Summary
Detail | |||
---|---|---|---|
Vendor | Redhat | First view | 1996-07-16 |
Product | Enterprise Linux | Last view | 2021-02-11 |
Version | 3 | Type | |
Update | |||
Edition | |||
Language | |||
Sofware Edition | |||
Target Software | |||
Target Hardware | |||
Other |
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
Related : CVE
Date | Alert | Description | |
---|---|---|---|
7 | 2021-02-11 | CVE-2021-20188 | A flaw was found in podman before 1.7.0. File permissions for non-root users running in a privileged container are not correctly checked. This flaw can be abused by a low-privileged user inside the container to access any other file in the container, even if owned by the root user inside the container. It does not allow to directly escape the container, though being a privileged container means that a lot of security features are disabled when running the container. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. |
4.9 | 2021-01-26 | CVE-2020-35513 | A flaw incorrect umask during file or directory modification in the Linux kernel NFS (network file system) functionality was found in the way user create and delete object using NFSv4.2 or newer if both simultaneously accessing the NFS by the other process that is not using new NFSv4.2. A user with access to the NFS could use this flaw to starve the resources causing denial of service. |
5.5 | 2021-01-04 | CVE-2020-35507 | There's a flaw in bfd_pef_parse_function_stubs of bfd/pef.c in binutils in versions prior to 2.34 which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference. The greatest threat of this flaw is to application availability. |
9.8 | 2020-12-21 | CVE-2020-27846 | A signature verification vulnerability exists in crewjam/saml. This flaw allows an attacker to bypass SAML Authentication. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. |
6.7 | 2020-12-15 | CVE-2020-27777 | A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication. On a locked down (usually due to Secure Boot) guest system running on top of PowerVM or KVM hypervisors (pseries platform) a root like local user could use this flaw to further increase their privileges to that of a running kernel. |
7.8 | 2020-12-15 | CVE-2020-25712 | A flaw was found in xorg-x11-server before 1.20.10. A heap-buffer overflow in XkbSetDeviceInfo may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. |
5.7 | 2020-12-11 | CVE-2020-27825 | A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux kernel (before 5.10-rc1). There was a race problem in trace_open and resize of cpu buffer running parallely on different cpus, may cause a denial of service problem (DOS). This flaw could even allow a local attacker with special user privilege to a kernel information leak threat. |
7.8 | 2020-12-11 | CVE-2020-27786 | A flaw was found in the Linux kernels implementation of MIDI, where an attacker with a local account and the permissions to issue an ioctl commands to midi devices, could trigger a use-after-free. A write to this specific memory while freed and before use could cause the flow of execution to change and possibly allow for memory corruption or privilege escalation. |
7.5 | 2020-12-08 | CVE-2020-25692 | A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. An unauthenticated attacker could remotely crash the slapd process by sending a specially crafted request, causing a Denial of Service. |
7.5 | 2020-12-06 | CVE-2020-29573 | sysdeps/i386/ldbl2mpn.c in the GNU C Library (aka glibc or libc6) before 2.23 on x86 targets has a stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern, as seen when passing a \x00\x04\x00\x00\x00\x00\x00\x00\x00\x04 value to sprintf. NOTE: the issue does not affect glibc by default in 2016 or later (i.e., 2.23 or later) because of commits made in 2015 for inlining of C99 math functions through use of GCC built-ins. In other words, the reference to 2.23 is intentional despite the mention of "Fixed for glibc 2.33" in the 26649 reference. |
3.3 | 2020-12-04 | CVE-2020-27776 | A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned long. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0. |
3.3 | 2020-12-04 | CVE-2020-27775 | A flaw was found in ImageMagick in MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned char. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0. |
3.3 | 2020-12-04 | CVE-2020-27774 | A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of a too large shift for 64-bit type `ssize_t`. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0. |
3.3 | 2020-12-04 | CVE-2020-27773 | A flaw was found in ImageMagick in MagickCore/gem-private.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned char` or division by zero. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0. |
3.3 | 2020-12-04 | CVE-2020-27772 | A flaw was found in ImageMagick in coders/bmp.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned int`. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0. |
3.3 | 2020-12-04 | CVE-2020-27771 | In RestoreMSCWarning() of /coders/pdf.c there are several areas where calls to GetPixelIndex() could result in values outside the range of representable for the unsigned char type. The patch casts the return value of GetPixelIndex() to ssize_t type to avoid this bug. This undefined behavior could be triggered when ImageMagick processes a crafted pdf file. Red Hat Product Security marked this as Low severity because although it could potentially lead to an impact to application availability, no specific impact was demonstrated in this case. This flaw affects ImageMagick versions prior to 7.0.9-0. |
3.3 | 2020-12-04 | CVE-2020-27767 | A flaw was found in ImageMagick in MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of types `float` and `unsigned char`. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0. |
3.3 | 2020-12-04 | CVE-2020-27765 | A flaw was found in ImageMagick in MagickCore/segment.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0. |
6.1 | 2020-12-03 | CVE-2020-27783 | A XSS vulnerability was discovered in python-lxml's clean module. The module's parser didn't properly imitate browsers, which caused different behaviors between the sanitizer and the user's page. A remote attacker could exploit this flaw to run arbitrary HTML/JS code. |
7.5 | 2020-12-03 | CVE-2020-27778 | A flaw was found in Poppler in the way certain PDF files were converted into HTML. A remote attacker could exploit this flaw by providing a malicious PDF file that, when processed by the 'pdftohtml' program, would crash the application causing a denial of service. |
7.8 | 2020-12-03 | CVE-2020-14351 | A flaw was found in the Linux kernel. A use-after-free memory flaw was found in the perf subsystem allowing a local attacker with permission to monitor perf events to corrupt memory and possibly escalate privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. |
8.8 | 2020-12-03 | CVE-2020-14339 | A flaw was found in libvirt, where it leaked a file descriptor for `/dev/mapper/control` into the QEMU process. This file descriptor allows for privileged operations to happen against the device-mapper on the host. This flaw allows a malicious guest user or process to perform operations outside of their standard permissions, potentially causing serious damage to the host operating system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. |
4.3 | 2020-12-03 | CVE-2020-14318 | A flaw was found in the way samba handled file and directory permissions. An authenticated user could use this flaw to gain access to certain file and directory information which otherwise would be unavailable to the attacker. |
4.1 | 2020-12-02 | CVE-2020-25656 | A flaw was found in the Linux kernel. A use-after-free was found in the way the console subsystem was using ioctls KDGKBSENT and KDSKBSENT. A local user could use this flaw to get read memory access out of bounds. The highest threat from this vulnerability is to data confidentiality. |
6.5 | 2020-12-02 | CVE-2020-14383 | A flaw was found in samba's DNS server. An authenticated user could use this flaw to the RPC server to crash. This RPC server, which also serves protocols other than dnsserver, will be restarted after a short delay, but it is easy for an authenticated non administrative attacker to crash it again as soon as it returns. The Samba DNS server itself will continue to operate, but many RPC services will not. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
9% (60) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
8% (54) | CWE-20 | Improper Input Validation |
7% (49) | CWE-416 | Use After Free |
7% (47) | CWE-200 | Information Exposure |
6% (40) | CWE-787 | Out-of-bounds Write |
5% (38) | CWE-125 | Out-of-bounds Read |
4% (32) | CWE-264 | Permissions, Privileges, and Access Controls |
4% (30) | CWE-190 | Integer Overflow or Wraparound |
3% (23) | CWE-399 | Resource Management Errors |
3% (22) | CWE-476 | NULL Pointer Dereference |
3% (22) | CWE-362 | Race Condition |
2% (19) | CWE-189 | Numeric Errors |
2% (17) | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path ... |
2% (15) | CWE-59 | Improper Link Resolution Before File Access ('Link Following') |
2% (13) | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
1% (11) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
1% (9) | CWE-401 | Failure to Release Memory Before Removing Last Reference ('Memory L... |
1% (8) | CWE-295 | Certificate Issues |
1% (8) | CWE-287 | Improper Authentication |
1% (7) | CWE-732 | Incorrect Permission Assignment for Critical Resource |
1% (7) | CWE-269 | Improper Privilege Management |
1% (7) | CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflo... |
0% (6) | CWE-254 | Security Features |
0% (5) | CWE-310 | Cryptographic Issues |
0% (5) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
CAPEC : Common Attack Pattern Enumeration & Classification
id | Name |
---|---|
CAPEC-6 | Argument Injection |
CAPEC-15 | Command Delimiters |
CAPEC-79 | Using Slashes in Alternate Encoding |
Oval Markup Language : Definitions
OvalID | Name |
---|---|
oval:org.mitre.oval:def:10888 | cpio on FreeBSD 2.1.0, Debian GNU/Linux 3.0, and possibly other operating sys... |
oval:org.mitre.oval:def:1160 | Safe.PM Unsafe Code Execution Vulnerability |
oval:org.mitre.oval:def:10736 | The Internet Group Management Protocol (IGMP) allows local users to cause a d... |
oval:org.mitre.oval:def:664 | Code Execution Vulnerability in XPDF PDF Viewer |
oval:org.mitre.oval:def:113 | X Display Manager Control Protocol Denial of Service |
oval:org.mitre.oval:def:129 | GDM X Display Manager Authorization Vulnerability |
oval:org.mitre.oval:def:387 | C-Media Sound Driver Userspace Access Vulnerability II |
oval:org.mitre.oval:def:11337 | The getifaddrs function in GNU libc (glibc) 2.2.4 and earlier allows local us... |
oval:org.mitre.oval:def:9707 | Various routines for the ppc64 architecture on Linux kernel 2.6 prior to 2.6.... |
oval:org.mitre.oval:def:9779 | The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to... |
oval:org.mitre.oval:def:975 | Red Hat OpenSSL do_change_cipher_spec Function Denial of Service |
oval:org.mitre.oval:def:870 | Red Hat Enterprise 3 OpenSSL do_change_cipher_spec Function Denial of Service |
oval:org.mitre.oval:def:5770 | Multiple Vendor OpenSSL 0.9.6x, 0.9.7x Null-Pointer DoS Vulnerability |
oval:org.mitre.oval:def:2621 | OpenSSL Denial of Service Vulnerabilities |
oval:org.mitre.oval:def:902 | Red Hat OpenSSL Improper Unknown Message Handling Vulnerability |
oval:org.mitre.oval:def:871 | Red Hat Enterprise 3 OpenSSL Improper Unknown Message Handling Vulnerability |
oval:org.mitre.oval:def:11755 | OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, w... |
oval:org.mitre.oval:def:846 | Red Hat gdk-pixbuf Denial of Service |
oval:org.mitre.oval:def:845 | Red Hat Enterprise 3 gdk-pixbuf Denial of Service |
oval:org.mitre.oval:def:10574 | gdk-pixbuf before 0.20 allows attackers to cause a denial of service (crash) ... |
oval:org.mitre.oval:def:9580 | The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when usin... |
oval:org.mitre.oval:def:928 | Red Hat Enterprise 3 OpenSSL Kerberos Handshake Vulnerability |
oval:org.mitre.oval:def:1049 | Red Hat OpenSSL Kerberos Handshake Vulnerability |
oval:org.mitre.oval:def:971 | libpng Malformed PNG Image Vulnerability |
oval:org.mitre.oval:def:11710 | The Portable Network Graphics library (libpng) 1.0.15 and earlier allows atta... |
SAINT Exploits
Description | Link |
---|---|
Linux Dirty COW Local File Overwrite | More info here |
Red Hat DHCP client NetworkManager integration script command injection | More info here |
libssh authentication bypass | More info here |
Open Source Vulnerability Database (OSVDB)
id | Description |
---|---|
78302 | Linux Kernel m_stop() Implementation Local DoS |
77684 | Linux Kernel OMAP4 Bridge Networking Interface Network Packet Parsing Remote DoS |
77571 | Linux Kernel be2net VLAN Packet Parsing Remote DoS |
77558 | virt-v2v Guest Conversion VNC Password Local Authentication Bypass |
77485 | Linux Kernel /mm/oom_kill.c Local Overflow |
77294 | Linux Kernel VLAN 0 Frame Priority Tag Parsing Remote DoS |
76805 | Linux Kernel net/core/net_namespace.c Network Namespace Cleanup Weakness Remo... |
76058 | Samba mtab Lock File Handling Local DoS |
75716 | Linux Kernel Sequence Number Generation Weakness Remote Packet Injection |
75714 | Linux Kernel AuerswaldPBX/System Telephone USB Driver Privilege Escalation |
75580 | Linux Kernel CIFS Share Mounting DIFS Referral BUG_ON() Remote DoS |
75279 | Qemu hw/scsi-disk.c scsi_disk_emulate_command() Function Command Parsing Loca... |
74910 | Linux Kernel fs/cifs/cifssmb.c CIFSFindNext() Function Signedness Error CIFS ... |
74678 | Linux Kernel IPv6 Fragment Identification Prediction Weakness |
74658 | Linux Kernel trigger_scan / sched_scan SSID Length Handling Bypass |
74657 | Linux Kernel Packet Scheduler API Implementation tc_fill_qdisc() Function NUL... |
74655 | Linux Kernel napi_reuse_skb() Function Crafted VLAN Packet Handling Remote DoS |
74646 | ConsoleKit VNC Session is-local Property Handling Remote Privilege Escalation |
74150 | Drupal Comment Attachment Access Restriction Bypass |
73748 | udisks mount(8) Command Arbitrary Kernel Module Loading |
73493 | libpng pngerror.c png_format_buffer() Off-by-one PNG Image Handling Remote DoS |
73045 | Linux Kernel drivers/char/agp/generic.c agp_generic_remove_memory Function AG... |
73043 | Linux Kernel drivers/char/agp/generic.c Multiple Function Memory Page Call Lo... |
73042 | Linux Kernel drivers/char/agp/generic.c agp_generic_insert_memory Function AG... |
72541 | Red Hat policycoreutils seunshare sandbox/seunshare.c seunshare_mount Functio... |
ExploitDB Exploits
id | Description |
---|---|
33894 | Python CGIHTTPServer Encoded Path Traversal |
33516 | Linux kernel 3.14-rc1 <= 3.15-rc4 - Raw Mode PTY Local Echo Race Condition... |
27778 | Samba nttrans Reply - Integer Overflow Vulnerability |
24259 | Ethereal 0.x Multiple Unspecified iSNS, SMB and SNMP Protocol Dissector Vulne... |
22406 | Konqueror 4.7.3 Memory Corruption |
5167 | X.Org xorg-x11-xfs <= 1.0.2-3.1 - Local Race Condition Exploit |
4601 | Ubuntu 6.06 DHCPd bug Remote Denial of Service Exploit |
718 | Linux Kernel 2.6.x chown() Group Ownership Alteration Exploit |
374 | SoX Local Buffer Overflow Exploiter (Via Crafted WAV File) |
OpenVAS Exploits
id | Description |
---|---|
2014-10-16 | Name : POODLE SSLv3 Protocol CBC ciphers Information Disclosure Vulnerability File : nvt/gb_poodel_sslv3_info_disc_vuln.nasl |
2013-09-18 | Name : Debian Security Advisory DSA 2439-1 (libpng - buffer overflow) File : nvt/deb_2439_1.nasl |
2013-09-18 | Name : Debian Security Advisory DSA 2443-1 (linux-2.6 - privilege escalation/denial ... File : nvt/deb_2443_1.nasl |
2013-09-18 | Name : Debian Security Advisory DSA 2581-1 (mysql-5.1 - several vulnerabilities) File : nvt/deb_2581_1.nasl |
2012-12-28 | Name : Wireshark Multiple Vulnerabilities-01 Dec 2012 (Mac OS X) File : nvt/gb_wireshark_mult_vuln01_dec12_macosx.nasl |
2012-12-27 | Name : VMSA-2012-0018: VMware security updates for vCSA and ESXi File : nvt/gb_VMSA-2012-0018.nasl |
2012-12-24 | Name : LibreOffice Graphic Object Loading Buffer Overflow Vulnerability (Mac OS X) File : nvt/gb_libreoffice_graphic_object_bof_vuln_macosx.nasl |
2012-12-24 | Name : LibreOffice Graphic Object Loading Buffer Overflow Vulnerability (Windows) File : nvt/gb_libreoffice_graphic_object_bof_vuln_win.nasl |
2012-12-24 | Name : OpenOffice Multiple Buffer Overflow Vulnerabilities - Dec12 (Windows) File : nvt/gb_openoffice_mult_bof_vuln_dec12_win.nasl |
2012-12-18 | Name : Fedora Update for kernel FEDORA-2012-20240 File : nvt/gb_fedora_2012_20240_kernel_fc16.nasl |
2012-12-18 | Name : Ubuntu Update for glibc USN-1589-2 File : nvt/gb_ubuntu_USN_1589_2.nasl |
2012-12-13 | Name : SuSE Update for update openSUSE-SU-2012:0466-1 (update) File : nvt/gb_suse_2012_0466_1.nasl |
2012-11-29 | Name : Fedora Update for kernel FEDORA-2012-18691 File : nvt/gb_fedora_2012_18691_kernel_fc16.nasl |
2012-11-26 | Name : Oracle MySQL Server Multiple Vulnerabilities-02 Nov12 (Windows) File : nvt/gb_oracle_mysql_multiple_vuln02_nov12_win.nasl |
2012-11-26 | Name : Oracle MySQL Server Multiple Vulnerabilities-03 Nov12 (Windows) File : nvt/gb_oracle_mysql_multiple_vuln03_nov12_win.nasl |
2012-11-15 | Name : CentOS Update for mysql CESA-2012:1462 centos6 File : nvt/gb_CESA-2012_1462_mysql_centos6.nasl |
2012-11-15 | Name : RedHat Update for mysql RHSA-2012:1462-01 File : nvt/gb_RHSA-2012_1462-01_mysql.nasl |
2012-11-09 | Name : CentOS Update for kernel CESA-2012:1426 centos6 File : nvt/gb_CESA-2012_1426_kernel_centos6.nasl |
2012-11-09 | Name : RedHat Update for kernel RHSA-2012:1426-01 File : nvt/gb_RHSA-2012_1426-01_kernel.nasl |
2012-11-06 | Name : Fedora Update for kernel FEDORA-2012-17479 File : nvt/gb_fedora_2012_17479_kernel_fc16.nasl |
2012-11-06 | Name : Ubuntu Update for mysql-5.5 USN-1621-1 File : nvt/gb_ubuntu_USN_1621_1.nasl |
2012-11-02 | Name : CentOS Update for kdelibs CESA-2012:1416 centos6 File : nvt/gb_CESA-2012_1416_kdelibs_centos6.nasl |
2012-11-02 | Name : CentOS Update for kdelibs CESA-2012:1418 centos6 File : nvt/gb_CESA-2012_1418_kdelibs_centos6.nasl |
2012-11-02 | Name : RedHat Update for kdelibs RHSA-2012:1416-01 File : nvt/gb_RHSA-2012_1416-01_kdelibs.nasl |
2012-11-02 | Name : RedHat Update for kdelibs RHSA-2012:1418-01 File : nvt/gb_RHSA-2012_1418-01_kdelibs.nasl |
Information Assurance Vulnerability Management (IAVM)
id | Description |
---|---|
2015-A-0199 | Multiple Vulnerabilities in Apple Mac OS X Severity: Category I - VMSKEY: V0061337 |
2015-A-0155 | Multiple Vulnerabilities in Oracle MySQL Product Suite Severity: Category I - VMSKEY: V0061083 |
2015-A-0154 | Multiple Vulnerabilities in Oracle Fusion Middleware Severity: Category I - VMSKEY: V0061081 |
2015-B-0083 | Multiple Vulnerabilities in IBM Storwize V7000 Unified Severity: Category I - VMSKEY: V0060983 |
2015-A-0115 | QEMU Virtual Floppy Drive Controller (FDC) Buffer Overflow Vulnerability Severity: Category II - VMSKEY: V0060741 |
2015-A-0113 | Multiple Vulnerabilities in Juniper Networks CTPOS Severity: Category I - VMSKEY: V0060737 |
2015-A-0112 | Oracle Linux & Virtualization Buffer Overflow Vulnerability Severity: Category I - VMSKEY: V0060735 |
2015-A-0042 | Samba Remote Code Execution Vulnerability Severity: Category I - VMSKEY: V0058919 |
2015-A-0038 | Multiple Vulnerabilities in GNU C Library (glibc) Severity: Category I - VMSKEY: V0058753 |
2015-B-0012 | Multiple Vulnerabilities in VMware ESXi 5.0 Severity: Category I - VMSKEY: V0058517 |
2015-B-0013 | Multiple Vulnerabilities in VMware ESXi 5.1 Severity: Category I - VMSKEY: V0058515 |
2015-B-0014 | Multiple Vulnerabilities in VMware ESXi 5.5 Severity: Category I - VMSKEY: V0058513 |
2014-A-0172 | Multiple Vulnerabilities in Red Hat JBoss Enterprise Application Platform Severity: Category I - VMSKEY: V0057381 |
2014-B-0105 | Samba Remote Code Execution Severity: Category I - VMSKEY: V0053637 |
2014-B-0103 | Multiple Vulnerabilities in VMware Horizon View Client Severity: Category I - VMSKEY: V0053509 |
2014-B-0102 | Multiple Vulnerabilities in VMware vCenter Converter Standalone 5.5 Severity: Category I - VMSKEY: V0053507 |
2014-B-0101 | Multiple Vulnerabilities in VMware vCenter Converter Standalone 5.1 Severity: Category I - VMSKEY: V0053505 |
2014-A-0115 | Multiple Vulnerabilities in VMware Horizon View Severity: Category I - VMSKEY: V0053501 |
2014-B-0097 | Multiple Vulnerabilities in VMware ESXi 5.0 Severity: Category I - VMSKEY: V0053319 |
2014-A-0099 | Multiple Vulnerabilities in McAfee Email Gateway Severity: Category I - VMSKEY: V0053203 |
2014-A-0100 | Multiple Vulnerabilities in McAfee VirusScan Enterprise for Linux Severity: Category I - VMSKEY: V0053201 |
2014-A-0103 | Multiple Vulnerabilities in Oracle E-Business Severity: Category I - VMSKEY: V0053195 |
2014-A-0105 | Multiple Vulnerabilities in Oracle Java Severity: Category I - VMSKEY: V0053191 |
2014-A-0109 | Multiple Vulnerabilities in VMware Fusion Severity: Category I - VMSKEY: V0053183 |
2014-A-0110 | Multiple Vulnerabilities in VMware Player Severity: Category I - VMSKEY: V0053181 |
Snort® IPS/IDS
Date | Description |
---|---|
2020-02-25 | OpenSSL anonymous ECDH denial of service attempt RuleID : 52626 - Type : SERVER-OTHER - Revision : 1 |
2020-02-25 | OpenSSL anonymous ECDH denial of service attempt RuleID : 52625 - Type : SERVER-OTHER - Revision : 1 |
2020-01-21 | OpenSSL SSL ChangeCipherSpec man-in-the-middle attempt RuleID : 52487 - Type : SERVER-OTHER - Revision : 1 |
2020-01-14 | MySQL/MariaDB Server geometry query envelope object integer overflow attempt RuleID : 52423 - Type : SERVER-MYSQL - Revision : 1 |
2019-12-10 | Libmspack cabd_sys_read_block off-by-one heap overflow attempt RuleID : 52133 - Type : FILE-OTHER - Revision : 2 |
2019-12-10 | Libmspack cabd_sys_read_block off-by-one heap overflow attempt RuleID : 52132 - Type : FILE-OTHER - Revision : 2 |
2019-12-03 | PostgreSQL SCRAM authentication stack buffer overflow attempt RuleID : 52039 - Type : SERVER-OTHER - Revision : 1 |
2019-12-03 | PostgreSQL SCRAM authentication stack buffer overflow attempt RuleID : 52038 - Type : SERVER-OTHER - Revision : 1 |
2019-10-25 | Red Hat NetworkManager DHCP client command injection attempt RuleID : 52022-community - Type : OS-LINUX - Revision : 1 |
2019-11-26 | Red Hat NetworkManager DHCP client command injection attempt RuleID : 52022 - Type : OS-LINUX - Revision : 1 |
2019-11-03 | HAProxy H2 Frame heap memory corruption attempt RuleID : 51725 - Type : SERVER-WEBAPP - Revision : 1 |
2019-09-26 | Google Android Kernel local denial of service attempt RuleID : 51291 - Type : OS-MOBILE - Revision : 1 |
2019-09-26 | Google Android Kernel local denial of service attempt RuleID : 51290 - Type : OS-MOBILE - Revision : 1 |
2019-09-10 | nfs-utils TCP connection termination denial-of-service attempt RuleID : 50913 - Type : SERVER-OTHER - Revision : 1 |
2019-08-31 | Postfix IPv6 Relaying Security Issue RuleID : 50859 - Type : SERVER-MAIL - Revision : 1 |
2019-03-19 | Multiple products runc arbitrary code execution attempt RuleID : 49195 - Type : SERVER-OTHER - Revision : 2 |
2018-05-30 | Red Hat NetworkManager DHCP client command injection attempt RuleID : 46847-community - Type : OS-LINUX - Revision : 1 |
2018-07-03 | Red Hat NetworkManager DHCP client command injection attempt RuleID : 46847 - Type : OS-LINUX - Revision : 1 |
2018-02-20 | Mozilla Firefox HTTP index format out of bounds read attempt RuleID : 45476 - Type : BROWSER-FIREFOX - Revision : 2 |
2018-01-17 | Mozilla Firefox buffer overflow attempt RuleID : 45172 - Type : BROWSER-FIREFOX - Revision : 1 |
2018-01-17 | Mozilla Firefox buffer overflow attempt RuleID : 45171 - Type : BROWSER-FIREFOX - Revision : 1 |
2017-12-19 | ISC BIND 9 DNS rdata length handling remote denial of service attempt RuleID : 44879 - Type : SERVER-OTHER - Revision : 1 |
2017-11-30 | MySQL/MariaDB Server geometry query integer overflow attempt RuleID : 44674 - Type : SERVER-MYSQL - Revision : 2 |
2017-10-24 | PHP form-based file upload DoS attempt RuleID : 44390 - Type : SERVER-WEBAPP - Revision : 2 |
2017-08-29 | Sun Solaris dhcpd malformed bootp denial of service attempt RuleID : 43752 - Type : SERVER-OTHER - Revision : 2 |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2019-01-18 | Name: The remote Debian host is missing a security update. File: debian_DLA-1635.nasl - Type: ACT_GATHER_INFO |
2019-01-17 | Name: The remote Fedora host is missing one or more security updates. File: fedora_2019-509c133845.nasl - Type: ACT_GATHER_INFO |
2019-01-17 | Name: The remote Fedora host is missing one or more security updates. File: fedora_2019-f812c9fb22.nasl - Type: ACT_GATHER_INFO |
2019-01-16 | Name: The remote Fedora host is missing a security update. File: fedora_2019-f6ff819834.nasl - Type: ACT_GATHER_INFO |
2019-01-11 | Name: The remote Virtuozzo host is missing a security update. File: Virtuozzo_VZA-2018-089.nasl - Type: ACT_GATHER_INFO |
2019-01-10 | Name: The remote Amazon Linux 2 host is missing a security update. File: al2_ALAS-2019-1143.nasl - Type: ACT_GATHER_INFO |
2019-01-10 | Name: The remote device is affected by multiple vulnerabilities. File: juniper_space_jsa10917_183R1.nasl - Type: ACT_GATHER_INFO |
2019-01-10 | Name: The remote device is affected by multiple vulnerabilities. File: juniper_space_jsa10917_184R1.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-06090dff59.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-0b038c7047.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-0ddef94854.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-111044d435.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-1c1a318a0b.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-23ca7a6798.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-2735a12b72.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-28f30efaf6.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-2c965abb15.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-319b9d0f68.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-327707371e.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-381ab64b59.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing one or more security updates. File: fedora_2018-3857a8b41a.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-42eab0f5b9.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-4e660226e7.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-537c8312fc.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-56221eb24b.nasl - Type: ACT_GATHER_INFO |