Filtered by vendor Redhat Subscriptions
Filtered by product Ansible Tower Subscriptions
Total 130 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2018-14681 5 Cabextract, Cabextract Project, Canonical and 2 more 9 Libmspack, Cabextract, Ubuntu Linux and 6 more 2024-08-05 N/A
An issue was discovered in kwajd_read_headers in mspack/kwajd.c in libmspack before 0.7alpha. Bad KWAJ file header extensions could cause a one or two byte overwrite.
CVE-2018-14647 6 Canonical, Debian, Fedoraproject and 3 more 15 Ubuntu Linux, Debian Linux, Fedora and 12 more 2024-08-05 7.5 High
Python's elementtree C accelerator failed to initialise Expat's hash salt during initialization. This could make it easy to conduct denial of service attacks against Expat by constructing an XML document that would cause pathological hash collisions in Expat's internal data structures, consuming large amounts CPU and RAM. The vulnerability exists in Python versions 3.7.0, 3.6.0 through 3.6.6, 3.5.0 through 3.5.6, 3.4.0 through 3.4.9, 2.7.0 through 2.7.15.
CVE-2018-14682 5 Cabextract, Cabextract Project, Canonical and 2 more 9 Libmspack, Cabextract, Ubuntu Linux and 6 more 2024-08-05 N/A
An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the TOLOWER() macro for CHM decompression.
CVE-2018-14618 4 Canonical, Debian, Haxx and 1 more 6 Ubuntu Linux, Debian Linux, Libcurl and 3 more 2024-08-05 N/A
curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curl_ntlm_core_mk_nt_hash multiplies the length of the password by two (SUM) to figure out how large temporary storage area to allocate from the heap. The length value is then subsequently used to iterate over the password and generate output into the allocated storage buffer. On systems with a 32 bit size_t, the math to calculate SUM triggers an integer overflow when the password length exceeds 2GB (2^31 bytes). This integer overflow usually causes a very small buffer to actually get allocated instead of the intended very huge one, making the use of that buffer end up in a heap buffer overflow. (This bug is almost identical to CVE-2017-8816.)
CVE-2018-14567 4 Canonical, Debian, Redhat and 1 more 5 Ubuntu Linux, Debian Linux, Ansible Tower and 2 more 2024-08-05 N/A
libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251.
CVE-2018-14404 4 Canonical, Debian, Redhat and 1 more 6 Ubuntu Linux, Debian Linux, Ansible Tower and 3 more 2024-08-05 N/A
A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case. Applications processing untrusted XSL format inputs with the use of the libxml2 library may be vulnerable to a denial of service attack due to a crash of the application.
CVE-2018-13988 4 Canonical, Debian, Freedesktop and 1 more 9 Ubuntu Linux, Debian Linux, Poppler and 6 more 2024-08-05 N/A
Poppler through 0.62 contains an out of bounds read vulnerability due to an incorrect memory access that is not mapped in its memory space, as demonstrated by pdfunite. This can result in memory corruption and denial of service. This may be exploitable when a victim opens a specially crafted PDF file.
CVE-2018-12910 5 Canonical, Debian, Gnome and 2 more 10 Ubuntu Linux, Debian Linux, Libsoup and 7 more 2024-08-05 N/A
The get_cookies function in soup-cookie-jar.c in libsoup 2.63.2 allows attackers to have unspecified impact via an empty hostname.
CVE-2018-12697 3 Canonical, Gnu, Redhat 4 Ubuntu Linux, Binutils, Ansible Tower and 1 more 2024-08-05 N/A
A NULL pointer dereference (aka SEGV on unknown address 0x000000000000) was discovered in work_stuff_copy_to_from in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. This can occur during execution of objdump.
CVE-2018-12641 2 Gnu, Redhat 3 Binutils, Ansible Tower, Enterprise Linux 2024-08-05 N/A
An issue was discovered in arm_pt in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangle_arm_hp_template, demangle_class_name, demangle_fund_type, do_type, do_arg, demangle_args, and demangle_nested_args. This can occur during execution of nm-new.
CVE-2018-12404 2 Mozilla, Redhat 3 Network Security Services, Ansible Tower, Enterprise Linux 2024-08-05 N/A
A cached side channel attack during handshakes using RSA encryption could allow for the decryption of encrypted content. This is a variant of the Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) and affects all NSS versions prior to NSS 3.41.
CVE-2018-10884 1 Redhat 1 Ansible Tower 2024-08-05 N/A
Ansible Tower before versions 3.1.8 and 3.2.6 is vulnerable to cross-site request forgery (CSRF) in awx/api/authentication.py. An attacker could exploit this by tricking already authenticated users into visiting a malicious site and hijacking the authtoken cookie.
CVE-2018-10768 4 Canonical, Debian, Freedesktop and 1 more 8 Ubuntu Linux, Debian Linux, Poppler and 5 more 2024-08-05 N/A
There is a NULL pointer dereference in the AnnotPath::getCoordsLength function in Annot.h in an Ubuntu package for Poppler 0.24.5. A crafted input will lead to a remote denial of service attack. Later Ubuntu packages such as for Poppler 0.41.0 are not affected.
CVE-2018-10767 2 Gnome, Redhat 6 Libgxps, Ansible Tower, Enterprise Linux and 3 more 2024-08-05 N/A
There is a stack-based buffer over-read in calling GLib in the function gxps_images_guess_content_type of gxps-images.c in libgxps through 0.3.0 because it does not reject negative return values from a g_input_stream_read call. A crafted input will lead to a remote denial of service attack.
CVE-2018-10733 3 Gnome, Opensuse, Redhat 7 Libgxps, Leap, Ansible Tower and 4 more 2024-08-05 N/A
There is a heap-based buffer over-read in the function ft_font_face_hash of gxps-fonts.c in libgxps through 0.3.0. A crafted input will lead to a remote denial of service attack.
CVE-2018-10360 4 Canonical, File Project, Opensuse and 1 more 9 Ubuntu Linux, File, Leap and 6 more 2024-08-05 N/A
The do_core_note function in readelf.c in libmagic.a in file 5.33 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file.
CVE-2018-5818 3 Debian, Libraw, Redhat 4 Debian Linux, Libraw, Ansible Tower and 1 more 2024-08-05 N/A
An error within the "parse_rollei()" function (internal/dcraw_common.cpp) within LibRaw versions prior to 0.19.1 can be exploited to trigger an infinite loop.
CVE-2018-1122 4 Canonical, Debian, Procps-ng Project and 1 more 9 Ubuntu Linux, Debian Linux, Procps-ng and 6 more 2024-08-05 N/A
procps-ng before version 3.3.15 is vulnerable to a local privilege escalation in top. If a user runs top with HOME unset in an attacker-controlled directory, the attacker could achieve privilege escalation by exploiting one of several vulnerabilities in the config_file() function.
CVE-2018-1061 5 Canonical, Debian, Fedoraproject and 2 more 14 Ubuntu Linux, Debian Linux, Fedora and 11 more 2024-08-05 N/A
python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in the difflib.IS_LINE_JUNK method. An attacker could use this flaw to cause denial of service.
CVE-2018-1060 5 Canonical, Debian, Fedoraproject and 2 more 14 Ubuntu Linux, Debian Linux, Fedora and 11 more 2024-08-05 7.5 High
python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in pop3lib's apop() method. An attacker could use this flaw to cause denial of service.