This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Redhat First view 1996-07-16
Product Enterprise Linux Last view 2020-09-16
Version 6 Type
Update  
Edition  
Language  
Sofware Edition  
Target Software  
Target Hardware  
Other  

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name Affected CVE
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:* 434
cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:* 395
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:* 125
cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:* 99
cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:* 81
cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:* 73
cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:* 69
cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:* 68
cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:* 58
cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:* 52
cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:* 52
cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:* 49
cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:* 47
cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:* 42
cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:* 35
cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:* 35
cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:* 35
cpe:2.3:o:redhat:enterprise_linux:7.5:*:*:*:*:*:*:* 35
cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_servers:*:*:*:*:* 33
cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation:*:*:*:*:* 32
cpe:2.3:o:redhat:enterprise_linux:7.4:*:*:*:*:*:*:* 32
cpe:2.3:o:redhat:enterprise_linux:7.6:*:*:*:*:*:*:* 29
cpe:2.3:o:redhat:enterprise_linux:4.0:*:*:*:*:*:*:* 22
cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:* 11
cpe:2.3:o:redhat:enterprise_linux:3.0:*:*:*:*:*:*:* 10
cpe:2.3:o:redhat:enterprise_linux:5.0:*:server:*:*:*:*:* 10
cpe:2.3:o:redhat:enterprise_linux:6.7:*:*:*:*:*:*:* 8
cpe:2.3:o:redhat:enterprise_linux:4:*:*:*:*:*:*:* 7
cpe:2.3:o:redhat:enterprise_linux:4.0:*:es:*:*:*:*:* 7
cpe:2.3:o:redhat:enterprise_linux:4.0:*:ws:*:*:*:*:* 7
cpe:2.3:o:redhat:enterprise_linux:4.0:*:as:*:*:*:*:* 7
cpe:2.3:o:redhat:enterprise_linux:5:*:server:*:*:*:*:* 6
cpe:2.3:o:redhat:enterprise_linux:7.2:*:*:*:*:*:*:* 6
cpe:2.3:o:redhat:enterprise_linux:5.0:*:desktop:*:*:*:*:* 5
cpe:2.3:o:redhat:enterprise_linux:4.0:*:linux_kernel_2.6.9:*:*:*:*:* 4
cpe:2.3:o:redhat:enterprise_linux:6.5:*:*:*:*:*:*:* 4
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:advanced_virtualization:*:*:* 4
cpe:2.3:o:redhat:enterprise_linux:3:*:*:*:*:*:*:* 3
cpe:2.3:o:redhat:enterprise_linux:3.0:*:ws:*:*:*:*:* 3
cpe:2.3:o:redhat:enterprise_linux:3.0:*:es:*:*:*:*:* 3
cpe:2.3:o:redhat:enterprise_linux:3.0:*:as:*:*:*:*:* 3
cpe:2.3:o:redhat:enterprise_linux:5.0:*:desktop_workstation:*:*:*:*:* 3
cpe:2.3:o:redhat:enterprise_linux:2.1:*:*:*:*:*:*:* 3
cpe:2.3:o:redhat:enterprise_linux:5.0:*:client:*:*:*:*:* 3
cpe:2.3:o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:* 3
cpe:2.3:o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:* 3
cpe:2.3:o:redhat:enterprise_linux:ws_4:*:*:*:*:*:*:* 3
cpe:2.3:o:redhat:enterprise_linux:as_4:*:*:*:*:*:*:* 3
cpe:2.3:o:redhat:enterprise_linux:es_4:*:*:*:*:*:*:* 3
cpe:2.3:o:redhat:enterprise_linux:*:*:*:*:*:*:*:* 3

Related : CVE

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
7.8 2020-09-16 CVE-2020-14382

A vulnerability was found in upstream release cryptsetup-2.2.0 where, there's a bug in LUKS2 format validation code, that is effectively invoked on every device/image presenting itself as LUKS2 container. The bug is in segments validation code in file 'lib/luks2/luks2_json_metadata.c' in function hdr_validate_segments(struct crypt_device *cd, json_object *hdr_jobj) where the code does not check for possible overflow on memory allocation used for intervals array (see statement "intervals = malloc(first_backup * sizeof(*intervals));"). Due to the bug, library can be *tricked* to expect such allocation was successful but for far less memory then originally expected. Later it may read data FROM image crafted by an attacker and actually write such data BEYOND allocated memory.

6.6 2020-09-15 CVE-2020-14331

A flaw was found in the Linux kernel’s implementation of the invert video code on VGA consoles when a local attacker attempts to resize the console, calling an ioctl VT_RESIZE, which causes an out-of-bounds write to occur. This flaw allows a local user with access to the VGA console to crash the system, potentially escalating their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

6 2020-09-15 CVE-2020-10759

A PGP signature bypass flaw was found in fwupd (all versions), which could lead to the installation of unsigned firmware. As per upstream, a signature bypass is theoretically possible, but not practical because the Linux Vendor Firmware Service (LVFS) is either not implemented or enabled in versions of fwupd shipped with Red Hat Enterprise Linux 7 and 8. The highest threat from this vulnerability is to confidentiality and integrity.

7.3 2020-09-14 CVE-2020-0570

Uncontrolled search path in the QT Library before 5.14.0, 5.12.7 and 5.9.10 may allow an authenticated user to potentially enable elevation of privilege via local access.

7.5 2020-09-09 CVE-2020-1749

A flaw was found in the Linux kernel's implementation of some networking protocols in IPsec, such as VXLAN and GENEVE tunnels over IPv6. When an encrypted tunnel is created between two hosts, the kernel isn't correctly routing tunneled data over the encrypted link; rather sending the data unencrypted. This would allow anyone in between the two endpoints to read the traffic unencrypted. The main threat from this vulnerability is to data confidentiality.

6.5 2020-09-04 CVE-2020-24977

GNOME project libxml2 v2.9.10 and earlier have a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 8e7c20a1 (20910-GITv2.9.10-103-g8e7c20a1).

5.5 2020-09-03 CVE-2020-14373

A use after free was found in igc_reloc_struct_ptr() of psi/igc.c of ghostscript-9.25. A local attacker could supply a specially crafted PDF file to cause a denial of service.

5 2020-08-31 CVE-2020-14364

An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice 'setup_len' exceeds its 'data_buf[4096]' in the do_token_in, do_token_out routines. This flaw allows a guest user to crash the QEMU process, resulting in a denial of service, or the potential execution of arbitrary code with the privileges of the QEMU process on the host.

8 2020-08-30 CVE-2020-14352

A flaw was found in librepo in versions before 1.12.1. A directory traversal vulnerability was found where it failed to sanitize paths in remote repository metadata. An attacker controlling a remote repository may be able to copy files outside of the destination directory on the targeted system via path traversal. This flaw could potentially result in system compromise via the overwriting of critical system files. The highest threat from this flaw is to users that make use of untrusted third-party repositories.

7.8 2020-08-19 CVE-2020-14356

A flaw null pointer dereference in the Linux kernel cgroupv2 subsystem in versions before 5.7.10 was found in the way when reboot the system. A local user could use this flaw to crash the system or escalate their privileges on the system.

6 2020-07-31 CVE-2020-14311

There is an issue with grub2 before version 2.06 while handling symlink on ext filesystems. A filesystem containing a symbolic link with an inode size of UINT32_MAX causes an arithmetic overflow leading to a zero-sized memory allocation with subsequent heap-based buffer overflow.

6 2020-07-31 CVE-2020-14310

There is an issue on grub2 before version 2.06 at function read_section_as_string(). It expects a font name to be at max UINT32_MAX - 1 length in bytes but it doesn't verify it before proceed with buffer allocation to read the value from the font value. An attacker may leverage that by crafting a malicious font file which has a name with UINT32_MAX, leading to read_section_as_string() to an arithmetic overflow, zero-sized allocation and further heap-based buffer overflow.

6.4 2020-07-29 CVE-2020-15707

Integer overflows were discovered in the functions grub_cmd_initrd and grub_initrd_init in the efilinux component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu (the functionality is not included in GRUB2 upstream), leading to a heap-based buffer overflow. These could be triggered by an extremely large number of arguments to the initrd command on 32-bit architectures, or a crafted filesystem with very large files on any architecture. An attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. This issue affects GRUB2 version 2.04 and prior versions.

6.4 2020-07-29 CVE-2020-15706

GRUB2 contains a race condition in grub_script_function_create() leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing, leading to arbitrary code execution and secure boot restriction bypass. This issue affects GRUB2 version 2.04 and prior versions.

6.4 2020-07-29 CVE-2020-15705

GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. This only affects systems where the kernel signing certificate has been imported directly into the secure boot database and the GRUB image is booted directly without the use of shim. This issue affects GRUB2 version 2.04 and prior versions.

4.2 2020-07-14 CVE-2020-15719

libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third-party package is asserting RFC6125 support. It considers CN even when there is a non-matching subjectAltName (SAN). This is fixed in, for example, openldap-2.4.46-10.el8 in Red Hat Enterprise Linux.

5.5 2020-07-13 CVE-2019-19338

A flaw was found in the fix for CVE-2019-11135, in the Linux upstream kernel versions before 5.5 where, the way Intel CPUs handle speculative execution of instructions when a TSX Asynchronous Abort (TAA) error occurs. When a guest is running on a host CPU affected by the TAA flaw (TAA_NO=0), but is not affected by the MDS issue (MDS_NO=1), the guest was to clear the affected buffers by using a VERW instruction mechanism. But when the MDS_NO=1 bit was exported to the guests, the guests did not use the VERW mechanism to clear the affected buffers. This issue affects guests running on Cascade Lake CPUs and requires that host has 'TSX' enabled. Confidentiality of data is the highest threat associated with this vulnerability.

6.5 2020-07-09 CVE-2020-10756

An out-of-bounds read vulnerability was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in the icmp6_send_echoreply() routine while replying to an ICMP echo request, also known as ping. This flaw allows a malicious guest to leak the contents of the host memory, resulting in possible information disclosure. This flaw affects versions of libslirp before 4.3.1.

5.5 2020-06-26 CVE-2020-10769

A buffer over-read flaw was found in RH kernel versions before 5.0 in crypto_authenc_extractkeys in crypto/authenc.c in the IPsec Cryptographic algorithm's module, authenc. When a payload longer than 4 bytes, and is not following 4-byte alignment boundary guidelines, it causes a buffer over-read threat, leading to a system crash. This flaw allows a local attacker with user privileges to cause a denial of service.

4.4 2020-06-12 CVE-2020-10732

A flaw was found in the Linux kernel's implementation of Userspace core dumps. This flaw allows an attacker with a local account to crash a trivial program and exfiltrate private kernel data.

5 2020-06-09 CVE-2020-10761

An assertion failure issue was found in the Network Block Device(NBD) Server in all QEMU versions before QEMU 5.0.1. This flaw occurs when an nbd-client sends a spec-compliant request that is near the boundary of maximum permitted request length. A remote nbd-client could use this flaw to crash the qemu-nbd server resulting in a denial of service.

7.8 2020-06-09 CVE-2020-10757

A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way mremap handled DAX Huge Pages. This flaw allows a local attacker with access to a DAX enabled storage to escalate their privileges on the system.

6 2020-06-03 CVE-2020-10749

A vulnerability was found in all versions of containernetworking/plugins before version 0.8.6, that allows malicious containers in Kubernetes clusters to perform man-in-the-middle (MitM) attacks. A malicious container can exploit this flaw by sending rogue IPv6 router advertisements to the host or other containers, to redirect traffic to the malicious container.

5.9 2020-05-22 CVE-2020-10711

A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. This flaw occurs while importing the Commercial IP Security Option (CIPSO) protocol's category bitmap into the SELinux extensible bitmap via the' ebitmap_netlbl_import' routine. While processing the CIPSO restricted bitmap tag in the 'cipso_v4_parsetag_rbm' routine, it sets the security attribute to indicate that the category bitmap is present, even if it has not been allocated. This issue leads to a NULL pointer dereference issue while importing the same category bitmap into SELinux. This flaw allows a remote network user to crash the system kernel, resulting in a denial of service.

5.3 2020-05-12 CVE-2020-12826

A signal access-control issue was discovered in the Linux kernel before 5.6.5, aka CID-7395ea4e65c2. Because exec_id in include/linux/sched.h is only 32 bits, an integer overflow can interfere with a do_notify_parent protection mechanism. A child process can send an arbitrary signal to a parent process in a different security domain. Exploitation limitations include the amount of elapsed time before an integer overflow occurs, and the lack of scenarios where signals to a parent process present a substantial operational threat.

CWE : Common Weakness Enumeration

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
%idName
10% (64) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
8% (54) CWE-20 Improper Input Validation
7% (47) CWE-416 Use After Free
7% (47) CWE-200 Information Exposure
6% (39) CWE-125 Out-of-bounds Read
5% (35) CWE-264 Permissions, Privileges, and Access Controls
5% (33) CWE-787 Out-of-bounds Write
3% (24) CWE-399 Resource Management Errors
3% (21) CWE-190 Integer Overflow or Wraparound
3% (20) CWE-189 Numeric Errors
3% (19) CWE-476 NULL Pointer Dereference
3% (19) CWE-362 Race Condition
2% (15) CWE-400 Uncontrolled Resource Consumption ('Resource Exhaustion')
2% (14) CWE-59 Improper Link Resolution Before File Access ('Link Following')
2% (14) CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path ...
1% (10) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
1% (9) CWE-401 Failure to Release Memory Before Removing Last Reference ('Memory L...
1% (8) CWE-295 Certificate Issues
1% (8) CWE-287 Improper Authentication
0% (6) CWE-732 Incorrect Permission Assignment for Critical Resource
0% (6) CWE-284 Access Control (Authorization) Issues
0% (6) CWE-254 Security Features
0% (6) CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflo...
0% (5) CWE-310 Cryptographic Issues
0% (5) CWE-269 Improper Privilege Management

CAPEC : Common Attack Pattern Enumeration & Classification

id Name
CAPEC-6 Argument Injection
CAPEC-15 Command Delimiters
CAPEC-79 Using Slashes in Alternate Encoding

Oval Markup Language : Definitions

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalID Name
oval:org.mitre.oval:def:10888 cpio on FreeBSD 2.1.0, Debian GNU/Linux 3.0, and possibly other operating sys...
oval:org.mitre.oval:def:1160 Safe.PM Unsafe Code Execution Vulnerability
oval:org.mitre.oval:def:10736 The Internet Group Management Protocol (IGMP) allows local users to cause a d...
oval:org.mitre.oval:def:664 Code Execution Vulnerability in XPDF PDF Viewer
oval:org.mitre.oval:def:113 X Display Manager Control Protocol Denial of Service
oval:org.mitre.oval:def:129 GDM X Display Manager Authorization Vulnerability
oval:org.mitre.oval:def:387 C-Media Sound Driver Userspace Access Vulnerability II
oval:org.mitre.oval:def:11337 The getifaddrs function in GNU libc (glibc) 2.2.4 and earlier allows local us...
oval:org.mitre.oval:def:9707 Various routines for the ppc64 architecture on Linux kernel 2.6 prior to 2.6....
oval:org.mitre.oval:def:9779 The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to...
oval:org.mitre.oval:def:975 Red Hat OpenSSL do_change_cipher_spec Function Denial of Service
oval:org.mitre.oval:def:870 Red Hat Enterprise 3 OpenSSL do_change_cipher_spec Function Denial of Service
oval:org.mitre.oval:def:5770 Multiple Vendor OpenSSL 0.9.6x, 0.9.7x Null-Pointer DoS Vulnerability
oval:org.mitre.oval:def:2621 OpenSSL Denial of Service Vulnerabilities
oval:org.mitre.oval:def:902 Red Hat OpenSSL Improper Unknown Message Handling Vulnerability
oval:org.mitre.oval:def:871 Red Hat Enterprise 3 OpenSSL Improper Unknown Message Handling Vulnerability
oval:org.mitre.oval:def:11755 OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, w...
oval:org.mitre.oval:def:846 Red Hat gdk-pixbuf Denial of Service
oval:org.mitre.oval:def:845 Red Hat Enterprise 3 gdk-pixbuf Denial of Service
oval:org.mitre.oval:def:10574 gdk-pixbuf before 0.20 allows attackers to cause a denial of service (crash) ...
oval:org.mitre.oval:def:9580 The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when usin...
oval:org.mitre.oval:def:928 Red Hat Enterprise 3 OpenSSL Kerberos Handshake Vulnerability
oval:org.mitre.oval:def:1049 Red Hat OpenSSL Kerberos Handshake Vulnerability
oval:org.mitre.oval:def:971 libpng Malformed PNG Image Vulnerability
oval:org.mitre.oval:def:11710 The Portable Network Graphics library (libpng) 1.0.15 and earlier allows atta...

SAINT Exploits

Description Link
Linux kernel futex_requeue privilege elevation More info here
Linux Dirty COW Local File Overwrite More info here
Red Hat DHCP client NetworkManager integration script command injection More info here
libssh authentication bypass More info here

Open Source Vulnerability Database (OSVDB)

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
78302 Linux Kernel m_stop() Implementation Local DoS
77684 Linux Kernel OMAP4 Bridge Networking Interface Network Packet Parsing Remote DoS
77571 Linux Kernel be2net VLAN Packet Parsing Remote DoS
77558 virt-v2v Guest Conversion VNC Password Local Authentication Bypass
77485 Linux Kernel /mm/oom_kill.c Local Overflow
77294 Linux Kernel VLAN 0 Frame Priority Tag Parsing Remote DoS
76805 Linux Kernel net/core/net_namespace.c Network Namespace Cleanup Weakness Remo...
76058 Samba mtab Lock File Handling Local DoS
75716 Linux Kernel Sequence Number Generation Weakness Remote Packet Injection
75714 Linux Kernel AuerswaldPBX/System Telephone USB Driver Privilege Escalation
75580 Linux Kernel CIFS Share Mounting DIFS Referral BUG_ON() Remote DoS
75279 Qemu hw/scsi-disk.c scsi_disk_emulate_command() Function Command Parsing Loca...
75241 Linux Kernel SAHF Instruction Emulation Remote DoS
74910 Linux Kernel fs/cifs/cifssmb.c CIFSFindNext() Function Signedness Error CIFS ...
74678 Linux Kernel IPv6 Fragment Identification Prediction Weakness
74658 Linux Kernel trigger_scan / sched_scan SSID Length Handling Bypass
74657 Linux Kernel Packet Scheduler API Implementation tc_fill_qdisc() Function NUL...
74655 Linux Kernel napi_reuse_skb() Function Crafted VLAN Packet Handling Remote DoS
74646 ConsoleKit VNC Session is-local Property Handling Remote Privilege Escalation
74150 Drupal Comment Attachment Access Restriction Bypass
73748 udisks mount(8) Command Arbitrary Kernel Module Loading
73493 libpng pngerror.c png_format_buffer() Off-by-one PNG Image Handling Remote DoS
73045 Linux Kernel drivers/char/agp/generic.c agp_generic_remove_memory Function AG...
73043 Linux Kernel drivers/char/agp/generic.c Multiple Function Memory Page Call Lo...
73042 Linux Kernel drivers/char/agp/generic.c agp_generic_insert_memory Function AG...

ExploitDB Exploits

id Description
35370 Linux Kernel libfutex Local Root for RHEL/CentOS 7.0.1406
33894 Python CGIHTTPServer Encoded Path Traversal
33516 Linux kernel 3.14-rc1 <= 3.15-rc4 - Raw Mode PTY Local Echo Race Condition...
27778 Samba nttrans Reply - Integer Overflow Vulnerability
24259 Ethereal 0.x Multiple Unspecified iSNS, SMB and SNMP Protocol Dissector Vulne...
22406 Konqueror 4.7.3 Memory Corruption
5167 X.Org xorg-x11-xfs <= 1.0.2-3.1 - Local Race Condition Exploit
4601 Ubuntu 6.06 DHCPd bug Remote Denial of Service Exploit
718 Linux Kernel 2.6.x chown() Group Ownership Alteration Exploit
374 SoX Local Buffer Overflow Exploiter (Via Crafted WAV File)

OpenVAS Exploits

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2014-10-16 Name : POODLE SSLv3 Protocol CBC ciphers Information Disclosure Vulnerability
File : nvt/gb_poodel_sslv3_info_disc_vuln.nasl
2013-09-18 Name : Debian Security Advisory DSA 2439-1 (libpng - buffer overflow)
File : nvt/deb_2439_1.nasl
2013-09-18 Name : Debian Security Advisory DSA 2443-1 (linux-2.6 - privilege escalation/denial ...
File : nvt/deb_2443_1.nasl
2013-09-18 Name : Debian Security Advisory DSA 2581-1 (mysql-5.1 - several vulnerabilities)
File : nvt/deb_2581_1.nasl
2012-12-28 Name : Wireshark Multiple Vulnerabilities-01 Dec 2012 (Mac OS X)
File : nvt/gb_wireshark_mult_vuln01_dec12_macosx.nasl
2012-12-27 Name : VMSA-2012-0018: VMware security updates for vCSA and ESXi
File : nvt/gb_VMSA-2012-0018.nasl
2012-12-24 Name : LibreOffice Graphic Object Loading Buffer Overflow Vulnerability (Mac OS X)
File : nvt/gb_libreoffice_graphic_object_bof_vuln_macosx.nasl
2012-12-24 Name : LibreOffice Graphic Object Loading Buffer Overflow Vulnerability (Windows)
File : nvt/gb_libreoffice_graphic_object_bof_vuln_win.nasl
2012-12-24 Name : OpenOffice Multiple Buffer Overflow Vulnerabilities - Dec12 (Windows)
File : nvt/gb_openoffice_mult_bof_vuln_dec12_win.nasl
2012-12-18 Name : Fedora Update for kernel FEDORA-2012-20240
File : nvt/gb_fedora_2012_20240_kernel_fc16.nasl
2012-12-18 Name : Ubuntu Update for glibc USN-1589-2
File : nvt/gb_ubuntu_USN_1589_2.nasl
2012-12-13 Name : SuSE Update for update openSUSE-SU-2012:0466-1 (update)
File : nvt/gb_suse_2012_0466_1.nasl
2012-11-29 Name : Fedora Update for kernel FEDORA-2012-18691
File : nvt/gb_fedora_2012_18691_kernel_fc16.nasl
2012-11-26 Name : Oracle MySQL Server Multiple Vulnerabilities-02 Nov12 (Windows)
File : nvt/gb_oracle_mysql_multiple_vuln02_nov12_win.nasl
2012-11-26 Name : Oracle MySQL Server Multiple Vulnerabilities-03 Nov12 (Windows)
File : nvt/gb_oracle_mysql_multiple_vuln03_nov12_win.nasl
2012-11-15 Name : CentOS Update for mysql CESA-2012:1462 centos6
File : nvt/gb_CESA-2012_1462_mysql_centos6.nasl
2012-11-15 Name : RedHat Update for mysql RHSA-2012:1462-01
File : nvt/gb_RHSA-2012_1462-01_mysql.nasl
2012-11-09 Name : CentOS Update for kernel CESA-2012:1426 centos6
File : nvt/gb_CESA-2012_1426_kernel_centos6.nasl
2012-11-09 Name : RedHat Update for kernel RHSA-2012:1426-01
File : nvt/gb_RHSA-2012_1426-01_kernel.nasl
2012-11-06 Name : Fedora Update for kernel FEDORA-2012-17479
File : nvt/gb_fedora_2012_17479_kernel_fc16.nasl
2012-11-06 Name : Ubuntu Update for mysql-5.5 USN-1621-1
File : nvt/gb_ubuntu_USN_1621_1.nasl
2012-11-02 Name : CentOS Update for kdelibs CESA-2012:1416 centos6
File : nvt/gb_CESA-2012_1416_kdelibs_centos6.nasl
2012-11-02 Name : CentOS Update for kdelibs CESA-2012:1418 centos6
File : nvt/gb_CESA-2012_1418_kdelibs_centos6.nasl
2012-11-02 Name : RedHat Update for kdelibs RHSA-2012:1416-01
File : nvt/gb_RHSA-2012_1416-01_kdelibs.nasl
2012-11-02 Name : RedHat Update for kdelibs RHSA-2012:1418-01
File : nvt/gb_RHSA-2012_1418-01_kdelibs.nasl

Information Assurance Vulnerability Management (IAVM)

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2015-A-0199 Multiple Vulnerabilities in Apple Mac OS X
Severity: Category I - VMSKEY: V0061337
2015-A-0155 Multiple Vulnerabilities in Oracle MySQL Product Suite
Severity: Category I - VMSKEY: V0061083
2015-A-0154 Multiple Vulnerabilities in Oracle Fusion Middleware
Severity: Category I - VMSKEY: V0061081
2015-B-0083 Multiple Vulnerabilities in IBM Storwize V7000 Unified
Severity: Category I - VMSKEY: V0060983
2015-A-0115 QEMU Virtual Floppy Drive Controller (FDC) Buffer Overflow Vulnerability
Severity: Category II - VMSKEY: V0060741
2015-A-0113 Multiple Vulnerabilities in Juniper Networks CTPOS
Severity: Category I - VMSKEY: V0060737
2015-A-0112 Oracle Linux & Virtualization Buffer Overflow Vulnerability
Severity: Category I - VMSKEY: V0060735
2015-A-0042 Samba Remote Code Execution Vulnerability
Severity: Category I - VMSKEY: V0058919
2015-A-0038 Multiple Vulnerabilities in GNU C Library (glibc)
Severity: Category I - VMSKEY: V0058753
2015-B-0012 Multiple Vulnerabilities in VMware ESXi 5.0
Severity: Category I - VMSKEY: V0058517
2015-B-0013 Multiple Vulnerabilities in VMware ESXi 5.1
Severity: Category I - VMSKEY: V0058515
2015-B-0014 Multiple Vulnerabilities in VMware ESXi 5.5
Severity: Category I - VMSKEY: V0058513
2014-A-0172 Multiple Vulnerabilities in Red Hat JBoss Enterprise Application Platform
Severity: Category I - VMSKEY: V0057381
2014-B-0105 Samba Remote Code Execution
Severity: Category I - VMSKEY: V0053637
2014-B-0103 Multiple Vulnerabilities in VMware Horizon View Client
Severity: Category I - VMSKEY: V0053509
2014-B-0102 Multiple Vulnerabilities in VMware vCenter Converter Standalone 5.5
Severity: Category I - VMSKEY: V0053507
2014-B-0101 Multiple Vulnerabilities in VMware vCenter Converter Standalone 5.1
Severity: Category I - VMSKEY: V0053505
2014-A-0115 Multiple Vulnerabilities in VMware Horizon View
Severity: Category I - VMSKEY: V0053501
2014-B-0097 Multiple Vulnerabilities in VMware ESXi 5.0
Severity: Category I - VMSKEY: V0053319
2014-A-0099 Multiple Vulnerabilities in McAfee Email Gateway
Severity: Category I - VMSKEY: V0053203
2014-A-0100 Multiple Vulnerabilities in McAfee VirusScan Enterprise for Linux
Severity: Category I - VMSKEY: V0053201
2014-A-0103 Multiple Vulnerabilities in Oracle E-Business
Severity: Category I - VMSKEY: V0053195
2014-A-0105 Multiple Vulnerabilities in Oracle Java
Severity: Category I - VMSKEY: V0053191
2014-A-0109 Multiple Vulnerabilities in VMware Fusion
Severity: Category I - VMSKEY: V0053183
2014-A-0110 Multiple Vulnerabilities in VMware Player
Severity: Category I - VMSKEY: V0053181

Snort® IPS/IDS

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2020-02-25 OpenSSL anonymous ECDH denial of service attempt
RuleID : 52626 - Type : SERVER-OTHER - Revision : 1
2020-02-25 OpenSSL anonymous ECDH denial of service attempt
RuleID : 52625 - Type : SERVER-OTHER - Revision : 1
2020-01-21 OpenSSL SSL ChangeCipherSpec man-in-the-middle attempt
RuleID : 52487 - Type : SERVER-OTHER - Revision : 1
2020-01-14 MySQL/MariaDB Server geometry query envelope object integer overflow attempt
RuleID : 52423 - Type : SERVER-MYSQL - Revision : 1
2019-12-10 Libmspack cabd_sys_read_block off-by-one heap overflow attempt
RuleID : 52133 - Type : FILE-OTHER - Revision : 2
2019-12-10 Libmspack cabd_sys_read_block off-by-one heap overflow attempt
RuleID : 52132 - Type : FILE-OTHER - Revision : 2
2019-12-03 PostgreSQL SCRAM authentication stack buffer overflow attempt
RuleID : 52039 - Type : SERVER-OTHER - Revision : 1
2019-12-03 PostgreSQL SCRAM authentication stack buffer overflow attempt
RuleID : 52038 - Type : SERVER-OTHER - Revision : 1
2019-10-25 Red Hat NetworkManager DHCP client command injection attempt
RuleID : 52022-community - Type : OS-LINUX - Revision : 1
2019-11-26 Red Hat NetworkManager DHCP client command injection attempt
RuleID : 52022 - Type : OS-LINUX - Revision : 1
2019-11-03 HAProxy H2 Frame heap memory corruption attempt
RuleID : 51725 - Type : SERVER-WEBAPP - Revision : 1
2019-09-26 Google Android Kernel local denial of service attempt
RuleID : 51291 - Type : OS-MOBILE - Revision : 1
2019-09-26 Google Android Kernel local denial of service attempt
RuleID : 51290 - Type : OS-MOBILE - Revision : 1
2019-09-10 nfs-utils TCP connection termination denial-of-service attempt
RuleID : 50913 - Type : SERVER-OTHER - Revision : 1
2019-08-31 Postfix IPv6 Relaying Security Issue
RuleID : 50859 - Type : SERVER-MAIL - Revision : 1
2019-03-19 Multiple products runc arbitrary code execution attempt
RuleID : 49195 - Type : SERVER-OTHER - Revision : 2
2018-05-30 Red Hat NetworkManager DHCP client command injection attempt
RuleID : 46847-community - Type : OS-LINUX - Revision : 1
2018-07-03 Red Hat NetworkManager DHCP client command injection attempt
RuleID : 46847 - Type : OS-LINUX - Revision : 1
2018-02-20 Mozilla Firefox HTTP index format out of bounds read attempt
RuleID : 45476 - Type : BROWSER-FIREFOX - Revision : 2
2018-01-17 Mozilla Firefox buffer overflow attempt
RuleID : 45172 - Type : BROWSER-FIREFOX - Revision : 1
2018-01-17 Mozilla Firefox buffer overflow attempt
RuleID : 45171 - Type : BROWSER-FIREFOX - Revision : 1
2017-12-19 ISC BIND 9 DNS rdata length handling remote denial of service attempt
RuleID : 44879 - Type : SERVER-OTHER - Revision : 1
2017-11-30 MySQL/MariaDB Server geometry query integer overflow attempt
RuleID : 44674 - Type : SERVER-MYSQL - Revision : 2
2017-10-24 PHP form-based file upload DoS attempt
RuleID : 44390 - Type : SERVER-WEBAPP - Revision : 2
2017-08-29 Sun Solaris dhcpd malformed bootp denial of service attempt
RuleID : 43752 - Type : SERVER-OTHER - Revision : 2

Nessus® Vulnerability Scanner

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2019-01-18 Name: The remote Debian host is missing a security update.
File: debian_DLA-1635.nasl - Type: ACT_GATHER_INFO
2019-01-17 Name: The remote Fedora host is missing one or more security updates.
File: fedora_2019-509c133845.nasl - Type: ACT_GATHER_INFO
2019-01-17 Name: The remote Fedora host is missing one or more security updates.
File: fedora_2019-f812c9fb22.nasl - Type: ACT_GATHER_INFO
2019-01-16 Name: The remote Fedora host is missing a security update.
File: fedora_2019-f6ff819834.nasl - Type: ACT_GATHER_INFO
2019-01-11 Name: The remote Virtuozzo host is missing a security update.
File: Virtuozzo_VZA-2018-089.nasl - Type: ACT_GATHER_INFO
2019-01-10 Name: The remote Amazon Linux 2 host is missing a security update.
File: al2_ALAS-2019-1143.nasl - Type: ACT_GATHER_INFO
2019-01-10 Name: The remote device is affected by multiple vulnerabilities.
File: juniper_space_jsa10917_183R1.nasl - Type: ACT_GATHER_INFO
2019-01-10 Name: The remote device is affected by multiple vulnerabilities.
File: juniper_space_jsa10917_184R1.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-06090dff59.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-0b038c7047.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-0ddef94854.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-111044d435.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-1c1a318a0b.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-23ca7a6798.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-2735a12b72.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-28f30efaf6.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-2c965abb15.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-319b9d0f68.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-327707371e.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-381ab64b59.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing one or more security updates.
File: fedora_2018-3857a8b41a.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-42eab0f5b9.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-4e660226e7.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-537c8312fc.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-56221eb24b.nasl - Type: ACT_GATHER_INFO