Summary
| Detail | |||
|---|---|---|---|
| Vendor | Redhat | First view | 1996-07-16 |
| Product | Enterprise Linux | Last view | 2021-06-04 |
| Version | 3 | Type | |
| Update | |||
| Edition | |||
| Language | |||
| Sofware Edition | |||
| Target Software | |||
| Target Hardware | |||
| Other | |||
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 5.9 | 2021-06-04 | CVE-2021-3565 | A flaw was found in tpm2-tools in versions before 5.1.1 and before 4.3.2. tpm2_import used a fixed AES key for the inner wrapper, potentially allowing a MITM attacker to unwrap the inner portion and reveal the key being imported. The highest threat from this vulnerability is to data confidentiality. |
| 5.5 | 2021-06-03 | CVE-2021-3569 | A stack corruption bug was found in libtpms in versions before 0.7.2 and before 0.8.0 while decrypting data using RSA. This flaw could result in a SIGBUS (bad memory access) and termination of swtpm. The highest threat from this vulnerability is to system availability. |
| 6 | 2021-06-02 | CVE-2020-10742 | A flaw was found in the Linux kernel. An index buffer overflow during Direct IO write leading to the NFS client to crash. In some cases, a reach out of the index after one memory allocation by kmalloc will cause a kernel panic. The highest threat from this vulnerability is to data confidentiality and system availability. |
| 6.7 | 2021-06-01 | CVE-2021-3543 | A flaw null pointer dereference in the Nitro Enclaves kernel driver was found in the way that Enclaves VMs forces closures on the enclave file descriptor. A local user of a host machine could use this flaw to crash the system or escalate their privileges on the system. |
| 7.8 | 2021-06-01 | CVE-2021-3516 | There's a flaw in libxml2's xmllint in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by xmllint could trigger a use-after-free. The greatest impact of this flaw is to confidentiality, integrity, and availability. |
| 8.8 | 2021-06-01 | CVE-2021-32027 | A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before 9.6.22. While modifying certain SQL array values, missing bounds checks let authenticated database users write arbitrary bytes to a wide area of server memory. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. |
| 6.7 | 2021-05-28 | CVE-2021-20292 | There is a flaw reported in the Linux kernel in versions before 5.9 in drivers/gpu/drm/nouveau/nouveau_sgdma.c in nouveau_sgdma_create_ttm in Nouveau DRM subsystem. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker with a local account with a root privilege, can leverage this vulnerability to escalate privileges and execute code in the context of the kernel. |
| 3.3 | 2021-05-28 | CVE-2021-20239 | A flaw was found in the Linux kernel in versions before 5.4.92 in the BPF protocol. This flaw allows an attacker with a local account to leak information about kernel internal addresses. The highest threat from this vulnerability is to confidentiality. |
| 9.8 | 2021-05-28 | CVE-2021-20236 | A flaw was found in the ZeroMQ server in versions before 4.3.3. This flaw allows a malicious client to cause a stack buffer overflow on the server by sending crafted topic subscription requests and then unsubscribing. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. |
| 5.3 | 2021-05-28 | CVE-2021-20201 | A flaw was found in spice in versions before 0.14.92. A DoS tool might make it easier for remote attackers to cause a denial of service (CPU consumption) by performing many renegotiations within a single connection. |
| 7.5 | 2021-05-28 | CVE-2020-25710 | A flaw was found in OpenLDAP in versions before 2.4.56. This flaw allows an attacker who sends a malicious packet processed by OpenLDAP to force a failed assertion in csnNormalize23(). The highest threat from this vulnerability is to system availability. |
| 5.5 | 2021-05-27 | CVE-2021-30501 | An assertion abort was found in upx MemBuffer::alloc() in mem.cpp, in version UPX 4.0.0. The flow allows attackers to cause a denial of service (abort) via a crafted file. |
| 7.8 | 2021-05-27 | CVE-2021-30500 | Null pointer dereference was found in upx PackLinuxElf::canUnpack() in p_lx_elf.cpp,in version UPX 4.0.0. That allow attackers to execute arbitrary code and cause a denial of service via a crafted file. |
| 3.3 | 2021-05-27 | CVE-2020-1702 | A malicious container image can consume an unbounded amount of memory when being pulled to a container runtime host, such as Red Hat Enterprise Linux using podman, or OpenShift Container Platform. An attacker can use this flaw to trick a user, with privileges to pull container images, into crashing the process responsible for pulling the image. This flaw affects containers-image versions before 5.2.0. |
| 6.5 | 2021-05-27 | CVE-2020-14301 | An information disclosure vulnerability was found in libvirt in versions before 6.3.0. HTTP cookies used to access network-based disks were saved in the XML dump of the guest domain. This flaw allows an attacker to access potentially sensitive information in the domain configuration via the `dumpxml` command. |
| 5.5 | 2021-05-26 | CVE-2021-3527 | A flaw was found in the USB redirector device (usb-redir) of QEMU. Small USB packets are combined into a single, large transfer request, to reduce the overhead and improve performance. The combined size of the bulk transfer is used to dynamically allocate a variable length array (VLA) on the stack without proper validation. Since the total size is not bounded, a malicious guest could use this flaw to influence the array length and cause the QEMU process to perform an excessive allocation on the stack, resulting in a denial of service. |
| 5.5 | 2021-05-26 | CVE-2021-30471 | A flaw was found in PoDoFo 0.9.7. An uncontrolled recursive call in PdfNamesTree::AddToDictionary function in src/podofo/doc/PdfNamesTree.cpp can lead to a stack overflow. |
| 5.5 | 2021-05-26 | CVE-2021-30470 | A flaw was found in PoDoFo 0.9.7. An uncontrolled recursive call among PdfTokenizer::ReadArray(), PdfTokenizer::GetNextVariant() and PdfTokenizer::ReadDataType() functions can lead to a stack overflow. |
| 5.5 | 2021-05-26 | CVE-2021-30469 | A flaw was found in PoDoFo 0.9.7. An use-after-free in PoDoFo::PdfVecObjects::Clear() function can cause a denial of service via a crafted PDF file. |
| 5.5 | 2021-05-26 | CVE-2021-20297 | A flaw was found in NetworkManager in versions before 1.30.0. Setting match.path and activating a profile crashes NetworkManager. The highest threat from this vulnerability is to system availability. |
| 7.5 | 2021-05-21 | CVE-2020-36332 | A flaw was found in libwebp in versions before 1.0.1. When reading a file libwebp allocates an excessive amount of memory. The highest threat from this vulnerability is to the service availability. |
| 9.1 | 2021-05-21 | CVE-2020-36331 | A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function ChunkAssignData. The highest threat from this vulnerability is to data confidentiality and to the service availability. |
| 9.1 | 2021-05-21 | CVE-2020-36330 | A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function ChunkVerifyAndAssign. The highest threat from this vulnerability is to data confidentiality and to the service availability. |
| 9.8 | 2021-05-21 | CVE-2020-36329 | A flaw was found in libwebp in versions before 1.0.1. A use-after-free was found due to a thread being killed too early. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. |
| 9.8 | 2021-05-21 | CVE-2020-36328 | A flaw was found in libwebp in versions before 1.0.1. A heap-based buffer overflow in function WebPDecodeRGBInto is possible due to an invalid check for buffer size. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 9% (70) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 8% (60) | CWE-416 | Use After Free |
| 8% (60) | CWE-20 | Improper Input Validation |
| 6% (51) | CWE-200 | Information Exposure |
| 6% (48) | CWE-125 | Out-of-bounds Read |
| 6% (47) | CWE-787 | Out-of-bounds Write |
| 4% (32) | CWE-264 | Permissions, Privileges, and Access Controls |
| 4% (32) | CWE-190 | Integer Overflow or Wraparound |
| 3% (28) | CWE-476 | NULL Pointer Dereference |
| 3% (23) | CWE-399 | Resource Management Errors |
| 3% (23) | CWE-362 | Race Condition |
| 2% (19) | CWE-189 | Numeric Errors |
| 2% (18) | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
| 2% (17) | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path ... |
| 2% (16) | CWE-59 | Improper Link Resolution Before File Access ('Link Following') |
| 2% (15) | CWE-401 | Failure to Release Memory Before Removing Last Reference ('Memory L... |
| 1% (11) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
| 1% (10) | CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflo... |
| 1% (8) | CWE-295 | Certificate Issues |
| 1% (8) | CWE-287 | Improper Authentication |
| 0% (7) | CWE-732 | Incorrect Permission Assignment for Critical Resource |
| 0% (7) | CWE-269 | Improper Privilege Management |
| 0% (6) | CWE-369 | Divide By Zero |
| 0% (6) | CWE-254 | Security Features |
| 0% (6) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
CAPEC : Common Attack Pattern Enumeration & Classification
| id | Name |
|---|---|
| CAPEC-6 | Argument Injection |
| CAPEC-15 | Command Delimiters |
| CAPEC-79 | Using Slashes in Alternate Encoding |
Oval Markup Language : Definitions
| OvalID | Name |
|---|---|
| oval:org.mitre.oval:def:10888 | cpio on FreeBSD 2.1.0, Debian GNU/Linux 3.0, and possibly other operating sys... |
| oval:org.mitre.oval:def:1160 | Safe.PM Unsafe Code Execution Vulnerability |
| oval:org.mitre.oval:def:10736 | The Internet Group Management Protocol (IGMP) allows local users to cause a d... |
| oval:org.mitre.oval:def:664 | Code Execution Vulnerability in XPDF PDF Viewer |
| oval:org.mitre.oval:def:113 | X Display Manager Control Protocol Denial of Service |
| oval:org.mitre.oval:def:129 | GDM X Display Manager Authorization Vulnerability |
| oval:org.mitre.oval:def:387 | C-Media Sound Driver Userspace Access Vulnerability II |
| oval:org.mitre.oval:def:11337 | The getifaddrs function in GNU libc (glibc) 2.2.4 and earlier allows local us... |
| oval:org.mitre.oval:def:9707 | Various routines for the ppc64 architecture on Linux kernel 2.6 prior to 2.6.... |
| oval:org.mitre.oval:def:9779 | The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to... |
| oval:org.mitre.oval:def:975 | Red Hat OpenSSL do_change_cipher_spec Function Denial of Service |
| oval:org.mitre.oval:def:870 | Red Hat Enterprise 3 OpenSSL do_change_cipher_spec Function Denial of Service |
| oval:org.mitre.oval:def:5770 | Multiple Vendor OpenSSL 0.9.6x, 0.9.7x Null-Pointer DoS Vulnerability |
| oval:org.mitre.oval:def:2621 | OpenSSL Denial of Service Vulnerabilities |
| oval:org.mitre.oval:def:902 | Red Hat OpenSSL Improper Unknown Message Handling Vulnerability |
| oval:org.mitre.oval:def:871 | Red Hat Enterprise 3 OpenSSL Improper Unknown Message Handling Vulnerability |
| oval:org.mitre.oval:def:11755 | OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, w... |
| oval:org.mitre.oval:def:846 | Red Hat gdk-pixbuf Denial of Service |
| oval:org.mitre.oval:def:845 | Red Hat Enterprise 3 gdk-pixbuf Denial of Service |
| oval:org.mitre.oval:def:10574 | gdk-pixbuf before 0.20 allows attackers to cause a denial of service (crash) ... |
| oval:org.mitre.oval:def:9580 | The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when usin... |
| oval:org.mitre.oval:def:928 | Red Hat Enterprise 3 OpenSSL Kerberos Handshake Vulnerability |
| oval:org.mitre.oval:def:1049 | Red Hat OpenSSL Kerberos Handshake Vulnerability |
| oval:org.mitre.oval:def:971 | libpng Malformed PNG Image Vulnerability |
| oval:org.mitre.oval:def:11710 | The Portable Network Graphics library (libpng) 1.0.15 and earlier allows atta... |
SAINT Exploits
| Description | Link |
|---|---|
| libssh authentication bypass | More info here |
| Red Hat DHCP client NetworkManager integration script command injection | More info here |
| Linux Dirty COW Local File Overwrite | More info here |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 78302 | Linux Kernel m_stop() Implementation Local DoS |
| 77684 | Linux Kernel OMAP4 Bridge Networking Interface Network Packet Parsing Remote DoS |
| 77571 | Linux Kernel be2net VLAN Packet Parsing Remote DoS |
| 77558 | virt-v2v Guest Conversion VNC Password Local Authentication Bypass |
| 77485 | Linux Kernel /mm/oom_kill.c Local Overflow |
| 77294 | Linux Kernel VLAN 0 Frame Priority Tag Parsing Remote DoS |
| 76805 | Linux Kernel net/core/net_namespace.c Network Namespace Cleanup Weakness Remo... |
| 76058 | Samba mtab Lock File Handling Local DoS |
| 75716 | Linux Kernel Sequence Number Generation Weakness Remote Packet Injection |
| 75714 | Linux Kernel AuerswaldPBX/System Telephone USB Driver Privilege Escalation |
| 75580 | Linux Kernel CIFS Share Mounting DIFS Referral BUG_ON() Remote DoS |
| 75279 | Qemu hw/scsi-disk.c scsi_disk_emulate_command() Function Command Parsing Loca... |
| 74910 | Linux Kernel fs/cifs/cifssmb.c CIFSFindNext() Function Signedness Error CIFS ... |
| 74678 | Linux Kernel IPv6 Fragment Identification Prediction Weakness |
| 74658 | Linux Kernel trigger_scan / sched_scan SSID Length Handling Bypass |
| 74657 | Linux Kernel Packet Scheduler API Implementation tc_fill_qdisc() Function NUL... |
| 74655 | Linux Kernel napi_reuse_skb() Function Crafted VLAN Packet Handling Remote DoS |
| 74646 | ConsoleKit VNC Session is-local Property Handling Remote Privilege Escalation |
| 74150 | Drupal Comment Attachment Access Restriction Bypass |
| 73748 | udisks mount(8) Command Arbitrary Kernel Module Loading |
| 73493 | libpng pngerror.c png_format_buffer() Off-by-one PNG Image Handling Remote DoS |
| 73045 | Linux Kernel drivers/char/agp/generic.c agp_generic_remove_memory Function AG... |
| 73043 | Linux Kernel drivers/char/agp/generic.c Multiple Function Memory Page Call Lo... |
| 73042 | Linux Kernel drivers/char/agp/generic.c agp_generic_insert_memory Function AG... |
| 72541 | Red Hat policycoreutils seunshare sandbox/seunshare.c seunshare_mount Functio... |
ExploitDB Exploits
| id | Description |
|---|---|
| 33894 | Python CGIHTTPServer Encoded Path Traversal |
| 33516 | Linux kernel 3.14-rc1 <= 3.15-rc4 - Raw Mode PTY Local Echo Race Condition... |
| 27778 | Samba nttrans Reply - Integer Overflow Vulnerability |
| 24259 | Ethereal 0.x Multiple Unspecified iSNS, SMB and SNMP Protocol Dissector Vulne... |
| 22406 | Konqueror 4.7.3 Memory Corruption |
| 5167 | X.Org xorg-x11-xfs <= 1.0.2-3.1 - Local Race Condition Exploit |
| 4601 | Ubuntu 6.06 DHCPd bug Remote Denial of Service Exploit |
| 718 | Linux Kernel 2.6.x chown() Group Ownership Alteration Exploit |
| 374 | SoX Local Buffer Overflow Exploiter (Via Crafted WAV File) |
OpenVAS Exploits
| id | Description |
|---|---|
| 2014-10-16 | Name : POODLE SSLv3 Protocol CBC ciphers Information Disclosure Vulnerability File : nvt/gb_poodel_sslv3_info_disc_vuln.nasl |
| 2013-09-18 | Name : Debian Security Advisory DSA 2439-1 (libpng - buffer overflow) File : nvt/deb_2439_1.nasl |
| 2013-09-18 | Name : Debian Security Advisory DSA 2443-1 (linux-2.6 - privilege escalation/denial ... File : nvt/deb_2443_1.nasl |
| 2013-09-18 | Name : Debian Security Advisory DSA 2581-1 (mysql-5.1 - several vulnerabilities) File : nvt/deb_2581_1.nasl |
| 2012-12-28 | Name : Wireshark Multiple Vulnerabilities-01 Dec 2012 (Mac OS X) File : nvt/gb_wireshark_mult_vuln01_dec12_macosx.nasl |
| 2012-12-27 | Name : VMSA-2012-0018: VMware security updates for vCSA and ESXi File : nvt/gb_VMSA-2012-0018.nasl |
| 2012-12-24 | Name : LibreOffice Graphic Object Loading Buffer Overflow Vulnerability (Mac OS X) File : nvt/gb_libreoffice_graphic_object_bof_vuln_macosx.nasl |
| 2012-12-24 | Name : LibreOffice Graphic Object Loading Buffer Overflow Vulnerability (Windows) File : nvt/gb_libreoffice_graphic_object_bof_vuln_win.nasl |
| 2012-12-24 | Name : OpenOffice Multiple Buffer Overflow Vulnerabilities - Dec12 (Windows) File : nvt/gb_openoffice_mult_bof_vuln_dec12_win.nasl |
| 2012-12-18 | Name : Fedora Update for kernel FEDORA-2012-20240 File : nvt/gb_fedora_2012_20240_kernel_fc16.nasl |
| 2012-12-18 | Name : Ubuntu Update for glibc USN-1589-2 File : nvt/gb_ubuntu_USN_1589_2.nasl |
| 2012-12-13 | Name : SuSE Update for update openSUSE-SU-2012:0466-1 (update) File : nvt/gb_suse_2012_0466_1.nasl |
| 2012-11-29 | Name : Fedora Update for kernel FEDORA-2012-18691 File : nvt/gb_fedora_2012_18691_kernel_fc16.nasl |
| 2012-11-26 | Name : Oracle MySQL Server Multiple Vulnerabilities-02 Nov12 (Windows) File : nvt/gb_oracle_mysql_multiple_vuln02_nov12_win.nasl |
| 2012-11-26 | Name : Oracle MySQL Server Multiple Vulnerabilities-03 Nov12 (Windows) File : nvt/gb_oracle_mysql_multiple_vuln03_nov12_win.nasl |
| 2012-11-15 | Name : CentOS Update for mysql CESA-2012:1462 centos6 File : nvt/gb_CESA-2012_1462_mysql_centos6.nasl |
| 2012-11-15 | Name : RedHat Update for mysql RHSA-2012:1462-01 File : nvt/gb_RHSA-2012_1462-01_mysql.nasl |
| 2012-11-09 | Name : CentOS Update for kernel CESA-2012:1426 centos6 File : nvt/gb_CESA-2012_1426_kernel_centos6.nasl |
| 2012-11-09 | Name : RedHat Update for kernel RHSA-2012:1426-01 File : nvt/gb_RHSA-2012_1426-01_kernel.nasl |
| 2012-11-06 | Name : Fedora Update for kernel FEDORA-2012-17479 File : nvt/gb_fedora_2012_17479_kernel_fc16.nasl |
| 2012-11-06 | Name : Ubuntu Update for mysql-5.5 USN-1621-1 File : nvt/gb_ubuntu_USN_1621_1.nasl |
| 2012-11-02 | Name : CentOS Update for kdelibs CESA-2012:1416 centos6 File : nvt/gb_CESA-2012_1416_kdelibs_centos6.nasl |
| 2012-11-02 | Name : CentOS Update for kdelibs CESA-2012:1418 centos6 File : nvt/gb_CESA-2012_1418_kdelibs_centos6.nasl |
| 2012-11-02 | Name : RedHat Update for kdelibs RHSA-2012:1416-01 File : nvt/gb_RHSA-2012_1416-01_kdelibs.nasl |
| 2012-11-02 | Name : RedHat Update for kdelibs RHSA-2012:1418-01 File : nvt/gb_RHSA-2012_1418-01_kdelibs.nasl |
Information Assurance Vulnerability Management (IAVM)
| id | Description |
|---|---|
| 2015-A-0199 | Multiple Vulnerabilities in Apple Mac OS X Severity: Category I - VMSKEY: V0061337 |
| 2015-A-0155 | Multiple Vulnerabilities in Oracle MySQL Product Suite Severity: Category I - VMSKEY: V0061083 |
| 2015-A-0154 | Multiple Vulnerabilities in Oracle Fusion Middleware Severity: Category I - VMSKEY: V0061081 |
| 2015-B-0083 | Multiple Vulnerabilities in IBM Storwize V7000 Unified Severity: Category I - VMSKEY: V0060983 |
| 2015-A-0115 | QEMU Virtual Floppy Drive Controller (FDC) Buffer Overflow Vulnerability Severity: Category II - VMSKEY: V0060741 |
| 2015-A-0113 | Multiple Vulnerabilities in Juniper Networks CTPOS Severity: Category I - VMSKEY: V0060737 |
| 2015-A-0112 | Oracle Linux & Virtualization Buffer Overflow Vulnerability Severity: Category I - VMSKEY: V0060735 |
| 2015-A-0042 | Samba Remote Code Execution Vulnerability Severity: Category I - VMSKEY: V0058919 |
| 2015-A-0038 | Multiple Vulnerabilities in GNU C Library (glibc) Severity: Category I - VMSKEY: V0058753 |
| 2015-B-0012 | Multiple Vulnerabilities in VMware ESXi 5.0 Severity: Category I - VMSKEY: V0058517 |
| 2015-B-0013 | Multiple Vulnerabilities in VMware ESXi 5.1 Severity: Category I - VMSKEY: V0058515 |
| 2015-B-0014 | Multiple Vulnerabilities in VMware ESXi 5.5 Severity: Category I - VMSKEY: V0058513 |
| 2014-A-0172 | Multiple Vulnerabilities in Red Hat JBoss Enterprise Application Platform Severity: Category I - VMSKEY: V0057381 |
| 2014-B-0105 | Samba Remote Code Execution Severity: Category I - VMSKEY: V0053637 |
| 2014-B-0103 | Multiple Vulnerabilities in VMware Horizon View Client Severity: Category I - VMSKEY: V0053509 |
| 2014-B-0102 | Multiple Vulnerabilities in VMware vCenter Converter Standalone 5.5 Severity: Category I - VMSKEY: V0053507 |
| 2014-B-0101 | Multiple Vulnerabilities in VMware vCenter Converter Standalone 5.1 Severity: Category I - VMSKEY: V0053505 |
| 2014-A-0115 | Multiple Vulnerabilities in VMware Horizon View Severity: Category I - VMSKEY: V0053501 |
| 2014-B-0097 | Multiple Vulnerabilities in VMware ESXi 5.0 Severity: Category I - VMSKEY: V0053319 |
| 2014-A-0099 | Multiple Vulnerabilities in McAfee Email Gateway Severity: Category I - VMSKEY: V0053203 |
| 2014-A-0100 | Multiple Vulnerabilities in McAfee VirusScan Enterprise for Linux Severity: Category I - VMSKEY: V0053201 |
| 2014-A-0103 | Multiple Vulnerabilities in Oracle E-Business Severity: Category I - VMSKEY: V0053195 |
| 2014-A-0105 | Multiple Vulnerabilities in Oracle Java Severity: Category I - VMSKEY: V0053191 |
| 2014-A-0109 | Multiple Vulnerabilities in VMware Fusion Severity: Category I - VMSKEY: V0053183 |
| 2014-A-0110 | Multiple Vulnerabilities in VMware Player Severity: Category I - VMSKEY: V0053181 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2020-02-25 | OpenSSL anonymous ECDH denial of service attempt RuleID : 52626 - Type : SERVER-OTHER - Revision : 1 |
| 2020-02-25 | OpenSSL anonymous ECDH denial of service attempt RuleID : 52625 - Type : SERVER-OTHER - Revision : 1 |
| 2020-01-21 | OpenSSL SSL ChangeCipherSpec man-in-the-middle attempt RuleID : 52487 - Type : SERVER-OTHER - Revision : 1 |
| 2020-01-14 | MySQL/MariaDB Server geometry query envelope object integer overflow attempt RuleID : 52423 - Type : SERVER-MYSQL - Revision : 1 |
| 2019-12-10 | Libmspack cabd_sys_read_block off-by-one heap overflow attempt RuleID : 52133 - Type : FILE-OTHER - Revision : 2 |
| 2019-12-10 | Libmspack cabd_sys_read_block off-by-one heap overflow attempt RuleID : 52132 - Type : FILE-OTHER - Revision : 2 |
| 2019-12-03 | PostgreSQL SCRAM authentication stack buffer overflow attempt RuleID : 52039 - Type : SERVER-OTHER - Revision : 1 |
| 2019-12-03 | PostgreSQL SCRAM authentication stack buffer overflow attempt RuleID : 52038 - Type : SERVER-OTHER - Revision : 1 |
| 2019-10-25 | Red Hat NetworkManager DHCP client command injection attempt RuleID : 52022-community - Type : OS-LINUX - Revision : 1 |
| 2019-11-26 | Red Hat NetworkManager DHCP client command injection attempt RuleID : 52022 - Type : OS-LINUX - Revision : 1 |
| 2019-11-03 | HAProxy H2 Frame heap memory corruption attempt RuleID : 51725 - Type : SERVER-WEBAPP - Revision : 1 |
| 2019-09-26 | Google Android Kernel local denial of service attempt RuleID : 51291 - Type : OS-MOBILE - Revision : 1 |
| 2019-09-26 | Google Android Kernel local denial of service attempt RuleID : 51290 - Type : OS-MOBILE - Revision : 1 |
| 2019-09-10 | nfs-utils TCP connection termination denial-of-service attempt RuleID : 50913 - Type : SERVER-OTHER - Revision : 1 |
| 2019-08-31 | Postfix IPv6 Relaying Security Issue RuleID : 50859 - Type : SERVER-MAIL - Revision : 1 |
| 2019-03-19 | Multiple products runc arbitrary code execution attempt RuleID : 49195 - Type : SERVER-OTHER - Revision : 2 |
| 2018-05-30 | Red Hat NetworkManager DHCP client command injection attempt RuleID : 46847-community - Type : OS-LINUX - Revision : 1 |
| 2018-07-03 | Red Hat NetworkManager DHCP client command injection attempt RuleID : 46847 - Type : OS-LINUX - Revision : 1 |
| 2018-02-20 | Mozilla Firefox HTTP index format out of bounds read attempt RuleID : 45476 - Type : BROWSER-FIREFOX - Revision : 2 |
| 2018-01-17 | Mozilla Firefox buffer overflow attempt RuleID : 45172 - Type : BROWSER-FIREFOX - Revision : 1 |
| 2018-01-17 | Mozilla Firefox buffer overflow attempt RuleID : 45171 - Type : BROWSER-FIREFOX - Revision : 1 |
| 2017-12-19 | ISC BIND 9 DNS rdata length handling remote denial of service attempt RuleID : 44879 - Type : SERVER-OTHER - Revision : 1 |
| 2017-11-30 | MySQL/MariaDB Server geometry query integer overflow attempt RuleID : 44674 - Type : SERVER-MYSQL - Revision : 2 |
| 2017-10-24 | PHP form-based file upload DoS attempt RuleID : 44390 - Type : SERVER-WEBAPP - Revision : 2 |
| 2017-08-29 | Sun Solaris dhcpd malformed bootp denial of service attempt RuleID : 43752 - Type : SERVER-OTHER - Revision : 2 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2019-01-18 | Name: The remote Debian host is missing a security update. File: debian_DLA-1635.nasl - Type: ACT_GATHER_INFO |
| 2019-01-17 | Name: The remote Fedora host is missing one or more security updates. File: fedora_2019-509c133845.nasl - Type: ACT_GATHER_INFO |
| 2019-01-17 | Name: The remote Fedora host is missing one or more security updates. File: fedora_2019-f812c9fb22.nasl - Type: ACT_GATHER_INFO |
| 2019-01-16 | Name: The remote Fedora host is missing a security update. File: fedora_2019-f6ff819834.nasl - Type: ACT_GATHER_INFO |
| 2019-01-11 | Name: The remote Virtuozzo host is missing a security update. File: Virtuozzo_VZA-2018-089.nasl - Type: ACT_GATHER_INFO |
| 2019-01-10 | Name: The remote Amazon Linux 2 host is missing a security update. File: al2_ALAS-2019-1143.nasl - Type: ACT_GATHER_INFO |
| 2019-01-10 | Name: The remote device is affected by multiple vulnerabilities. File: juniper_space_jsa10917_183R1.nasl - Type: ACT_GATHER_INFO |
| 2019-01-10 | Name: The remote device is affected by multiple vulnerabilities. File: juniper_space_jsa10917_184R1.nasl - Type: ACT_GATHER_INFO |
| 2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-06090dff59.nasl - Type: ACT_GATHER_INFO |
| 2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-0b038c7047.nasl - Type: ACT_GATHER_INFO |
| 2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-0ddef94854.nasl - Type: ACT_GATHER_INFO |
| 2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-111044d435.nasl - Type: ACT_GATHER_INFO |
| 2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-1c1a318a0b.nasl - Type: ACT_GATHER_INFO |
| 2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-23ca7a6798.nasl - Type: ACT_GATHER_INFO |
| 2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-2735a12b72.nasl - Type: ACT_GATHER_INFO |
| 2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-28f30efaf6.nasl - Type: ACT_GATHER_INFO |
| 2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-2c965abb15.nasl - Type: ACT_GATHER_INFO |
| 2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-319b9d0f68.nasl - Type: ACT_GATHER_INFO |
| 2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-327707371e.nasl - Type: ACT_GATHER_INFO |
| 2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-381ab64b59.nasl - Type: ACT_GATHER_INFO |
| 2019-01-03 | Name: The remote Fedora host is missing one or more security updates. File: fedora_2018-3857a8b41a.nasl - Type: ACT_GATHER_INFO |
| 2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-42eab0f5b9.nasl - Type: ACT_GATHER_INFO |
| 2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-4e660226e7.nasl - Type: ACT_GATHER_INFO |
| 2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-537c8312fc.nasl - Type: ACT_GATHER_INFO |
| 2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-56221eb24b.nasl - Type: ACT_GATHER_INFO |
