Filtered by vendor Redhat Subscriptions
Filtered by product Enterprise Linux Desktop Subscriptions
Total 1947 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2017-2633 2 Qemu, Redhat 8 Qemu, Enterprise Linux, Enterprise Linux Desktop and 5 more 2024-11-21 N/A
An out-of-bounds memory access issue was found in Quick Emulator (QEMU) before 1.7.2 in the VNC display driver. This flaw could occur while refreshing the VNC display surface area in the 'vnc_refresh_server_surface'. A user inside a guest could use this flaw to crash the QEMU process.
CVE-2017-2628 2 Haxx, Redhat 5 Curl, Enterprise Linux, Enterprise Linux Desktop and 2 more 2024-11-21 N/A
curl, as shipped in Red Hat Enterprise Linux 6 before version 7.19.7-53, did not correctly backport the fix for CVE-2015-3148 because it did not reflect the fact that the HAVE_GSSAPI define was meanwhile substituted by USE_HTTP_NEGOTIATE. This issue was introduced in RHEL 6.7 and affects RHEL 6 curl only.
CVE-2017-2626 2 Freedesktop, Redhat 7 Libice, Enterprise Linux, Enterprise Linux Desktop and 4 more 2024-11-21 N/A
It was discovered that libICE before 1.0.9-8 used a weak entropy to generate keys. A local attacker could potentially use this flaw for session hijacking using the information available from the process list.
CVE-2017-2625 2 Redhat, X.org 7 Enterprise Linux, Enterprise Linux Desktop, Enterprise Linux Server and 4 more 2024-11-21 N/A
It was discovered that libXdmcp before 1.1.2 including used weak entropy to generate session keys. On a multi-user system using xdmcp, a local attacker could potentially use information available from the process list to brute force the key, allowing them to hijack other users' sessions.
CVE-2017-2620 5 Citrix, Debian, Qemu and 2 more 12 Xenserver, Debian Linux, Qemu and 9 more 2024-11-21 N/A
Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. The issue could occur while copying VGA data in cirrus_bitblt_cputovideo. A privileged user inside guest could use this flaw to crash the QEMU process OR potentially execute arbitrary code on host with privileges of the QEMU process.
CVE-2017-2618 3 Debian, Linux, Redhat 10 Debian Linux, Linux Kernel, Enterprise Linux and 7 more 2024-11-21 N/A
A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr files before 4.9.10. An empty (null) write to this file can crash the system by causing the system to attempt to access unmapped kernel memory.
CVE-2017-2616 3 Debian, Redhat, Util-linux Project 8 Debian Linux, Enterprise Linux, Enterprise Linux Desktop and 5 more 2024-11-21 N/A
A race condition was found in util-linux before 2.32.1 in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions.
CVE-2017-2615 5 Citrix, Debian, Qemu and 2 more 12 Xenserver, Debian Linux, Qemu and 9 more 2024-11-21 N/A
Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue. It could occur while copying VGA data via bitblt copy in backward mode. A privileged user inside a guest could use this flaw to crash the QEMU process resulting in DoS or potentially execute arbitrary code on the host with privileges of QEMU process on the host.
CVE-2017-2590 2 Freeipa, Redhat 7 Freeipa, Enterprise Linux, Enterprise Linux Desktop and 4 more 2024-11-21 N/A
A vulnerability was found in ipa before 4.4. IdM's ca-del, ca-disable, and ca-enable commands did not properly check the user's permissions while modifying CAs in Dogtag. An authenticated, unauthorized attacker could use this flaw to delete, disable, or enable CAs causing various denial of service problems with certificate issuance, OCSP signing, and deletion of secret keys.
CVE-2017-18344 3 Canonical, Linux, Redhat 16 Ubuntu Linux, Linux Kernel, Enterprise Linux and 13 more 2024-11-21 N/A
The timer_create syscall implementation in kernel/time/posix-timers.c in the Linux kernel before 4.14.8 doesn't properly validate the sigevent->sigev_notify field, which leads to out-of-bounds access in the show_timer function (called when /proc/$PID/timers is read). This allows userspace applications to read arbitrary kernel memory (on a kernel built with CONFIG_POSIX_TIMERS and CONFIG_CHECKPOINT_RESTORE).
CVE-2017-18267 4 Canonical, Debian, Freedesktop and 1 more 8 Ubuntu Linux, Debian Linux, Poppler and 5 more 2024-11-21 N/A
The FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc in Poppler through 0.64.0 allows remote attackers to cause a denial of service (infinite recursion) via a crafted PDF file, as demonstrated by pdftops.
CVE-2017-18017 9 Arista, Canonical, Debian and 6 more 33 Eos, Ubuntu Linux, Debian Linux and 30 more 2024-11-21 9.8 Critical
The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action.
CVE-2017-17833 5 Canonical, Debian, Lenovo and 2 more 62 Ubuntu Linux, Debian Linux, Bm Nextscale Fan Power Controller and 59 more 2024-11-21 N/A
OpenSLP releases in the 1.0.2 and 1.1.0 code streams have a heap-related memory corruption issue which may manifest itself as a denial-of-service or a remote code-execution vulnerability.
CVE-2017-17405 3 Debian, Redhat, Ruby-lang 13 Debian Linux, Enterprise Linux, Enterprise Linux Desktop and 10 more 2024-11-21 N/A
Ruby before 2.4.3 allows Net::FTP command injection. Net::FTP#get, getbinaryfile, gettextfile, put, putbinaryfile, and puttextfile use Kernel#open to open a local file. If the localfile argument starts with the "|" pipe character, the command following the pipe character is executed. The default value of localfile is File.basename(remotefile), so malicious FTP servers could cause arbitrary command execution.
CVE-2017-16997 2 Gnu, Redhat 5 Glibc, Enterprise Linux, Enterprise Linux Desktop and 2 more 2024-11-21 N/A
elf/dl-load.c in the GNU C Library (aka glibc or libc6) 2.19 through 2.26 mishandles RPATH and RUNPATH containing $ORIGIN for a privileged (setuid or AT_SECURE) program, which allows local users to gain privileges via a Trojan horse library in the current working directory, related to the fillin_rpath and decompose_rpath functions. This is associated with misinterpretion of an empty RPATH/RUNPATH token as the "./" directory. NOTE: this configuration of RPATH/RUNPATH for a privileged program is apparently very uncommon; most likely, no such program is shipped with any common Linux distribution.
CVE-2017-16541 5 Apple, Debian, Linux and 2 more 11 Macos, Debian Linux, Linux Kernel and 8 more 2024-11-21 6.5 Medium
Tor Browser before 7.0.9 on macOS and Linux allows remote attackers to bypass the intended anonymity feature and discover a client IP address via vectors involving a crafted web site that leverages file:// mishandling in Firefox, aka TorMoil. NOTE: Tails is unaffected.
CVE-2017-15906 5 Debian, Netapp, Openbsd and 2 more 23 Debian Linux, Active Iq Unified Manager, Cloud Backup and 20 more 2024-11-21 5.3 Medium
The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.
CVE-2017-15705 4 Apache, Canonical, Debian and 1 more 8 Spamassassin, Ubuntu Linux, Debian Linux and 5 more 2024-11-21 N/A
A denial of service vulnerability was identified that exists in Apache SpamAssassin before 3.4.2. The vulnerability arises with certain unclosed tags in emails that cause markup to be handled incorrectly leading to scan timeouts. In Apache SpamAssassin, using HTML::Parser, we setup an object and hook into the begin and end tag event handlers In both cases, the "open" event is immediately followed by a "close" event - even if the tag *does not* close in the HTML being parsed. Because of this, we are missing the "text" event to deal with the object normally. This can cause carefully crafted emails that might take more scan time than expected leading to a Denial of Service. The issue is possibly a bug or design decision in HTML::Parser that specifically impacts the way Apache SpamAssassin uses the module with poorly formed html. The exploit has been seen in the wild but not believed to have been purposefully part of a Denial of Service attempt. We are concerned that there may be attempts to abuse the vulnerability in the future.
CVE-2017-15429 3 Debian, Google, Redhat 6 Debian Linux, Chrome, Enterprise Linux Desktop and 3 more 2024-11-21 N/A
Inappropriate implementation in V8 WebAssembly JS bindings in Google Chrome prior to 63.0.3239.108 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page.
CVE-2017-15427 3 Debian, Google, Redhat 6 Debian Linux, Chrome, Enterprise Linux Desktop and 3 more 2024-11-21 N/A
Insufficient policy enforcement in Omnibox in Google Chrome prior to 63.0.3239.84 allowed a socially engineered user to XSS themselves by dragging and dropping a javascript: URL into the URL bar.