Filtered by vendor Redhat
Subscriptions
Filtered by product Rhel Software Collections
Subscriptions
Total
1793 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2014-3482 | 2 Redhat, Rubyonrails | 3 Rhel Software Collections, Rails, Ruby On Rails | 2024-08-06 | N/A |
SQL injection vulnerability in activerecord/lib/active_record/connection_adapters/postgresql_adapter.rb in the PostgreSQL adapter for Active Record in Ruby on Rails 2.x and 3.x before 3.2.19 allows remote attackers to execute arbitrary SQL commands by leveraging improper bitstring quoting. | ||||
CVE-2014-3478 | 3 Christos Zoulas, Php, Redhat | 4 File, Php, Enterprise Linux and 1 more | 2024-08-06 | N/A |
Buffer overflow in the mconvert function in softmagic.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service (application crash) via a crafted Pascal string in a FILE_PSTRING conversion. | ||||
CVE-2014-2669 | 2 Postgresql, Redhat | 3 Postgresql, Cloudforms Managementengine, Rhel Software Collections | 2024-08-06 | N/A |
Multiple integer overflows in contrib/hstore/hstore_io.c in PostgreSQL 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to have unspecified impact via vectors related to the (1) hstore_recv, (2) hstore_from_arrays, and (3) hstore_from_array functions in contrib/hstore/hstore_io.c; and the (4) hstoreArrayToPairs function in contrib/hstore/hstore_op.c, which triggers a buffer overflow. NOTE: this issue was SPLIT from CVE-2014-0064 because it has a different set of affected versions. | ||||
CVE-2014-2494 | 5 Debian, Mariadb, Oracle and 2 more | 10 Debian Linux, Mariadb, Mysql and 7 more | 2024-08-06 | N/A |
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier allows remote authenticated users to affect availability via vectors related to ENARC. | ||||
CVE-2014-2525 | 3 Opensuse, Pyyaml, Redhat | 6 Leap, Opensuse, Libyaml and 3 more | 2024-08-06 | N/A |
Heap-based buffer overflow in the yaml_parser_scan_uri_escapes function in LibYAML before 0.1.6 allows context-dependent attackers to execute arbitrary code via a long sequence of percent-encoded characters in a URI in a YAML file. | ||||
CVE-2014-2497 | 6 Canonical, Debian, Oracle and 3 more | 14 Ubuntu Linux, Debian Linux, Solaris and 11 more | 2024-08-06 | N/A |
The gdImageCreateFromXpm function in gdxpm.c in libgd, as used in PHP 5.4.26 and earlier, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted color table in an XPM file. | ||||
CVE-2014-2430 | 3 Mariadb, Oracle, Redhat | 11 Mariadb, Mysql, Solaris and 8 more | 2024-08-06 | N/A |
Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect availability via unknown vectors related to Performance Schema. | ||||
CVE-2014-2438 | 3 Mariadb, Oracle, Redhat | 10 Mariadb, Mysql, Enterprise Linux and 7 more | 2024-08-06 | N/A |
Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Replication. | ||||
CVE-2014-2436 | 3 Mariadb, Oracle, Redhat | 11 Mariadb, Mysql, Solaris and 8 more | 2024-08-06 | N/A |
Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to RBR. | ||||
CVE-2014-2431 | 3 Mariadb, Oracle, Redhat | 11 Mariadb, Mysql, Solaris and 8 more | 2024-08-06 | N/A |
Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote attackers to affect availability via unknown vectors related to Options. | ||||
CVE-2014-2432 | 3 Mariadb, Oracle, Redhat | 11 Mariadb, Mysql, Solaris and 8 more | 2024-08-06 | N/A |
Unspecified vulnerability Oracle the MySQL Server component 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Federated. | ||||
CVE-2014-2419 | 3 Mariadb, Oracle, Redhat | 11 Mariadb, Mysql, Solaris and 8 more | 2024-08-06 | N/A |
Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition. | ||||
CVE-2014-2270 | 6 Canonical, Debian, File Project and 3 more | 7 Ubuntu Linux, Debian Linux, File and 4 more | 2024-08-06 | N/A |
softmagic.c in file before 5.17 and libmagic allows context-dependent attackers to cause a denial of service (out-of-bounds memory access and crash) via crafted offsets in the softmagic of a PE executable. | ||||
CVE-2014-1912 | 3 Apple, Python, Redhat | 4 Mac Os X, Python, Enterprise Linux and 1 more | 2024-08-06 | N/A |
Buffer overflow in the socket.recvfrom_into function in Modules/socketmodule.c in Python 2.5 before 2.7.7, 3.x before 3.3.4, and 3.4.x before 3.4rc1 allows remote attackers to execute arbitrary code via a crafted string. | ||||
CVE-2014-1943 | 5 Canonical, Debian, Fine Free File Project and 2 more | 6 Ubuntu Linux, Debian Linux, Fine Free File and 3 more | 2024-08-06 | N/A |
Fine Free file before 5.17 allows context-dependent attackers to cause a denial of service (infinite recursion, CPU consumption, and crash) via a crafted indirect offset value in the magic of a file. | ||||
CVE-2014-1704 | 2 Google, Redhat | 5 Chrome, V8, Rhel Software Collections and 2 more | 2024-08-06 | N/A |
Multiple unspecified vulnerabilities in Google V8 before 3.23.17.18, as used in Google Chrome before 33.0.1750.149, allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | ||||
CVE-2014-1402 | 2 Pocoo, Redhat | 3 Jinja2, Enterprise Linux, Rhel Software Collections | 2024-08-06 | N/A |
The default configuration for bccache.FileSystemBytecodeCache in Jinja2 before 2.7.2 does not properly create temporary files, which allows local users to gain privileges via a crafted .cache file with a name starting with __jinja2_ in /tmp. | ||||
CVE-2014-0420 | 5 Canonical, Debian, Mariadb and 2 more | 10 Ubuntu Linux, Debian Linux, Mariadb and 7 more | 2024-08-06 | N/A |
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.34 and earlier, and 5.6.14 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Replication. | ||||
CVE-2014-0437 | 5 Canonical, Debian, Mariadb and 2 more | 12 Ubuntu Linux, Debian Linux, Mariadb and 9 more | 2024-08-06 | N/A |
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer. | ||||
CVE-2014-0402 | 5 Canonical, Debian, Mariadb and 2 more | 12 Ubuntu Linux, Debian Linux, Mariadb and 9 more | 2024-08-06 | N/A |
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier, 5.5.33 and earlier, and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Locking. |