This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Redhat First view 2010-11-16
Product Enterprise Linux Server Eus Last view 2022-08-22
Version Type
Update  
Edition  
Language  
Sofware Edition  
Target Software  
Target Hardware  
Other  

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name Affected CVE
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:* 347
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:* 278
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:* 258
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:* 174
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:* 84
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:* 58
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:*:*:*:*:*:*:* 47
cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5:*:*:*:*:*:*:* 33
cpe:2.3:o:redhat:enterprise_linux_server_eus:6.3:*:*:*:*:*:*:* 21
cpe:2.3:o:redhat:enterprise_linux_server_eus:6.7:*:*:*:*:*:*:* 21
cpe:2.3:o:redhat:enterprise_linux_server_eus:6.6.z:*:*:*:*:*:*:* 16
cpe:2.3:o:redhat:enterprise_linux_server_eus:6.6:*:*:*:*:*:*:* 12
cpe:2.3:o:redhat:enterprise_linux_server_eus:6.7.z:*:*:*:*:*:*:* 10
cpe:2.3:o:redhat:enterprise_linux_server_eus:8.1:*:*:*:*:*:*:* 7
cpe:2.3:o:redhat:enterprise_linux_server_eus:6.2:*:*:*:*:*:*:* 6
cpe:2.3:o:redhat:enterprise_linux_server_eus:6.2.z:*:*:*:*:*:*:* 3
cpe:2.3:o:redhat:enterprise_linux_server_eus:5.6:*:*:*:*:*:*:* 3
cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5.z:*:*:*:*:*:*:* 2
cpe:2.3:o:redhat:enterprise_linux_server_eus:6.4.z:*:*:*:*:*:*:* 2
cpe:2.3:o:redhat:enterprise_linux_server_eus:6.4:*:*:*:*:*:*:* 2
cpe:2.3:o:redhat:enterprise_linux_server_eus:8.4:*:*:*:*:*:*:* 2
cpe:2.3:o:redhat:enterprise_linux_server_eus:8.6:*:*:*:*:*:*:* 2
cpe:2.3:o:redhat:enterprise_linux_server_eus:6.1.z:*:*:*:*:*:*:* 1
cpe:2.3:o:redhat:enterprise_linux_server_eus:6.3.z:*:*:*:*:*:*:* 1
cpe:2.3:o:redhat:enterprise_linux_server_eus:6.6z:*:*:*:*:*:*:* 1

Related : CVE

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
5.5 2022-08-22 CVE-2021-3659

A NULL pointer dereference flaw was found in the Linux kernel’s IEEE 802.15.4 wireless networking subsystem in the way the user closes the LR-WPAN connection. This flaw allows a local user to crash the system. The highest threat from this vulnerability is to system availability.

5.5 2022-03-04 CVE-2021-3744

A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption). This vulnerability is similar with the older CVE-2019-18808.

7.8 2022-01-28 CVE-2021-4034

A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.

8.2 2021-03-03 CVE-2021-20233

A flaw was found in grub2 in versions prior to 2.06. Setparam_prefix() in the menu rendering code performs a length calculation on the assumption that expressing a quoted single quote will require 3 characters, while it actually requires 4 characters which allows an attacker to corrupt memory by one byte for each quote in the input. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

6.7 2021-03-03 CVE-2021-20225

A flaw was found in grub2 in versions prior to 2.06. The option parser allows an attacker to write past the end of a heap-allocated buffer by calling certain commands with a large number of specific short forms of options. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

7.5 2021-03-03 CVE-2020-27779

A flaw was found in grub2 in versions prior to 2.06. The cutmem command does not honor secure boot locking allowing an privileged attacker to remove address ranges from memory creating an opportunity to circumvent SecureBoot protections after proper triage about grub's memory layout. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

6.7 2021-03-03 CVE-2020-27749

A flaw was found in grub2 in versions prior to 2.06. Variable names present are expanded in the supplied command line into their corresponding variable contents, using a 1kB stack buffer for temporary storage, without sufficient bounds checking. If the function is called with a command line that references a variable with a sufficiently large payload, it is possible to overflow the stack buffer, corrupt the stack frame and control execution which could also circumvent Secure Boot protections. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

7.6 2021-03-03 CVE-2020-25647

A flaw was found in grub2 in versions prior to 2.06. During USB device initialization, descriptors are read with very little bounds checking and assumes the USB device is providing sane values. If properly exploited, an attacker could trigger memory corruption leading to arbitrary code execution allowing a bypass of the Secure Boot mechanism. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

8.2 2021-03-03 CVE-2020-25632

A flaw was found in grub2 in versions prior to 2.06. The rmmod implementation allows the unloading of a module used as a dependency without checking if any other dependent module is still loaded leading to a use-after-free scenario. This could allow arbitrary code to be executed or a bypass of Secure Boot protections. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

7.5 2021-03-03 CVE-2020-14372

A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table (SSDT) containing code to overwrite the Linux kernel lockdown variable content directly into memory. The table is further loaded and executed by the kernel, defeating its Secure Boot lockdown and allowing the attacker to load unsigned code. The highest threat from this vulnerability is to data confidentiality and integrity, as well as system availability.

8.8 2020-02-08 CVE-2012-4512

The CSS parser (khtml/css/cssparser.cpp) in Konqueror in KDE 4.7.3 allows remote attackers to cause a denial of service (crash) and possibly read memory via a crafted font face source, related to "type confusion."

7.8 2020-01-31 CVE-2014-8141

Heap-based buffer overflow in the getZip64Data function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.

7.8 2020-01-31 CVE-2014-8140

Heap-based buffer overflow in the test_compr_eb function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.

7.8 2020-01-31 CVE-2014-8139

Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.

6.5 2020-01-14 CVE-2015-3147

daemon/abrt-handle-upload.in in Automatic Bug Reporting Tool (ABRT), when moving problem reports from /var/spool/abrt-upload, allows local users to write to arbitrary files or possibly have other unspecified impact via a symlink attack on (1) /var/spool/abrt or (2) /var/tmp/abrt.

7.8 2020-01-14 CVE-2014-7844

BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via a crafted email address.

9.8 2019-12-06 CVE-2019-5544

OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8.

7.8 2019-11-27 CVE-2019-10216

In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges and access files outside of restricted areas.

7.8 2019-11-14 CVE-2019-0155

Insufficient access control in a subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) Atom(R) Processor A and E3900 Series; Intel(R) Xeon(R) Processor E3-1500 v5 and v6, E-2100 and E-2200 Processor Families; Intel(R) Graphics Driver for Windows before 26.20.100.6813 (DCH) or 26.20.100.6812 and before 21.20.x.5077 (aka15.45.5077), i915 Linux Driver for Intel(R) Processor Graphics before versions 5.4-rc7, 5.3.11, 4.19.84, 4.14.154, 4.9.201, 4.4.201 may allow an authenticated user to potentially enable escalation of privilege via local access.

7.8 2019-11-04 CVE-2017-5333

Integer overflow in the extract_group_icon_cursor_resource function in b/wrestool/extract.c in icoutils before 0.31.1 allows local users to cause a denial of service (process crash) or execute arbitrary code via a crafted executable file.

7.8 2019-11-04 CVE-2017-5332

The extract_group_icon_cursor_resource in wrestool/extract.c in icoutils before 0.31.1 can access unallocated memory, which allows local users to cause a denial of service (process crash) and execute arbitrary code via a crafted executable.

9.8 2019-09-06 CVE-2019-14813

A flaw was found in ghostscript, versions 9.x before 9.50, in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.

5.5 2019-09-03 CVE-2019-1125

An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1071, CVE-2019-1073.

7.5 2019-08-02 CVE-2019-10171

It was found that the fix for CVE-2018-14648 in 389-ds-base, versions 1.4.0.x before 1.4.0.17, was incorrectly applied in RHEL 7.5. An attacker would still be able to provoke excessive CPU consumption leading to a denial of service.

7.8 2019-08-02 CVE-2019-10168

The virConnectBaselineHypervisorCPU() and virConnectCompareHypervisorCPU() libvirt APIs, 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accept an "emulator" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe the domain's capabilities. Read-only clients could specify an arbitrary path for this argument, causing libvirtd to execute a crafted executable with its own privileges.

CWE : Common Weakness Enumeration

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
%idName
16% (84) CWE-416 Use After Free
15% (77) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
9% (47) CWE-20 Improper Input Validation
9% (46) CWE-787 Out-of-bounds Write
6% (32) CWE-125 Out-of-bounds Read
5% (29) CWE-200 Information Exposure
4% (23) CWE-190 Integer Overflow or Wraparound
2% (12) CWE-362 Race Condition
1% (8) CWE-704 Incorrect Type Conversion or Cast
1% (7) CWE-400 Uncontrolled Resource Consumption ('Resource Exhaustion')
1% (7) CWE-189 Numeric Errors
1% (7) CWE-94 Failure to Control Generation of Code ('Code Injection')
1% (6) CWE-476 NULL Pointer Dereference
1% (6) CWE-264 Permissions, Privileges, and Access Controls
1% (6) CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path ...
0% (5) CWE-399 Resource Management Errors
0% (5) CWE-346 Origin Validation Error
0% (5) CWE-284 Access Control (Authorization) Issues
0% (5) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
0% (5) CWE-59 Improper Link Resolution Before File Access ('Link Following')
0% (4) CWE-732 Incorrect Permission Assignment for Critical Resource
0% (4) CWE-617 Reachable Assertion
0% (4) CWE-287 Improper Authentication
0% (4) CWE-269 Improper Privilege Management
0% (4) CWE-78 Improper Sanitization of Special Elements used in an OS Command ('O...

Oval Markup Language : Definitions

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalID Name
oval:org.mitre.oval:def:13253 USN-1016-1 -- libxml2 vulnerability
oval:org.mitre.oval:def:12709 DSA-2128-1 libxml2 -- invalid memory access
oval:org.mitre.oval:def:12148 Vulnerability in libxml2 in Google Chrome before 7.0.517.44
oval:org.mitre.oval:def:19711 VMware ESXi and ESX updates to third party library and ESX Service Console
oval:org.mitre.oval:def:20485 VMware ESXi and ESX updates to third party library and ESX Service Console
oval:org.mitre.oval:def:14410 Double free vulnerability in libxml2, as used in Google Chrome before 14.0.83...
oval:org.mitre.oval:def:27147 RHSA-2011:1749 -- libxml2 security and bug fix update (Low)
oval:org.mitre.oval:def:27942 ELSA-2011-1749 -- libxml2 security and bug fix update (low)
oval:org.mitre.oval:def:27925 DEPRECATED: ELSA-2012-0017 -- libxml2 security update (important)
oval:org.mitre.oval:def:14761 libxml2, as used in Google Chrome before 16.0.912.63, allows remote attackers...
oval:org.mitre.oval:def:21409 RHSA-2012:0018: libxml2 security update (Important)
oval:org.mitre.oval:def:21164 RHSA-2012:0017: libxml2 security update (Important)
oval:org.mitre.oval:def:15446 USN-1334-1 -- libxml2 vulnerabilities
oval:org.mitre.oval:def:15165 DSA-2394-1 libxml2 -- several
oval:org.mitre.oval:def:14504 Heap-based buffer overflow in libxml2, as used in Google Chrome before 16.0.9...
oval:org.mitre.oval:def:23538 ELSA-2012:0018: libxml2 security update (Important)
oval:org.mitre.oval:def:23214 ELSA-2012:0017: libxml2 security update (Important)
oval:org.mitre.oval:def:27976 DEPRECATED: ELSA-2012-0018 -- libxml2 security update (important)
oval:org.mitre.oval:def:20792 RHSA-2012:0407: libpng security update (Moderate)
oval:org.mitre.oval:def:15482 USN-1402-1 -- libpng vulnerability
oval:org.mitre.oval:def:15399 DSA-2439-1 libpng -- buffer overflow
oval:org.mitre.oval:def:14763 Integer signedness error in pngrutil.c in libpng before 1.4.10beta01, as used...
oval:org.mitre.oval:def:23751 ELSA-2012:0407: libpng security update (Moderate)
oval:org.mitre.oval:def:23137 DEPRECATED: ELSA-2012:0407: libpng security update (Moderate)
oval:org.mitre.oval:def:27682 DEPRECATED: ELSA-2012-0407 -- libpng security update (moderate)

SAINT Exploits

Description Link
Polkit pkexec privilege elevation More info here

Open Source Vulnerability Database (OSVDB)

id Description
78148 Google Chrome libxml2 parser.c xmlStringLenDecodeEntities() Function Remote O...
77707 Google Chrome libxml Out-of-bounds Read Remote DoS
75560 Google Chrome Double-free libxml XPath Handling Remote Code Execution
74654 Linux Kernel EFI GUID Partition Table (GPT) Implementation Crafted Partition ...
70950 Linux Kernel fs/xfs/xfs_fsops.c xfs_fs_geometry() Local Memory Disclosure
69205 libxml2 Crafted XML File XPath Axis Traversal DoS

ExploitDB Exploits

id Description
33516 Linux kernel 3.14-rc1 <= 3.15-rc4 - Raw Mode PTY Local Echo Race Condition...
32998 Heartbleed OpenSSL - Information Leak Exploit (2) - DTLS Support
32791 Heartbleed OpenSSL - Information Leak Exploit (1)
32764 OpenSSL 1.0.1f TLS Heartbeat Extension - Memory Disclosure (Multiple SSL/TLS ...
32745 OpenSSL TLS Heartbeat Extension - Memory Disclosure
22406 Konqueror 4.7.3 Memory Corruption

OpenVAS Exploits

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2013-09-18 Name : Debian Security Advisory DSA 2427-1 (imagemagick - several vulnerabilities)
File : nvt/deb_2427_1.nasl
2013-09-18 Name : Debian Security Advisory DSA 2439-1 (libpng - buffer overflow)
File : nvt/deb_2439_1.nasl
2013-09-18 Name : Debian Security Advisory DSA 2462-2 (imagemagick - several vulnerabilities)
File : nvt/deb_2462_2.nasl
2013-09-18 Name : Debian Security Advisory DSA 2553-1 (iceweasel - several vulnerabilities)
File : nvt/deb_2553_1.nasl
2012-12-24 Name : LibreOffice Graphic Object Loading Buffer Overflow Vulnerability (Mac OS X)
File : nvt/gb_libreoffice_graphic_object_bof_vuln_macosx.nasl
2012-12-24 Name : LibreOffice Graphic Object Loading Buffer Overflow Vulnerability (Windows)
File : nvt/gb_libreoffice_graphic_object_bof_vuln_win.nasl
2012-12-24 Name : OpenOffice Multiple Buffer Overflow Vulnerabilities - Dec12 (Windows)
File : nvt/gb_openoffice_mult_bof_vuln_dec12_win.nasl
2012-12-13 Name : SuSE Update for update openSUSE-SU-2012:0466-1 (update)
File : nvt/gb_suse_2012_0466_1.nasl
2012-12-13 Name : SuSE Update for MozillaFirefox openSUSE-SU-2012:1064-1 (MozillaFirefox)
File : nvt/gb_suse_2012_1064_1.nasl
2012-11-16 Name : Debian Security Advisory DSA 2572-1 (iceape)
File : nvt/deb_2572_1.nasl
2012-11-15 Name : CentOS Update for mysql CESA-2012:1462 centos6
File : nvt/gb_CESA-2012_1462_mysql_centos6.nasl
2012-11-15 Name : RedHat Update for mysql RHSA-2012:1462-01
File : nvt/gb_RHSA-2012_1462-01_mysql.nasl
2012-11-02 Name : CentOS Update for kdelibs CESA-2012:1416 centos6
File : nvt/gb_CESA-2012_1416_kdelibs_centos6.nasl
2012-11-02 Name : CentOS Update for kdelibs CESA-2012:1418 centos6
File : nvt/gb_CESA-2012_1418_kdelibs_centos6.nasl
2012-11-02 Name : RedHat Update for kdelibs RHSA-2012:1416-01
File : nvt/gb_RHSA-2012_1416-01_kdelibs.nasl
2012-11-02 Name : RedHat Update for kdelibs RHSA-2012:1418-01
File : nvt/gb_RHSA-2012_1418-01_kdelibs.nasl
2012-10-13 Name : Debian Security Advisory DSA 2556-1 (icedove)
File : nvt/deb_2556_1.nasl
2012-10-03 Name : Debian Security Advisory DSA 2554-1 (iceape)
File : nvt/deb_2554_1.nasl
2012-10-03 Name : Fedora Update for libxml2 FEDORA-2012-13824
File : nvt/gb_fedora_2012_13824_libxml2_fc16.nasl
2012-10-03 Name : Ubuntu Update for thunderbird USN-1551-2
File : nvt/gb_ubuntu_USN_1551_2.nasl
2012-10-03 Name : Gentoo Security Advisory GLSA 201209-24 (PostgreSQL)
File : nvt/glsa_201209_24.nasl
2012-09-27 Name : CentOS Update for kernel CESA-2012:1304 centos6
File : nvt/gb_CESA-2012_1304_kernel_centos6.nasl
2012-09-27 Name : RedHat Update for kernel RHSA-2012:1304-01
File : nvt/gb_RHSA-2012_1304-01_kernel.nasl
2012-09-27 Name : Fedora Update for libxml2 FEDORA-2012-13820
File : nvt/gb_fedora_2012_13820_libxml2_fc17.nasl
2012-09-26 Name : Gentoo Security Advisory GLSA 201209-05 (libreoffice)
File : nvt/glsa_201209_05.nasl

Information Assurance Vulnerability Management (IAVM)

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2015-A-0202 Citrix XenServer Information Disclosure Vulnerability
Severity: Category I - VMSKEY: V0061343
2015-A-0199 Multiple Vulnerabilities in Apple Mac OS X
Severity: Category I - VMSKEY: V0061337
2015-A-0155 Multiple Vulnerabilities in Oracle MySQL Product Suite
Severity: Category I - VMSKEY: V0061083
2014-A-0064 Multiple Vulnerabilities in Mozilla Products
Severity: Category I - VMSKEY: V0050011
2014-A-0063 Multiple Vulnerabilities in McAfee VirusScan Enterprise for Linux
Severity: Category I - VMSKEY: V0050009
2014-A-0062 Multiple Vulnerabilities In McAfee Email Gateway
Severity: Category I - VMSKEY: V0050005
2014-B-0050 McAfee Web Gateway Information Disclosure Vulnerability
Severity: Category I - VMSKEY: V0050003
2014-B-0046 Multiple Vulnerabilities in HP System Management Homepage (SMH)
Severity: Category I - VMSKEY: V0049737
2014-A-0058 Multiple Vulnerabilities in Oracle & Sun Systems Product Suite
Severity: Category I - VMSKEY: V0049579
2014-A-0057 Multiple Vulnerabilities in Oracle MySQL Products
Severity: Category I - VMSKEY: V0049591
2014-A-0053 Multiple Vulnerabilities in Juniper Network JUNOS
Severity: Category I - VMSKEY: V0049589
2014-A-0054 Multiple Vulnerabilities in Oracle Database
Severity: Category I - VMSKEY: V0049587
2014-A-0055 Multiple Vulnerabilities in Oracle Fusion Middleware
Severity: Category I - VMSKEY: V0049585
2014-A-0056 Multiple Vulnerabilities in Oracle Java SE
Severity: Category I - VMSKEY: V0049583
2014-B-0041 Multiple Vulnerabilities in Splunk
Severity: Category I - VMSKEY: V0049577
2014-B-0042 Stunnel Information Disclosure Vulnerability
Severity: Category I - VMSKEY: V0049575
2014-A-0051 OpenSSL Information Disclosure Vulnerability
Severity: Category I - VMSKEY: V0048667
2014-A-0043 Multiple Vulnerabilities in Mozilla Products
Severity: Category I - VMSKEY: V0046769
2014-A-0021 Multiple Vulnerabilities in Mozilla Products
Severity: Category I - VMSKEY: V0043921
2014-A-0017 Multiple Vulnerabilities in Cisco TelePresence Video Communication Server
Severity: Category I - VMSKEY: V0043846
2014-A-0019 Multiple Vulnerabilities in VMware Fusion
Severity: Category I - VMSKEY: V0043844
2013-A-0233 Multiple Vulnerabilities in Mozilla Products
Severity: Category I - VMSKEY: V0042596
2013-A-0222 Multiple Vulnerabilties in VMware Workstation
Severity: Category II - VMSKEY: V0042383
2012-A-0153 Multiple Vulnerabilities in VMware ESX 4.0 and ESXi 4.0
Severity: Category I - VMSKEY: V0033884
2012-A-0104 Multiple Vulnerabilities in Cisco AnyConnect Secure Mobility Client
Severity: Category I - VMSKEY: V0033046

Snort® IPS/IDS

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2020-01-07 LibVNCServer file transfer extension heap buffer overflow attempt
RuleID : 52397 - Type : SERVER-OTHER - Revision : 1
2020-01-07 LibVNCServer file transfer extension heap buffer overflow attempt
RuleID : 52396 - Type : SERVER-OTHER - Revision : 1
2020-01-07 LibVNCServer file transfer extension heap buffer overflow attempt
RuleID : 52395 - Type : SERVER-OTHER - Revision : 1
2020-01-07 LibVNCServer file transfer extension heap buffer overflow attempt
RuleID : 52394 - Type : SERVER-OTHER - Revision : 1
2020-01-07 LibVNCServer file transfer extension heap buffer overflow attempt
RuleID : 52393 - Type : SERVER-OTHER - Revision : 1
2020-01-03 ISC BIND deny-answer-aliases denial of service attempt
RuleID : 52344 - Type : SERVER-OTHER - Revision : 1
2020-01-03 ISC BIND deny-answer-aliases denial of service attempt
RuleID : 52343 - Type : SERVER-OTHER - Revision : 1
2019-11-19 Ghostscript -dSAFER sandbox bypass attempt
RuleID : 51945 - Type : FILE-OTHER - Revision : 1
2019-10-08 Mozilla Firefox Custom Elements write-after-free attempt
RuleID : 51440 - Type : BROWSER-FIREFOX - Revision : 1
2019-10-08 Mozilla Firefox Custom Elements write-after-free attempt
RuleID : 51439 - Type : BROWSER-FIREFOX - Revision : 1
2019-04-30 Unix systemd-journald memory corruption attempt
RuleID : 49618 - Type : FILE-OTHER - Revision : 1
2019-04-30 Unix systemd-journald memory corruption attempt
RuleID : 49617 - Type : FILE-OTHER - Revision : 1
2019-03-05 Ghostscript PostScript remote code execution attempt
RuleID : 49086 - Type : FILE-OTHER - Revision : 1
2019-03-05 Ghostscript PostScript remote code execution attempt
RuleID : 49085 - Type : FILE-OTHER - Revision : 1
2019-01-17 Mozilla Firefox method array.prototype.push remote code execution attempt
RuleID : 48626 - Type : BROWSER-FIREFOX - Revision : 2
2019-01-17 Mozilla Firefox method array.prototype.push remote code execution attempt
RuleID : 48625 - Type : BROWSER-FIREFOX - Revision : 2
2019-01-10 Mozilla Firefox javascript type confusion code execution attempt
RuleID : 48565 - Type : BROWSER-FIREFOX - Revision : 1
2019-01-10 Mozilla Firefox javascript type confusion code execution attempt
RuleID : 48564 - Type : BROWSER-FIREFOX - Revision : 1
2018-12-07 out-of-bounds write attempt with malicious MAR file detected
RuleID : 48296 - Type : FILE-OTHER - Revision : 2
2018-12-07 out-of-bounds write attempt with malicious MAR file detected
RuleID : 48295 - Type : FILE-OTHER - Revision : 2
2018-11-10 libvorbis VORBIS audio data out of bounds write attempt
RuleID : 48106 - Type : FILE-MULTIMEDIA - Revision : 1
2018-11-10 libvorbis VORBIS audio data out of bounds write attempt
RuleID : 48105 - Type : FILE-MULTIMEDIA - Revision : 1
2018-10-25 Ghostscript -dSAFER sandbox bypass attempt
RuleID : 47882 - Type : FILE-OTHER - Revision : 1
2018-09-18 LibreOffice WEBSERVICE arbitrary file disclosure attempt
RuleID : 47566 - Type : FILE-OFFICE - Revision : 1
2018-09-18 LibreOffice WEBSERVICE arbitrary file disclosure attempt
RuleID : 47565 - Type : FILE-OFFICE - Revision : 1

Nessus® Vulnerability Scanner

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2019-01-17 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2019-0059.nasl - Type: ACT_GATHER_INFO
2019-01-16 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2019-0049.nasl - Type: ACT_GATHER_INFO
2019-01-16 Name: The remote Fedora host is missing a security update.
File: fedora_2019-348547a32d.nasl - Type: ACT_GATHER_INFO
2019-01-14 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-4367.nasl - Type: ACT_GATHER_INFO
2019-01-14 Name: The remote Fedora host is missing a security update.
File: fedora_2019-18b3a10c7f.nasl - Type: ACT_GATHER_INFO
2019-01-11 Name: The remote Virtuozzo host is missing a security update.
File: Virtuozzo_VZA-2018-072.nasl - Type: ACT_GATHER_INFO
2019-01-11 Name: The remote Virtuozzo host is missing multiple security updates.
File: Virtuozzo_VZA-2018-075.nasl - Type: ACT_GATHER_INFO
2019-01-11 Name: The remote Virtuozzo host is missing a security update.
File: Virtuozzo_VZA-2018-077.nasl - Type: ACT_GATHER_INFO
2019-01-11 Name: The remote Virtuozzo host is missing a security update.
File: Virtuozzo_VZA-2018-085.nasl - Type: ACT_GATHER_INFO
2019-01-11 Name: The remote Virtuozzo host is missing a security update.
File: Virtuozzo_VZA-2018-086.nasl - Type: ACT_GATHER_INFO
2019-01-11 Name: The remote Virtuozzo host is missing a security update.
File: Virtuozzo_VZA-2018-088.nasl - Type: ACT_GATHER_INFO
2019-01-10 Name: The remote Amazon Linux 2 host is missing a security update.
File: al2_ALAS-2019-1139.nasl - Type: ACT_GATHER_INFO
2019-01-10 Name: The remote Amazon Linux 2 host is missing a security update.
File: al2_ALAS-2019-1141.nasl - Type: ACT_GATHER_INFO
2019-01-10 Name: The remote Amazon Linux 2 host is missing a security update.
File: al2_ALAS-2019-1144.nasl - Type: ACT_GATHER_INFO
2019-01-10 Name: The remote device is affected by multiple vulnerabilities.
File: juniper_space_jsa10917_183R1.nasl - Type: ACT_GATHER_INFO
2019-01-10 Name: The remote device is affected by multiple vulnerabilities.
File: juniper_space_jsa10917_184R1.nasl - Type: ACT_GATHER_INFO
2019-01-08 Name: The remote EulerOS host is missing multiple security updates.
File: EulerOS_SA-2019-1002.nasl - Type: ACT_GATHER_INFO
2019-01-08 Name: The remote EulerOS host is missing multiple security updates.
File: EulerOS_SA-2019-1004.nasl - Type: ACT_GATHER_INFO
2019-01-08 Name: The remote EulerOS host is missing a security update.
File: EulerOS_SA-2019-1012.nasl - Type: ACT_GATHER_INFO
2019-01-08 Name: The remote EulerOS host is missing a security update.
File: EulerOS_SA-2019-1013.nasl - Type: ACT_GATHER_INFO
2019-01-07 Name: The remote CentOS host is missing a security update.
File: centos_RHSA-2019-0022.nasl - Type: ACT_GATHER_INFO
2019-01-07 Name: The remote Fedora host is missing a security update.
File: fedora_2019-859384e002.nasl - Type: ACT_GATHER_INFO
2019-01-07 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_546d4dd410ea11e9b407080027ef1a23.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-00e90783d2.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-05acd3c734.nasl - Type: ACT_GATHER_INFO