This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Redhat First view 1996-07-16
Product Enterprise Linux Last view 2020-11-05
Version 3 Type
Update  
Edition  
Language  
Sofware Edition  
Target Software  
Target Hardware  
Other  

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name Affected CVE
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:* 440
cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:* 392
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:* 137
cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:* 100
cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:* 81
cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:* 70
cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:* 69
cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:* 68
cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:* 58
cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:* 52
cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:* 52
cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:* 49
cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:* 47
cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:* 42
cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:* 35
cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:* 35
cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:* 35
cpe:2.3:o:redhat:enterprise_linux:7.5:*:*:*:*:*:*:* 35
cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_servers:*:*:*:*:* 33
cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation:*:*:*:*:* 32
cpe:2.3:o:redhat:enterprise_linux:7.4:*:*:*:*:*:*:* 32
cpe:2.3:o:redhat:enterprise_linux:7.6:*:*:*:*:*:*:* 29
cpe:2.3:o:redhat:enterprise_linux:4.0:*:*:*:*:*:*:* 22
cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:* 11
cpe:2.3:o:redhat:enterprise_linux:3.0:*:*:*:*:*:*:* 10
cpe:2.3:o:redhat:enterprise_linux:5.0:*:server:*:*:*:*:* 10
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:advanced_virtualization:*:*:* 9
cpe:2.3:o:redhat:enterprise_linux:6.7:*:*:*:*:*:*:* 8
cpe:2.3:o:redhat:enterprise_linux:4:*:*:*:*:*:*:* 7
cpe:2.3:o:redhat:enterprise_linux:4.0:*:es:*:*:*:*:* 7
cpe:2.3:o:redhat:enterprise_linux:4.0:*:ws:*:*:*:*:* 7
cpe:2.3:o:redhat:enterprise_linux:4.0:*:as:*:*:*:*:* 7
cpe:2.3:o:redhat:enterprise_linux:5:*:server:*:*:*:*:* 6
cpe:2.3:o:redhat:enterprise_linux:7.2:*:*:*:*:*:*:* 6
cpe:2.3:o:redhat:enterprise_linux:5.0:*:desktop:*:*:*:*:* 5
cpe:2.3:o:redhat:enterprise_linux:4.0:*:linux_kernel_2.6.9:*:*:*:*:* 4
cpe:2.3:o:redhat:enterprise_linux:6.5:*:*:*:*:*:*:* 4
cpe:2.3:o:redhat:enterprise_linux:3:*:*:*:*:*:*:* 3
cpe:2.3:o:redhat:enterprise_linux:3.0:*:ws:*:*:*:*:* 3
cpe:2.3:o:redhat:enterprise_linux:3.0:*:es:*:*:*:*:* 3
cpe:2.3:o:redhat:enterprise_linux:3.0:*:as:*:*:*:*:* 3
cpe:2.3:o:redhat:enterprise_linux:5.0:*:desktop_workstation:*:*:*:*:* 3
cpe:2.3:o:redhat:enterprise_linux:2.1:*:*:*:*:*:*:* 3
cpe:2.3:o:redhat:enterprise_linux:5.0:*:client:*:*:*:*:* 3
cpe:2.3:o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:* 3
cpe:2.3:o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:* 3
cpe:2.3:o:redhat:enterprise_linux:ws_4:*:*:*:*:*:*:* 3
cpe:2.3:o:redhat:enterprise_linux:as_4:*:*:*:*:*:*:* 3
cpe:2.3:o:redhat:enterprise_linux:es_4:*:*:*:*:*:*:* 3
cpe:2.3:o:redhat:enterprise_linux:*:*:*:*:*:*:*:* 3

Related : CVE

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
6.5 2020-11-05 CVE-2020-25662

A Red Hat only CVE-2020-12352 regression issue was found in the way the Linux kernel's Bluetooth stack implementation handled the initialization of stack memory when handling certain AMP packets. This flaw allows a remote attacker in an adjacent range to leak small portions of stack memory on the system by sending specially crafted AMP packets. The highest threat from this vulnerability is to data confidentiality.

8.8 2020-11-05 CVE-2020-25661

A Red Hat only CVE-2020-12351 regression issue was found in the way the Linux kernel's Bluetooth implementation handled L2CAP packets with A2MP CID. This flaw allows a remote attacker in an adjacent range to crash the system, causing a denial of service or potentially executing arbitrary code on the system by sending a specially crafted L2CAP packet. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

7.5 2020-10-20 CVE-2020-25648

A flaw was found in the way NSS handled CCS (ChangeCipherSpec) messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, causing a denial of service for servers compiled with the NSS library. The highest threat from this vulnerability is to system availability. This flaw affects NSS versions before 3.58.

6.6 2020-10-07 CVE-2020-14355

Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system, before spice-0.14.2-1. Both the SPICE client (spice-gtk) and server are affected by these flaws. These flaws allow a malicious client or server to send specially crafted messages that, when processed by the QUIC image compression algorithm, result in a process crash or potential code execution.

3.2 2020-10-06 CVE-2020-25743

hw/ide/pci.c in QEMU before 5.1.1 can trigger a NULL pointer dereference because it lacks a pointer check before an ide_cancel_dma_sync call.

7.2 2020-10-06 CVE-2020-25643

A flaw was found in the HDLC_PPP module of the Linux kernel in versions before 5.9-rc7. Memory corruption and a read overflow is caused by improper input validation in the ppp_cp_parse_cr function which can cause the system to crash or cause a denial of service. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

5.5 2020-10-06 CVE-2020-25641

A flaw was found in the Linux kernel's implementation of biovecs in versions before 5.9-rc7. A zero-length biovec request issued by the block subsystem could cause the kernel to enter an infinite loop, causing a denial of service. This flaw allows a local attacker with basic privileges to issue requests to a block device, resulting in a denial of service. The highest threat from this vulnerability is to system availability.

6.7 2020-10-06 CVE-2020-25637

A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit access control driver. Specifically, clients connecting to the read-write socket with limited ACL permissions could use this flaw to crash the libvirt daemon, resulting in a denial of service, or potentially escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

6.5 2020-09-23 CVE-2020-14370

An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container will get leaked into subsequent containers. An attacker who has control over the subsequent containers could use this flaw to gain access to sensitive information stored in such variables.

7.8 2020-09-16 CVE-2020-14382

A vulnerability was found in upstream release cryptsetup-2.2.0 where, there's a bug in LUKS2 format validation code, that is effectively invoked on every device/image presenting itself as LUKS2 container. The bug is in segments validation code in file 'lib/luks2/luks2_json_metadata.c' in function hdr_validate_segments(struct crypt_device *cd, json_object *hdr_jobj) where the code does not check for possible overflow on memory allocation used for intervals array (see statement "intervals = malloc(first_backup * sizeof(*intervals));"). Due to the bug, library can be *tricked* to expect such allocation was successful but for far less memory then originally expected. Later it may read data FROM image crafted by an attacker and actually write such data BEYOND allocated memory.

6.6 2020-09-15 CVE-2020-14331

A flaw was found in the Linux kernel’s implementation of the invert video code on VGA consoles when a local attacker attempts to resize the console, calling an ioctl VT_RESIZE, which causes an out-of-bounds write to occur. This flaw allows a local user with access to the VGA console to crash the system, potentially escalating their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

6 2020-09-15 CVE-2020-10759

A PGP signature bypass flaw was found in fwupd (all versions), which could lead to the installation of unsigned firmware. As per upstream, a signature bypass is theoretically possible, but not practical because the Linux Vendor Firmware Service (LVFS) is either not implemented or enabled in versions of fwupd shipped with Red Hat Enterprise Linux 7 and 8. The highest threat from this vulnerability is to confidentiality and integrity.

7.3 2020-09-14 CVE-2020-0570

Uncontrolled search path in the QT Library before 5.14.0, 5.12.7 and 5.9.10 may allow an authenticated user to potentially enable elevation of privilege via local access.

7.5 2020-09-09 CVE-2020-1749

A flaw was found in the Linux kernel's implementation of some networking protocols in IPsec, such as VXLAN and GENEVE tunnels over IPv6. When an encrypted tunnel is created between two hosts, the kernel isn't correctly routing tunneled data over the encrypted link; rather sending the data unencrypted. This would allow anyone in between the two endpoints to read the traffic unencrypted. The main threat from this vulnerability is to data confidentiality.

5.5 2020-09-03 CVE-2020-14373

A use after free was found in igc_reloc_struct_ptr() of psi/igc.c of ghostscript-9.25. A local attacker could supply a specially crafted PDF file to cause a denial of service.

5 2020-08-31 CVE-2020-14364

An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice 'setup_len' exceeds its 'data_buf[4096]' in the do_token_in, do_token_out routines. This flaw allows a guest user to crash the QEMU process, resulting in a denial of service, or the potential execution of arbitrary code with the privileges of the QEMU process on the host.

7.8 2020-08-19 CVE-2020-14356

A flaw null pointer dereference in the Linux kernel cgroupv2 subsystem in versions before 5.7.10 was found in the way when reboot the system. A local user could use this flaw to crash the system or escalate their privileges on the system.

6 2020-07-31 CVE-2020-14311

There is an issue with grub2 before version 2.06 while handling symlink on ext filesystems. A filesystem containing a symbolic link with an inode size of UINT32_MAX causes an arithmetic overflow leading to a zero-sized memory allocation with subsequent heap-based buffer overflow.

6 2020-07-31 CVE-2020-14310

There is an issue on grub2 before version 2.06 at function read_section_as_string(). It expects a font name to be at max UINT32_MAX - 1 length in bytes but it doesn't verify it before proceed with buffer allocation to read the value from the font value. An attacker may leverage that by crafting a malicious font file which has a name with UINT32_MAX, leading to read_section_as_string() to an arithmetic overflow, zero-sized allocation and further heap-based buffer overflow.

6.4 2020-07-29 CVE-2020-15707

Integer overflows were discovered in the functions grub_cmd_initrd and grub_initrd_init in the efilinux component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu (the functionality is not included in GRUB2 upstream), leading to a heap-based buffer overflow. These could be triggered by an extremely large number of arguments to the initrd command on 32-bit architectures, or a crafted filesystem with very large files on any architecture. An attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. This issue affects GRUB2 version 2.04 and prior versions.

6.4 2020-07-29 CVE-2020-15706

GRUB2 contains a race condition in grub_script_function_create() leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing, leading to arbitrary code execution and secure boot restriction bypass. This issue affects GRUB2 version 2.04 and prior versions.

6.4 2020-07-29 CVE-2020-15705

GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. This only affects systems where the kernel signing certificate has been imported directly into the secure boot database and the GRUB image is booted directly without the use of shim. This issue affects GRUB2 version 2.04 and prior versions.

4.2 2020-07-14 CVE-2020-15719

libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third-party package is asserting RFC6125 support. It considers CN even when there is a non-matching subjectAltName (SAN). This is fixed in, for example, openldap-2.4.46-10.el8 in Red Hat Enterprise Linux.

5.5 2020-07-13 CVE-2019-19338

A flaw was found in the fix for CVE-2019-11135, in the Linux upstream kernel versions before 5.5 where, the way Intel CPUs handle speculative execution of instructions when a TSX Asynchronous Abort (TAA) error occurs. When a guest is running on a host CPU affected by the TAA flaw (TAA_NO=0), but is not affected by the MDS issue (MDS_NO=1), the guest was to clear the affected buffers by using a VERW instruction mechanism. But when the MDS_NO=1 bit was exported to the guests, the guests did not use the VERW mechanism to clear the affected buffers. This issue affects guests running on Cascade Lake CPUs and requires that host has 'TSX' enabled. Confidentiality of data is the highest threat associated with this vulnerability.

6.5 2020-07-09 CVE-2020-10756

An out-of-bounds read vulnerability was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in the icmp6_send_echoreply() routine while replying to an ICMP echo request, also known as ping. This flaw allows a malicious guest to leak the contents of the host memory, resulting in possible information disclosure. This flaw affects versions of libslirp before 4.3.1.

CWE : Common Weakness Enumeration

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
%idName
9% (60) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
8% (54) CWE-20 Improper Input Validation
7% (48) CWE-200 Information Exposure
7% (46) CWE-416 Use After Free
6% (39) CWE-787 Out-of-bounds Write
5% (37) CWE-125 Out-of-bounds Read
5% (33) CWE-264 Permissions, Privileges, and Access Controls
3% (24) CWE-190 Integer Overflow or Wraparound
3% (23) CWE-399 Resource Management Errors
3% (21) CWE-362 Race Condition
3% (20) CWE-476 NULL Pointer Dereference
3% (19) CWE-189 Numeric Errors
2% (17) CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path ...
2% (15) CWE-59 Improper Link Resolution Before File Access ('Link Following')
2% (13) CWE-400 Uncontrolled Resource Consumption ('Resource Exhaustion')
1% (10) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
1% (9) CWE-401 Failure to Release Memory Before Removing Last Reference ('Memory L...
1% (8) CWE-295 Certificate Issues
1% (8) CWE-287 Improper Authentication
1% (7) CWE-732 Incorrect Permission Assignment for Critical Resource
1% (7) CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflo...
0% (6) CWE-269 Improper Privilege Management
0% (6) CWE-254 Security Features
0% (5) CWE-310 Cryptographic Issues
0% (5) CWE-94 Failure to Control Generation of Code ('Code Injection')

CAPEC : Common Attack Pattern Enumeration & Classification

id Name
CAPEC-6 Argument Injection
CAPEC-15 Command Delimiters
CAPEC-79 Using Slashes in Alternate Encoding

Oval Markup Language : Definitions

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalID Name
oval:org.mitre.oval:def:10888 cpio on FreeBSD 2.1.0, Debian GNU/Linux 3.0, and possibly other operating sys...
oval:org.mitre.oval:def:1160 Safe.PM Unsafe Code Execution Vulnerability
oval:org.mitre.oval:def:10736 The Internet Group Management Protocol (IGMP) allows local users to cause a d...
oval:org.mitre.oval:def:664 Code Execution Vulnerability in XPDF PDF Viewer
oval:org.mitre.oval:def:113 X Display Manager Control Protocol Denial of Service
oval:org.mitre.oval:def:129 GDM X Display Manager Authorization Vulnerability
oval:org.mitre.oval:def:387 C-Media Sound Driver Userspace Access Vulnerability II
oval:org.mitre.oval:def:11337 The getifaddrs function in GNU libc (glibc) 2.2.4 and earlier allows local us...
oval:org.mitre.oval:def:9707 Various routines for the ppc64 architecture on Linux kernel 2.6 prior to 2.6....
oval:org.mitre.oval:def:9779 The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to...
oval:org.mitre.oval:def:975 Red Hat OpenSSL do_change_cipher_spec Function Denial of Service
oval:org.mitre.oval:def:870 Red Hat Enterprise 3 OpenSSL do_change_cipher_spec Function Denial of Service
oval:org.mitre.oval:def:5770 Multiple Vendor OpenSSL 0.9.6x, 0.9.7x Null-Pointer DoS Vulnerability
oval:org.mitre.oval:def:2621 OpenSSL Denial of Service Vulnerabilities
oval:org.mitre.oval:def:902 Red Hat OpenSSL Improper Unknown Message Handling Vulnerability
oval:org.mitre.oval:def:871 Red Hat Enterprise 3 OpenSSL Improper Unknown Message Handling Vulnerability
oval:org.mitre.oval:def:11755 OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, w...
oval:org.mitre.oval:def:846 Red Hat gdk-pixbuf Denial of Service
oval:org.mitre.oval:def:845 Red Hat Enterprise 3 gdk-pixbuf Denial of Service
oval:org.mitre.oval:def:10574 gdk-pixbuf before 0.20 allows attackers to cause a denial of service (crash) ...
oval:org.mitre.oval:def:9580 The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when usin...
oval:org.mitre.oval:def:928 Red Hat Enterprise 3 OpenSSL Kerberos Handshake Vulnerability
oval:org.mitre.oval:def:1049 Red Hat OpenSSL Kerberos Handshake Vulnerability
oval:org.mitre.oval:def:971 libpng Malformed PNG Image Vulnerability
oval:org.mitre.oval:def:11710 The Portable Network Graphics library (libpng) 1.0.15 and earlier allows atta...

SAINT Exploits

Description Link
Linux kernel futex_requeue privilege elevation More info here
Linux Dirty COW Local File Overwrite More info here
Red Hat DHCP client NetworkManager integration script command injection More info here
libssh authentication bypass More info here

Open Source Vulnerability Database (OSVDB)

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
78302 Linux Kernel m_stop() Implementation Local DoS
77684 Linux Kernel OMAP4 Bridge Networking Interface Network Packet Parsing Remote DoS
77571 Linux Kernel be2net VLAN Packet Parsing Remote DoS
77558 virt-v2v Guest Conversion VNC Password Local Authentication Bypass
77485 Linux Kernel /mm/oom_kill.c Local Overflow
77294 Linux Kernel VLAN 0 Frame Priority Tag Parsing Remote DoS
76805 Linux Kernel net/core/net_namespace.c Network Namespace Cleanup Weakness Remo...
76058 Samba mtab Lock File Handling Local DoS
75716 Linux Kernel Sequence Number Generation Weakness Remote Packet Injection
75714 Linux Kernel AuerswaldPBX/System Telephone USB Driver Privilege Escalation
75580 Linux Kernel CIFS Share Mounting DIFS Referral BUG_ON() Remote DoS
75279 Qemu hw/scsi-disk.c scsi_disk_emulate_command() Function Command Parsing Loca...
75241 Linux Kernel SAHF Instruction Emulation Remote DoS
74910 Linux Kernel fs/cifs/cifssmb.c CIFSFindNext() Function Signedness Error CIFS ...
74678 Linux Kernel IPv6 Fragment Identification Prediction Weakness
74658 Linux Kernel trigger_scan / sched_scan SSID Length Handling Bypass
74657 Linux Kernel Packet Scheduler API Implementation tc_fill_qdisc() Function NUL...
74655 Linux Kernel napi_reuse_skb() Function Crafted VLAN Packet Handling Remote DoS
74646 ConsoleKit VNC Session is-local Property Handling Remote Privilege Escalation
74150 Drupal Comment Attachment Access Restriction Bypass
73748 udisks mount(8) Command Arbitrary Kernel Module Loading
73493 libpng pngerror.c png_format_buffer() Off-by-one PNG Image Handling Remote DoS
73045 Linux Kernel drivers/char/agp/generic.c agp_generic_remove_memory Function AG...
73043 Linux Kernel drivers/char/agp/generic.c Multiple Function Memory Page Call Lo...
73042 Linux Kernel drivers/char/agp/generic.c agp_generic_insert_memory Function AG...

ExploitDB Exploits

id Description
35370 Linux Kernel libfutex Local Root for RHEL/CentOS 7.0.1406
33894 Python CGIHTTPServer Encoded Path Traversal
33516 Linux kernel 3.14-rc1 <= 3.15-rc4 - Raw Mode PTY Local Echo Race Condition...
27778 Samba nttrans Reply - Integer Overflow Vulnerability
24259 Ethereal 0.x Multiple Unspecified iSNS, SMB and SNMP Protocol Dissector Vulne...
22406 Konqueror 4.7.3 Memory Corruption
5167 X.Org xorg-x11-xfs <= 1.0.2-3.1 - Local Race Condition Exploit
4601 Ubuntu 6.06 DHCPd bug Remote Denial of Service Exploit
718 Linux Kernel 2.6.x chown() Group Ownership Alteration Exploit
374 SoX Local Buffer Overflow Exploiter (Via Crafted WAV File)

OpenVAS Exploits

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2014-10-16 Name : POODLE SSLv3 Protocol CBC ciphers Information Disclosure Vulnerability
File : nvt/gb_poodel_sslv3_info_disc_vuln.nasl
2013-09-18 Name : Debian Security Advisory DSA 2439-1 (libpng - buffer overflow)
File : nvt/deb_2439_1.nasl
2013-09-18 Name : Debian Security Advisory DSA 2443-1 (linux-2.6 - privilege escalation/denial ...
File : nvt/deb_2443_1.nasl
2013-09-18 Name : Debian Security Advisory DSA 2581-1 (mysql-5.1 - several vulnerabilities)
File : nvt/deb_2581_1.nasl
2012-12-28 Name : Wireshark Multiple Vulnerabilities-01 Dec 2012 (Mac OS X)
File : nvt/gb_wireshark_mult_vuln01_dec12_macosx.nasl
2012-12-27 Name : VMSA-2012-0018: VMware security updates for vCSA and ESXi
File : nvt/gb_VMSA-2012-0018.nasl
2012-12-24 Name : LibreOffice Graphic Object Loading Buffer Overflow Vulnerability (Mac OS X)
File : nvt/gb_libreoffice_graphic_object_bof_vuln_macosx.nasl
2012-12-24 Name : LibreOffice Graphic Object Loading Buffer Overflow Vulnerability (Windows)
File : nvt/gb_libreoffice_graphic_object_bof_vuln_win.nasl
2012-12-24 Name : OpenOffice Multiple Buffer Overflow Vulnerabilities - Dec12 (Windows)
File : nvt/gb_openoffice_mult_bof_vuln_dec12_win.nasl
2012-12-18 Name : Fedora Update for kernel FEDORA-2012-20240
File : nvt/gb_fedora_2012_20240_kernel_fc16.nasl
2012-12-18 Name : Ubuntu Update for glibc USN-1589-2
File : nvt/gb_ubuntu_USN_1589_2.nasl
2012-12-13 Name : SuSE Update for update openSUSE-SU-2012:0466-1 (update)
File : nvt/gb_suse_2012_0466_1.nasl
2012-11-29 Name : Fedora Update for kernel FEDORA-2012-18691
File : nvt/gb_fedora_2012_18691_kernel_fc16.nasl
2012-11-26 Name : Oracle MySQL Server Multiple Vulnerabilities-02 Nov12 (Windows)
File : nvt/gb_oracle_mysql_multiple_vuln02_nov12_win.nasl
2012-11-26 Name : Oracle MySQL Server Multiple Vulnerabilities-03 Nov12 (Windows)
File : nvt/gb_oracle_mysql_multiple_vuln03_nov12_win.nasl
2012-11-15 Name : CentOS Update for mysql CESA-2012:1462 centos6
File : nvt/gb_CESA-2012_1462_mysql_centos6.nasl
2012-11-15 Name : RedHat Update for mysql RHSA-2012:1462-01
File : nvt/gb_RHSA-2012_1462-01_mysql.nasl
2012-11-09 Name : CentOS Update for kernel CESA-2012:1426 centos6
File : nvt/gb_CESA-2012_1426_kernel_centos6.nasl
2012-11-09 Name : RedHat Update for kernel RHSA-2012:1426-01
File : nvt/gb_RHSA-2012_1426-01_kernel.nasl
2012-11-06 Name : Fedora Update for kernel FEDORA-2012-17479
File : nvt/gb_fedora_2012_17479_kernel_fc16.nasl
2012-11-06 Name : Ubuntu Update for mysql-5.5 USN-1621-1
File : nvt/gb_ubuntu_USN_1621_1.nasl
2012-11-02 Name : CentOS Update for kdelibs CESA-2012:1416 centos6
File : nvt/gb_CESA-2012_1416_kdelibs_centos6.nasl
2012-11-02 Name : CentOS Update for kdelibs CESA-2012:1418 centos6
File : nvt/gb_CESA-2012_1418_kdelibs_centos6.nasl
2012-11-02 Name : RedHat Update for kdelibs RHSA-2012:1416-01
File : nvt/gb_RHSA-2012_1416-01_kdelibs.nasl
2012-11-02 Name : RedHat Update for kdelibs RHSA-2012:1418-01
File : nvt/gb_RHSA-2012_1418-01_kdelibs.nasl

Information Assurance Vulnerability Management (IAVM)

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2015-A-0199 Multiple Vulnerabilities in Apple Mac OS X
Severity: Category I - VMSKEY: V0061337
2015-A-0155 Multiple Vulnerabilities in Oracle MySQL Product Suite
Severity: Category I - VMSKEY: V0061083
2015-A-0154 Multiple Vulnerabilities in Oracle Fusion Middleware
Severity: Category I - VMSKEY: V0061081
2015-B-0083 Multiple Vulnerabilities in IBM Storwize V7000 Unified
Severity: Category I - VMSKEY: V0060983
2015-A-0115 QEMU Virtual Floppy Drive Controller (FDC) Buffer Overflow Vulnerability
Severity: Category II - VMSKEY: V0060741
2015-A-0113 Multiple Vulnerabilities in Juniper Networks CTPOS
Severity: Category I - VMSKEY: V0060737
2015-A-0112 Oracle Linux & Virtualization Buffer Overflow Vulnerability
Severity: Category I - VMSKEY: V0060735
2015-A-0042 Samba Remote Code Execution Vulnerability
Severity: Category I - VMSKEY: V0058919
2015-A-0038 Multiple Vulnerabilities in GNU C Library (glibc)
Severity: Category I - VMSKEY: V0058753
2015-B-0012 Multiple Vulnerabilities in VMware ESXi 5.0
Severity: Category I - VMSKEY: V0058517
2015-B-0013 Multiple Vulnerabilities in VMware ESXi 5.1
Severity: Category I - VMSKEY: V0058515
2015-B-0014 Multiple Vulnerabilities in VMware ESXi 5.5
Severity: Category I - VMSKEY: V0058513
2014-A-0172 Multiple Vulnerabilities in Red Hat JBoss Enterprise Application Platform
Severity: Category I - VMSKEY: V0057381
2014-B-0105 Samba Remote Code Execution
Severity: Category I - VMSKEY: V0053637
2014-B-0103 Multiple Vulnerabilities in VMware Horizon View Client
Severity: Category I - VMSKEY: V0053509
2014-B-0102 Multiple Vulnerabilities in VMware vCenter Converter Standalone 5.5
Severity: Category I - VMSKEY: V0053507
2014-B-0101 Multiple Vulnerabilities in VMware vCenter Converter Standalone 5.1
Severity: Category I - VMSKEY: V0053505
2014-A-0115 Multiple Vulnerabilities in VMware Horizon View
Severity: Category I - VMSKEY: V0053501
2014-B-0097 Multiple Vulnerabilities in VMware ESXi 5.0
Severity: Category I - VMSKEY: V0053319
2014-A-0099 Multiple Vulnerabilities in McAfee Email Gateway
Severity: Category I - VMSKEY: V0053203
2014-A-0100 Multiple Vulnerabilities in McAfee VirusScan Enterprise for Linux
Severity: Category I - VMSKEY: V0053201
2014-A-0103 Multiple Vulnerabilities in Oracle E-Business
Severity: Category I - VMSKEY: V0053195
2014-A-0105 Multiple Vulnerabilities in Oracle Java
Severity: Category I - VMSKEY: V0053191
2014-A-0109 Multiple Vulnerabilities in VMware Fusion
Severity: Category I - VMSKEY: V0053183
2014-A-0110 Multiple Vulnerabilities in VMware Player
Severity: Category I - VMSKEY: V0053181

Snort® IPS/IDS

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2020-02-25 OpenSSL anonymous ECDH denial of service attempt
RuleID : 52626 - Type : SERVER-OTHER - Revision : 1
2020-02-25 OpenSSL anonymous ECDH denial of service attempt
RuleID : 52625 - Type : SERVER-OTHER - Revision : 1
2020-01-21 OpenSSL SSL ChangeCipherSpec man-in-the-middle attempt
RuleID : 52487 - Type : SERVER-OTHER - Revision : 1
2020-01-14 MySQL/MariaDB Server geometry query envelope object integer overflow attempt
RuleID : 52423 - Type : SERVER-MYSQL - Revision : 1
2019-12-10 Libmspack cabd_sys_read_block off-by-one heap overflow attempt
RuleID : 52133 - Type : FILE-OTHER - Revision : 2
2019-12-10 Libmspack cabd_sys_read_block off-by-one heap overflow attempt
RuleID : 52132 - Type : FILE-OTHER - Revision : 2
2019-12-03 PostgreSQL SCRAM authentication stack buffer overflow attempt
RuleID : 52039 - Type : SERVER-OTHER - Revision : 1
2019-12-03 PostgreSQL SCRAM authentication stack buffer overflow attempt
RuleID : 52038 - Type : SERVER-OTHER - Revision : 1
2019-10-25 Red Hat NetworkManager DHCP client command injection attempt
RuleID : 52022-community - Type : OS-LINUX - Revision : 1
2019-11-26 Red Hat NetworkManager DHCP client command injection attempt
RuleID : 52022 - Type : OS-LINUX - Revision : 1
2019-11-03 HAProxy H2 Frame heap memory corruption attempt
RuleID : 51725 - Type : SERVER-WEBAPP - Revision : 1
2019-09-26 Google Android Kernel local denial of service attempt
RuleID : 51291 - Type : OS-MOBILE - Revision : 1
2019-09-26 Google Android Kernel local denial of service attempt
RuleID : 51290 - Type : OS-MOBILE - Revision : 1
2019-09-10 nfs-utils TCP connection termination denial-of-service attempt
RuleID : 50913 - Type : SERVER-OTHER - Revision : 1
2019-08-31 Postfix IPv6 Relaying Security Issue
RuleID : 50859 - Type : SERVER-MAIL - Revision : 1
2019-03-19 Multiple products runc arbitrary code execution attempt
RuleID : 49195 - Type : SERVER-OTHER - Revision : 2
2018-05-30 Red Hat NetworkManager DHCP client command injection attempt
RuleID : 46847-community - Type : OS-LINUX - Revision : 1
2018-07-03 Red Hat NetworkManager DHCP client command injection attempt
RuleID : 46847 - Type : OS-LINUX - Revision : 1
2018-02-20 Mozilla Firefox HTTP index format out of bounds read attempt
RuleID : 45476 - Type : BROWSER-FIREFOX - Revision : 2
2018-01-17 Mozilla Firefox buffer overflow attempt
RuleID : 45172 - Type : BROWSER-FIREFOX - Revision : 1
2018-01-17 Mozilla Firefox buffer overflow attempt
RuleID : 45171 - Type : BROWSER-FIREFOX - Revision : 1
2017-12-19 ISC BIND 9 DNS rdata length handling remote denial of service attempt
RuleID : 44879 - Type : SERVER-OTHER - Revision : 1
2017-11-30 MySQL/MariaDB Server geometry query integer overflow attempt
RuleID : 44674 - Type : SERVER-MYSQL - Revision : 2
2017-10-24 PHP form-based file upload DoS attempt
RuleID : 44390 - Type : SERVER-WEBAPP - Revision : 2
2017-08-29 Sun Solaris dhcpd malformed bootp denial of service attempt
RuleID : 43752 - Type : SERVER-OTHER - Revision : 2

Nessus® Vulnerability Scanner

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2019-01-18 Name: The remote Debian host is missing a security update.
File: debian_DLA-1635.nasl - Type: ACT_GATHER_INFO
2019-01-17 Name: The remote Fedora host is missing one or more security updates.
File: fedora_2019-509c133845.nasl - Type: ACT_GATHER_INFO
2019-01-17 Name: The remote Fedora host is missing one or more security updates.
File: fedora_2019-f812c9fb22.nasl - Type: ACT_GATHER_INFO
2019-01-16 Name: The remote Fedora host is missing a security update.
File: fedora_2019-f6ff819834.nasl - Type: ACT_GATHER_INFO
2019-01-11 Name: The remote Virtuozzo host is missing a security update.
File: Virtuozzo_VZA-2018-089.nasl - Type: ACT_GATHER_INFO
2019-01-10 Name: The remote Amazon Linux 2 host is missing a security update.
File: al2_ALAS-2019-1143.nasl - Type: ACT_GATHER_INFO
2019-01-10 Name: The remote device is affected by multiple vulnerabilities.
File: juniper_space_jsa10917_183R1.nasl - Type: ACT_GATHER_INFO
2019-01-10 Name: The remote device is affected by multiple vulnerabilities.
File: juniper_space_jsa10917_184R1.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-06090dff59.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-0b038c7047.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-0ddef94854.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-111044d435.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-1c1a318a0b.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-23ca7a6798.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-2735a12b72.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-28f30efaf6.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-2c965abb15.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-319b9d0f68.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-327707371e.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-381ab64b59.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing one or more security updates.
File: fedora_2018-3857a8b41a.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-42eab0f5b9.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-4e660226e7.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-537c8312fc.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-56221eb24b.nasl - Type: ACT_GATHER_INFO