Information Disclosure

Python is vulnerable to information disclosure vulnerability. This is because, the python's functions urllib.parse.urlsplit and urllib.parse.urlparse do not properly handle URLs encoded with Punycode/Internationalizing Domain Names in Applications IDNA, which may result in a wrong domain name...

Denial Of Service (DoS)

Apache httpd is vulnerable to NULL pointer dereference vulnerability. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request...

Information Disclosure

admin-cli in Red Hat JBoss Enterprise Application Platform is vulnerable to information disclosure. This vulnerability exists due to EAP feature to download server log files that allows logs to be available via GET requests causing cross-origin attacks. An attacker could trigger the user's browse...

Denial Of Service (DoS)

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...

Denial Of Service (DoS)

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...

Denial Of Service (DoS)

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...

Directory Traversal

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...

Privilege Escalation

The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. It was found that the Linux kernel's implementation of vectored pipe read and write functionality did not take into account the I/O vectors that were already processed when retrying after a failed atomic acce...

Buffer Overflow

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The php54 packages provide a recent stable release of PHP with the PEAR 1.9.4, APC 3.1.15, and memcache 3.0.8 PECL extensions, and a number of additional utilities. The php54 packages have been upgraded to...

Arbitrary File Write

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The php55 packages provide a recent stable release of PHP with the PEAR 1.9.4, memcache 3.0.8, and mongo 1.4.5 PECL extensions, and a number of additional utilities. The php55 packages have been upgraded to...

Denial Of Service (DoS)

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The php55 packages provide a recent stable release of PHP with the PEAR 1.9.4, memcache 3.0.8, and mongo 1.4.5 PECL extensions, and a number of additional utilities. The php55 packages have been upgraded to...

Privilege Escalation

openssh is vulnerable to privilege escalation. A use-after-free flaw allows an attacker to fully compromise a non-privileged pre-authentication process using a different flaw could possibly cause sshd to crash or execute arbitrary code with root privileges...

Use-After-Free

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Multiple flaws were discovered in the way PHP performed object unserialization. Specially crafted input processed by the unserialize function could cause a PHP application to crash or, possibly, execute arbitrar...

Information Disclosure

OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service PaaS solution designed for on-premise or private cloud deployments. The following security issues are addressed with this release: An authorization flaw was discovered in Kubernetes; the API server did not...

Privilege Escalation

The kernel packages contain the Linux kernel, the core of any Linux operating system. A use-after-free flaw was found in the way the Linux kernel's key management subsystem handled keyring object reference counting in certain error path of the joinsessionkeyring function. A local, unprivileged us...

Denial Of Service (DoS)

kernel is vulnerable to denial of service DoS. The vulnerability exists through the reference counter in the ipcrcuputref function...

Denial Of Service (DoS)

kernel-rt is vulnerable to denial of service DoS. The vulnerability exists as the parserockridgeinodeinternal function incorrectly handles iso9660 images with self-referential CL entry...

Sandbox Restrictions Bypass

IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Detailed vulnerability descriptions are linked from the IBM Security...

Denial Of Service (DoS)

The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. A denial of service flaw was found in the way the Linux kernel's IPv6 implementation processed IPv6 router advertisement RA packets. An attacker able to send a large number of RA packets to a target system...

Open Redirect

Red Hat OpenShift Enterprise is a cloud computing Platform-as-a-Service PaaS solution designed for on-premise or private cloud deployments. Refer to the Red Hat OpenShift Enterprise 1.1 Release Notes for information about the changes in this release. The Release Notes will be available shortly fr...

Denial Of Service (DoS)

The openstack-nova packages provide OpenStack Compute Nova, which provides services for provisioning, managing, and using virtual machine instances. It was found that the fixes for CVE-2013-1664 and CVE-2013-1665, released via RHSA-2013:0657, did not fully correct the issues in the Extensible...

Arbitrary Code Execution

IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Detailed vulnerability descriptions are linked from the IBM Security...

Memory Corruption

IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Detailed vulnerability descriptions are linked from the IBM Security...

Privilege Escalation

IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Detailed vulnerability descriptions are linked from the IBM Security...

Directory Traversal

github.com/kubernetes/kubernetes is vulnerable to directory traversal. A remote attacker is able to modify or delete files on a user's workstation via the kubectl cp command due to the mishandling of symlinks in the untarAll function...

Directory Traversal

wordpress is vulnerable to directory traversal. A privileged user with permissions to crop an image is able to abuse the vulnerability to write an image to an arbitrary location on the file system using the ../ characters in the file name...

Denial Of Service (DoS)

python is vulnerable to denial of service. An attacker is able to cause a denial of service condition via regex catastrophic backtracking in apop function in pop3lib...

Denial Of Service (DoS) Through Out-of-Bounds Write

libvorbis.so is vulnerable to out-of-bounds write. A malicious user can pass a audio file that when processed causes a out-of-bounds write that can lead to arbitrary code execution or to the application crashing...

Remote Code Execution Through Deserialization Attack

Apache ActiveMQ Artemis is vulnerable to deserialization attacks. The JMS specification outlines a getObject method on the javax.jms.ObjectMessage class. The Apache Artemis implementation of this method allows the deserialization of objects, from untrusted sources. There are several places where...

Remote Code Execution (RCE)

samba is vulnerable to remote code execution. A remote code execution flaw was found in Samba. A malicious authenticated samba client, having write access to the samba share, could upload a shared library to cause the server to load it and execute arbitrary code as root...

Denial Of Service (DoS)

php is vulnerable to denial of service. Multiple flaws were found in the way the way PHP's Phar extension parsed Phar archives. A specially crafted archive could cause PHP to crash or, possibly, execute arbitrary code when opened...

Arbitrary Code Execution

Apache commons-collections is vulnerable to arbitrary code execution. It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code wi...

Arbitrary Code Execution

php55 is vulnerable to arbitrary code execution attacks. The vulnerability exists as a use-after-free vulnerability in the processnesteddata function in ext/standard/varunserializer.re in PHP before 5.4.36, 5.5.x before 5.5.20, and 5.6.x before 5.6.4 allows remote attackers to execute arbitrary...

XML External Entity (XXE)

Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 allows attackers to obtain Tomcat internals information by leveraging the presence of an untrusted web application with a context.xml, web.xml, .jspx, .tagx, or .tld XML document containing an external entity declaration in...

Denial Of Service (DoS)

MultipartStream.java in Apache Commons FileUpload before 1.3.1, as used in Apache Tomcat, JBoss Web, and other products, allows remote attackers to cause a denial of service infinite loop and CPU consumption via a crafted Content-Type header that bypasses a loop's intended exit conditions...

Arbitrary Code Execution, SQL Injection Attacks And Authentication Bypass

lib/activesupport/json/backends/yaml.rb in Ruby on Rails 2.3.x before 2.3.16 and 3.0.x before 3.0.20 does not properly convert JSON data to YAML data for processing by a YAML parser, which allows remote attackers to execute arbitrary code, conduct SQL injection attacks, or bypass authentication v...

Remote Code Execution (RCE)

catalina is vulnerable to a remote code execution RCE attack. The library allows the replacement of the XML parser used for other web applications, allowing a malicious user to gain access to the applications' web.xml, context.xml or tld files...

Remote Code Execution (RCE)

Microsoft ChakraCore is vulnerable to remote code execution. This is due to a type confusion in boundfunction handling which could lead to memory corruption and allow an attacker in memory to execute arbitrary code in the context of the authenticated user. This CVE ID is different from...

Insecure Defaults

Apache Derby is vulnerable to insecure defaults. An attacker can send network packets to a Derby Network Server to maliciously boot a database under their control control. The attack is only possible when the Java Security Manager policy file permits the reading of database locations, which is th...

Carry Propagation

OpenSSL is vulnerable to a carry propagation issue with the x8664 Montgomery squaring procedure. This attack can be carried out against unpatched systems using a target private key with persistent DH parameters and a private key which is shared with multiple clients. This could in some...

Remote Code Execution (RCE)

The nokogiri gem is susceptible to remote code execution RCE attacks. The attacks exist because the library uses the C package libxml2 which is vulnerable to CVE-2017-0663, allowing a malicious user to pass a XML file to execute arbitrary code or crash the application...

Buffer Overread

OpenSSL is vulnerable to buffer overreads. Attackers can cause a on-byte buffer overread by using a X.509 certificate with a malformed IPAddressFamily extension, as a result the certificate would incorrectly be displayed in clear text...

Cache Poisoning

tomcat-catalina is vulnerable to cache poisoning. The library does not add HTTP VARY: Origin headers to it's responses, causing inaccurate caching when re-used across-origins...

Heap-based Buffer Overflow Through Embedded C Dependency

The nokogiri gem contains a libxml2 package which is vulnerable to heap-based buffer overflow. The vulnerability is due to CVE-2016-1839 which is caused when a malicious XML file is passed to xmllint in xmlDictAddString...

Denial Of Service (DoS)

OpenSSL is vulnerable to denial of service DoS attacks and possibly other attacks. A malicious user can pass a reused session ticket to the system that can cause a double free that can lead to the system crashing...

Timing Attacks

OpenSSL is vulnerable to timing attacks. The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2 doesn't check MAC addresses in constant time during the processing of a malformed CBC padding. This is also known as the "Lucky Thirteen" issue...

Information Disclosure

OpenSSL is vulnerable to information disclosure. The library contains a carry propagation bug that can allow a malicious user to gain information on the curve used for encryption during key negotiation using the Elliptic Curve Diffie-Hellman EC-DH Cipher...

Denial Of Service (DoS)

OpenSSL is vulnerable to denial of service DoS attacks. These attacks are possible due to multiple buffer overflows in crypto/srp/srplib.c. The buffer overflows can be triggered by an invalid SRP g, A or B parameter...

Access Restriction Bypass

OpenSSL is vulnerable to access restriction bypass. This is possible because OpenSSL does not enforce the no-ssl3 build option, which then allows remote attackers to bypass intended access restrictions via an SSL 3.0 handshake, related to s23clnt.c and s23srvr.c...

ECDHE-to-ECDH Downgrade Attacks

OpenSSL is vulnerable to ECDHE-to-ECDH downgrade attacks. This is due to a flaw in ssl3getkeyexchange which allows attackers to trigger a loss of forward secrecy to omitting the ServerKeyExchange message...