Filtered by vendor Redhat Subscriptions
Filtered by product Ansible Tower Subscriptions
Total 130 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2018-1000876 3 Canonical, Gnu, Redhat 7 Ubuntu Linux, Binutils, Ansible Tower and 4 more 2024-08-05 7.8 High
binutils version 2.32 and earlier contains a Integer Overflow vulnerability in objdump, bfd_get_dynamic_reloc_upper_bound,bfd_canonicalize_dynamic_reloc that can result in Integer overflow trigger heap overflow. Successful exploitation allows execution of arbitrary code.. This attack appear to be exploitable via Local. This vulnerability appears to have been fixed in after commit 3a551c7a1b80fca579461774860574eabfd7f18f.
CVE-2018-1000805 4 Canonical, Debian, Paramiko and 1 more 15 Ubuntu Linux, Debian Linux, Paramiko and 12 more 2024-08-05 8.8 High
Paramiko version 2.4.1, 2.3.2, 2.2.3, 2.1.5, 2.0.8, 1.18.5, 1.17.6 contains a Incorrect Access Control vulnerability in SSH server that can result in RCE. This attack appear to be exploitable via network connectivity.
CVE-2018-20852 2 Python, Redhat 4 Python, Ansible Tower, Enterprise Linux and 1 more 2024-08-05 N/A
http.cookiejar.DefaultPolicy.domain_return_ok in Lib/http/cookiejar.py in Python before 3.7.3 does not correctly validate the domain: it can be tricked into sending existing cookies to the wrong server. An attacker may abuse this flaw by using a server with a hostname that has another valid hostname as a suffix (e.g., pythonicexample.com to steal cookies for example.com). When a program uses http.cookiejar.DefaultPolicy and tries to do an HTTP connection to an attacker-controlled server, existing cookies can be leaked to the attacker. This affects 2.x through 2.7.16, 3.x before 3.4.10, 3.5.x before 3.5.7, 3.6.x before 3.6.9, and 3.7.x before 3.7.3.
CVE-2018-20217 3 Debian, Mit, Redhat 4 Debian Linux, Kerberos, Ansible Tower and 1 more 2024-08-05 5.3 Medium
A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 (aka krb5) before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type (single-DES, triple-DES, or RC4), the attacker can crash the KDC by making an S4U2Self request.
CVE-2018-20060 3 Fedoraproject, Python, Redhat 4 Fedora, Urllib3, Ansible Tower and 1 more 2024-08-05 N/A
urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme). This can allow for credentials in the Authorization header to be exposed to unintended hosts or transmitted in cleartext.
CVE-2018-18521 5 Canonical, Debian, Elfutils Project and 2 more 9 Ubuntu Linux, Debian Linux, Elfutils and 6 more 2024-08-05 5.5 Medium
Divide-by-zero vulnerabilities in the function arlib_add_symbols() in arlib.c in elfutils 0.174 allow remote attackers to cause a denial of service (application crash) with a crafted ELF file, as demonstrated by eu-ranlib, because a zero sh_entsize is mishandled.
CVE-2018-18520 5 Canonical, Debian, Elfutils Project and 2 more 9 Ubuntu Linux, Debian Linux, Elfutils and 6 more 2024-08-05 6.5 Medium
An Invalid Memory Address Dereference exists in the function elf_end in libelf in elfutils through v0.174. Although eu-size is intended to support ar files inside ar files, handle_ar in size.c closes the outer ar file before handling all inner entries. The vulnerability allows attackers to cause a denial of service (application crash) with a crafted ELF file.
CVE-2018-18310 5 Canonical, Debian, Elfutils Project and 2 more 9 Ubuntu Linux, Debian Linux, Elfutils and 6 more 2024-08-05 5.5 Medium
An invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl in elfutils through v0.174. The vulnerability allows attackers to cause a denial of service (application crash) with a crafted ELF file, as demonstrated by consider_notes.
CVE-2018-18074 4 Canonical, Opensuse, Python and 1 more 8 Ubuntu Linux, Leap, Requests and 5 more 2024-08-05 7.5 High
The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing the network.
CVE-2018-17456 4 Canonical, Debian, Git-scm and 1 more 12 Ubuntu Linux, Debian Linux, Git and 9 more 2024-08-05 N/A
Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x before 2.19.1 allows remote code execution during processing of a recursive "git clone" of a superproject if a .gitmodules file has a URL field beginning with a '-' character.
CVE-2018-16888 4 Canonical, Netapp, Redhat and 1 more 6 Ubuntu Linux, Active Iq Performance Analytics Services, Element Software and 3 more 2024-08-05 4.7 Medium
It was discovered systemd does not correctly check the content of PIDFile files before using it to kill processes. When a service is run from an unprivileged user (e.g. User field set in the service file), a local attacker who is able to write to the PIDFile of the mentioned service may use this flaw to trick systemd into killing other services and/or privileged processes. Versions before v237 are vulnerable.
CVE-2018-16879 1 Redhat 1 Ansible Tower 2024-08-05 9.8 Critical
Ansible Tower before version 3.3.3 does not set a secure channel as it is using the default insecure configuration channel settings for messaging celery workers from RabbitMQ. This could lead in data leak of sensitive information such as passwords as well as denial of service attacks by deleting projects or inventory files.
CVE-2018-16842 4 Canonical, Debian, Haxx and 1 more 6 Ubuntu Linux, Debian Linux, Curl and 3 more 2024-08-05 N/A
Curl versions 7.14.1 through 7.61.1 are vulnerable to a heap-based buffer over-read in the tool_msgs.c:voutf() function that may result in information exposure and denial of service.
CVE-2018-16866 5 Canonical, Debian, Netapp and 2 more 26 Ubuntu Linux, Debian Linux, Active Iq Performance Analytics Services and 23 more 2024-08-05 3.3 Low
An out of bounds read was discovered in systemd-journald in the way it parses log messages that terminate with a colon ':'. A local attacker can use this flaw to disclose process memory data. Versions from v221 to v239 are vulnerable.
CVE-2018-16837 3 Debian, Redhat, Suse 6 Debian Linux, Ansible Engine, Ansible Tower and 3 more 2024-08-05 N/A
Ansible "User" module leaks any data which is passed on as a parameter to ssh-keygen. This could lean in undesirable situations such as passphrases credentials passed as a parameter for the ssh-keygen executable. Showing those credentials in clear text form for every user which have access just to the process list.
CVE-2018-16403 2 Elfutils Project, Redhat 3 Elfutils, Ansible Tower, Enterprise Linux 2024-08-05 N/A
libdw in elfutils 0.173 checks the end of the attributes list incorrectly in dwarf_getabbrev in dwarf_getabbrev.c and dwarf_hasattr in dwarf_hasattr.c, leading to a heap-based buffer over-read and an application crash.
CVE-2018-16402 5 Canonical, Debian, Elfutils Project and 2 more 10 Ubuntu Linux, Debian Linux, Elfutils and 7 more 2024-08-05 9.8 Critical
libelf/elf_end.c in elfutils 0.173 allows remote attackers to cause a denial of service (double free and application crash) or possibly have unspecified other impact because it tries to decompress twice.
CVE-2018-16062 5 Canonical, Debian, Elfutils Project and 2 more 9 Ubuntu Linux, Debian Linux, Elfutils and 6 more 2024-08-05 5.5 Medium
dwarf_getaranges in dwarf_getaranges.c in libdw in elfutils before 2018-08-18 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file.
CVE-2018-14679 5 Cabextract, Cabextract Project, Canonical and 2 more 9 Libmspack, Cabextract, Ubuntu Linux and 6 more 2024-08-05 N/A
An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the CHM PMGI/PMGL chunk number validity checks, which could lead to denial of service (uninitialized data dereference and application crash).
CVE-2018-14680 5 Cabextract, Cabextract Project, Canonical and 2 more 9 Libmspack, Cabextract, Ubuntu Linux and 6 more 2024-08-05 N/A
An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. It does not reject blank CHM filenames.