Filtered by vendor Redhat Subscriptions
Filtered by product Enterprise Linux Desktop Subscriptions
Total 1947 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2012-1972 6 Canonical, Debian, Mozilla and 3 more 16 Ubuntu Linux, Debian Linux, Firefox and 13 more 2024-11-21 N/A
Use-after-free vulnerability in the nsHTMLEditor::CollapseAdjacentTextNodes function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CVE-2012-1970 6 Canonical, Debian, Mozilla and 3 more 16 Ubuntu Linux, Debian Linux, Firefox and 13 more 2024-11-21 N/A
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVE-2012-1938 4 Mozilla, Opensuse, Redhat and 1 more 14 Firefox, Seamonkey, Thunderbird and 11 more 2024-11-21 N/A
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 13.0, Thunderbird before 13.0, and SeaMonkey before 2.10 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) methodjit/ImmutableSync.cpp, (2) the JSObject::makeDenseArraySlow function in js/src/jsarray.cpp, and unknown other components.
CVE-2012-1823 8 Apple, Debian, Fedoraproject and 5 more 20 Mac Os X, Debian Linux, Fedora and 17 more 2024-11-21 9.8 Critical
sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'd' case.
CVE-2012-1798 4 Debian, Imagemagick, Opensuse and 1 more 11 Debian Linux, Imagemagick, Opensuse and 8 more 2024-11-21 6.5 Medium
The TIFFGetEXIFProperties function in coders/tiff.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted EXIF IFD in a TIFF image.
CVE-2012-1734 3 Mariadb, Oracle, Redhat 7 Mariadb, Mysql, Enterprise Linux and 4 more 2024-11-21 N/A
Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier, and 5.5.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
CVE-2012-1723 2 Oracle, Redhat 10 Jdk, Jre, Enterprise Linux and 7 more 2024-11-21 9.8 Critical
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
CVE-2012-1717 5 Linux, Oracle, Redhat and 2 more 23 Linux Kernel, Jdk, Jre and 20 more 2024-11-21 N/A
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows local users to affect confidentiality via unknown vectors related to printing on Solaris or Linux.
CVE-2012-1705 4 Canonical, Mariadb, Oracle and 1 more 8 Ubuntu Linux, Mariadb, Mysql and 5 more 2024-11-21 N/A
Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
CVE-2012-1703 3 Mariadb, Oracle, Redhat 8 Mariadb, Mysql, Enterprise Linux and 5 more 2024-11-21 N/A
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer, a different vulnerability than CVE-2012-1690.
CVE-2012-1702 4 Canonical, Mariadb, Oracle and 1 more 8 Ubuntu Linux, Mariadb, Mysql and 5 more 2024-11-21 N/A
Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote attackers to affect availability via unknown vectors.
CVE-2012-1690 3 Mariadb, Oracle, Redhat 7 Mariadb, Mysql, Enterprise Linux and 4 more 2024-11-21 N/A
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer, a different vulnerability than CVE-2012-1703.
CVE-2012-1689 3 Mariadb, Oracle, Redhat 7 Mariadb, Mysql, Enterprise Linux and 4 more 2024-11-21 N/A
Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier, and 5.5.22 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
CVE-2012-1688 3 Mariadb, Oracle, Redhat 7 Mariadb, Mysql, Enterprise Linux and 4 more 2024-11-21 N/A
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability, related to Server DML.
CVE-2012-1535 7 Adobe, Apple, Linux and 4 more 10 Flash Player, Mac Os X, Linux Kernel and 7 more 2024-11-21 7.8 High
Unspecified vulnerability in Adobe Flash Player before 11.3.300.271 on Windows and Mac OS X and before 11.2.202.238 on Linux allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted SWF content, as exploited in the wild in August 2012 with SWF content in a Word document.
CVE-2012-1149 5 Apache, Debian, Fedoraproject and 2 more 10 Openoffice.org, Debian Linux, Fedora and 7 more 2024-11-21 N/A
Integer overflow in the vclmi.dll module in OpenOffice.org (OOo) 3.3, 3.4 Beta, and possibly earlier, and LibreOffice before 3.5.3, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted embedded image object, as demonstrated by a JPEG image in a .DOC file, which triggers a heap-based buffer overflow.
CVE-2012-0876 6 Canonical, Debian, Libexpat Project and 3 more 15 Ubuntu Linux, Debian Linux, Libexpat and 12 more 2024-11-21 N/A
The XML parser (xmlparse.c) in expat before 2.1.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via an XML file with many identifiers with the same value.
CVE-2012-0867 4 Debian, Opensuse Project, Postgresql and 1 more 11 Debian Linux, Opensuse, Postgresql and 8 more 2024-11-21 N/A
PostgreSQL 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 truncates the common name to only 32 characters when verifying SSL certificates, which allows remote attackers to spoof connections when the host name is exactly 32 characters.
CVE-2012-0574 4 Canonical, Mariadb, Oracle and 1 more 8 Ubuntu Linux, Mariadb, Mysql and 5 more 2024-11-21 N/A
Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote authenticated users to affect availability via unknown vectors.
CVE-2012-0572 4 Canonical, Mariadb, Oracle and 1 more 8 Ubuntu Linux, Mariadb, Mysql and 5 more 2024-11-21 N/A
Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.