Chrome before 51.0.2704.63, allows remote attackers to bypass the Content Security Policy (CSP) protection mechanism via a ServiceWorker registration. | |||||
| CVE-2015-2787 | 4 Apple, Opensuse, Php and 1 more | 9 Mac Os X, Opensuse, Php and 6 more | 2025-04-12 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages use of the unset function within an __wakeup function, a related issue to CVE-2015-0231. | |||||
| CVE-2015-1281 | 4 Debian, Google, Opensuse and 1 more | 7 Debian Linux, Chrome, Opensuse and 4 more | 2025-04-12 | 4.3 MEDIUM | N/A |
| core/loader/ImageLoader.cpp in Blink, as used in Google Chrome before 44.0.2403.89, does not properly determine the V8 context of a microtask, which allows remote attackers to bypass Content Security Policy (CSP) restrictions by providing an image from an unintended source. | |||||
| CVE-2014-8114 | 1 Redhat | 1 Uberfire | 2025-04-12 | 6.8 MEDIUM | N/A |
| The UberFire Framework 0.3.x does not properly restrict paths, which allows remote attackers to (1) execute arbitrary code by uploading crafted content to FileUploadServlet or (2) read arbitrary files via vectors involving FileDownloadServlet. | |||||
| CVE-2016-4122 | 8 Adobe, Apple, Google and 5 more | 14 Flash Player, Flash Player Desktop Runtime, Mac Os X and 11 more | 2025-04-12 | 9.3 HIGH | 8.8 HIGH |
| Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083. | |||||
| CVE-2014-7849 | 1 Redhat | 1 Jboss Enterprise Application Platform | 2025-04-12 | 4.0 MEDIUM | N/A |
| The Role Based Access Control (RBAC) implementation in JBoss Enterprise Application Platform (EAP) 6.2.0 through 6.3.2 does not properly verify authorization conditions, which allows remote authenticated users to add, modify, and undefine otherwise restricted attributes by leveraging the Maintainer role. | |||||
| CVE-2015-3041 | 7 Adobe, Apple, Linux and 4 more | 11 Flash Player, Mac Os X, Linux Kernel and 8 more | 2025-04-12 | 10.0 HIGH | N/A |
| Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0347, CVE-2015-0350, CVE-2015-0352, CVE-2015-0353, CVE-2015-0354, CVE-2015-0355, CVE-2015-0360, CVE-2015-3038, CVE-2015-3042, and CVE-2015-3043. | |||||
| CVE-2015-3244 | 1 Redhat | 1 Jboss Enterprise Portal Platform | 2025-04-12 | 4.9 MEDIUM | N/A |
| The Portlet Bridge for JavaServer Faces in Red Hat JBoss Portal 6.2.0, when used in portlets with the default resource serving for GenericPortlet, does not properly restrict access to restricted resources, which allows remote attackers to obtain sensitive information via a URL with a modified resource ID. | |||||
| CVE-2016-1660 | 3 Google, Opensuse, Redhat | 6 Chrome, Opensuse, Enterprise Linux Desktop Supplementary and 3 more | 2025-04-12 | 6.8 MEDIUM | 8.8 HIGH |
| Blink, as used in Google Chrome before 50.0.2661.94, mishandles assertions in the WTF::BitArray and WTF::double_conversion::Vector classes, which allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted web site. | |||||
| CVE-2013-6493 | 1 Redhat | 1 Icedtea-web | 2025-04-12 | 2.1 LOW | N/A |
| The LiveConnect implementation in plugin/icedteanp/IcedTeaNPPlugin.cc in IcedTea-Web before 1.4.2 allows local users to read the messages between a Java applet and a web browser by pre-creating a temporary socket file with a predictable name in /tmp. | |||||