Remote Code Execution (RCE) Through Deserialization

jackson-databind is vulnerable to remote code execution RCE attacks. This is due to a polymorphic typing issue when Default Typing is enabled. An attacker can craft a malicious JSON to invoke com.mysql.cj.jdbc.admin.MiniAdmin class, allowing the attacker to host a MySQL server or read arbitrary...

Arbitrary Code Execution

The Redis command line tool 'redis-cli' is vulnerable to arbitrary code execution through the -h host command line parameter which allows an attacker to achieve code execution and escalate to higher privileges...

Denial Of Service (DoS)

PHP is vulnerable to denial of serviceDoS attacks. This occurs in the pharparsepharfile function in ext/phar/phar.c which allows remote attackers to cause a memory consumption or application crash via a truncated manifest entry in a PHAR archive...

Denial Of Service (DoS)

Apache HTTP Server is vulnerable to denial of serviceDoS attacks. A remote user could send a specially crafted HTTP/2 request to trigger a null pointer dereference in the modhttp2 component and cause the server process to crash...

Denial Of Service (DoS) Through Divide By Zero

QEMU is vulnerable to denial of serviceDoS through divide by zero attacks. This occurs in the cirrusdocopy function in hw/display/cirrusvga.c when cirrus graphics mode is VGA. Privileged users could cause divide-by-zero error and a process crash via vectors involving blit pitch values...

Denial Of Service (DoS)

KVM Kernel-based Virtual Machine is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. A heap-based buffer overflow flaw was discovered in the way QEMU's AMD PC-Net II Ethernet...

Information Disclosure

The libxml2 library is a development toolbox providing the implementation of various XML standards. Several denial of service flaws were found in libxml2, a library providing support for reading, modifying, and writing XML and HTML files. A remote attacker could provide a specially crafted XML or...

Denial Of Service (DoS)

The libxml2 library is a development toolbox providing the implementation of various XML standards. Several denial of service flaws were found in libxml2, a library providing support for reading, modifying, and writing XML and HTML files. A remote attacker could provide a specially crafted XML or...

Arbitrary Code Execution

Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with...

Denial Of Service (DoS)

OpenSSL is a toolkit that implements the Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 protocols, as well as a full-strength, general purpose cryptography library. An invalid free flaw was found in the way OpenSSL handled certain DTLS handshake messages. A malicious DTLS clie...

Arbitrary File Read And Write

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The php54 packages provide a recent stable release of PHP with the PEAR 1.9.4, APC 3.1.15, and memcache 3.0.8 PECL extensions, and a number of additional utilities. The php54 packages have been upgraded to...

Denial Of Service (DoS)

file is vulnerable to denial of service. Multiple flaws were found in the way file parsed Executable and Linkable Format ELF files. A remote attacker could use these flaws to cause file to crash, disclose portions of its memory, or consume an excessive amount of system resources...

Denial Of Service (DoS)

HTTPS NIO Connector is vulnerable to Denial Of Service DoS attacks. The component Socket Handler's functionality is affected by opening a socket and not sending an SSL handshake which results in a read-timeout vulnerability...

Denial Of Service (DoS)

The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. A denial of...

Out-Of-Bounds Read

Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with...

XML External Entity (XXE)

OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service PaaS solution designed for on-premise or private cloud deployments. The following security issues are addressed with this release: An authorization flaw was discovered in Kubernetes; the API server did not...

Improper Access Control

Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird...

Cross-site Request Forgery (CSRF)

Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. It was discovered that sending requests containing large headers to the Web Console produced a Java OutOfMemoryError in the HTTP management interface. An attacker could use thi...

Denial Of Service (DoS)

jenkins is vulnerable to denial of service. A remotely authenticated user is able to cause a denial of service condition caused by improper plug-in and tool installation via malicious update center data...

Denial Of Service (DoS)

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update...

Denial Of Service (DoS)

Subversion SVN is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The moddavsvn module is used with the Apache HTTP Server to allow access to Subversion...

Sandbox Protection Bypass

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. An off-by-one flaw, leading to a buffer overflow, was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause t...

Information Disclosure

The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. A race condition leading to a use-after-free flaw was found in the way the Linux kernel's TCP/IP protocol suite implementation handled the addition of fragments to the LRU Last-Recently Used list under certai...

Arbitrary Code Execution

Red Hat CloudForms Management Engine delivers the insight, control, and automation enterprises need to address the challenges of managing virtual environments, which are far more complex than physical ones. This technology enables enterprises with existing virtual infrastructures to improve...

Integer Overflow

PostgreSQL is an advanced object-relational database management system DBMS. Multiple stack-based buffer overflow flaws were found in the date/time implementation of PostgreSQL. An authenticated database user could provide a specially crafted date/time value that, when processed, could cause...

Arbitrary Code Execution

IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Detailed vulnerability descriptions are linked from the IBM Security...

Heap-based Out-Of-Bounds Write

The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way IP packets with an Internet Header Length ihl of zero were processed in the skbflowdissect function in the Linux kernel. A remote attacker could use this flaw to trigger an infinit...

Denial Of Service (DoS)

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update...

Use-After-Free

Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with...

Cross-Site Scripting (XSS)

Red Hat OpenShift Enterprise is a cloud computing Platform-as-a-Service PaaS solution designed for on-premise or private cloud deployments. Refer to the Red Hat OpenShift Enterprise 1.1 Release Notes for information about the changes in this release. The Release Notes will be available shortly fr...

Privilege Escalation

An attack technique against the W3C XML Encryption Standard when block ciphers were used in CBC mode could allow a remote attacker to conduct chosen-ciphertext attacks, leading to the recovery of the entire plain text of a particular cryptogram. CVE-2011-1096 JBoss Web Services leaked side-channe...

Memory Corruption

Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with...

Improper Access Control

Oracle Java SE is vulnerable to improper access control. Remote unauthenticated attackers could bypass Java sandbox restrictions via the vulnerable component RMI...

Cross-Site Request Forgery (CSRF)

OpenShift Enterprise is a cloud computing Platform-as-a-Service PaaS solution from Red Hat, and is designed for on-premise or private cloud deployments. A flaw was found in the handling of paths provided to ruby193-rubygem-rack. A remote attacker could use this flaw to conduct a directory travers...

Cross-site Scripting (XSS)

Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with...

Denial Of Service (DoS)

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update...

Denial Of Service (DoS)

MySQL is vulnerable to denial of service DoS. It allows remote attackers to affect availability via unknown vectors...

Server-side Request Forgery (SSRF)

moodle/moodle is vulnerable to server-side request forgery SSRF. The vulnerability allows an attacker to cause the server to issue requests to arbitrary hosts via the backpackurl in badges/backpackform.php...

Remote Code Execution (RCE)

git us vulnerable to remote code execution. A remote attacker is able to execute arbitrary code during the processing of a recursive git clone of a superproject, when the .gitmodules file contains a URL field beginning with - character...

Denial Of Service (DoS)

kernel-rt is vulnerable to denial of service DoS attacks. The vulnerability exists as net/xfrm/xfrmpolicy.c in the Linux kernel through 4.12.3, when CONFIGXFRMMIGRATE is enabled, does not ensure that the dir value of xfrmuserpolicyid is XFRMPOLICYMAX or less, which allows local users to cause a...

Local Privilege Escalation

kernel is vulnerable to arbitrary code execution attacks. The vulnerability exists as a statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual SDM was mishandled in the development of some or all operating-system kernels, resulting in...

Remote Code Execution (RCE)

lucene-queryparser is vulnerable to remote code execution. This is possible through the use of an XML external entity expansion XXE attack and the Config API with add-listener command...

Authentication Bypass

httpd is vulnerable to authentication bypass attacks. The vulnerability exists as the use of the apgetbasicauthpw by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed...

Remote Code Execution (RCE)

kernel is vulnerable to remote code execution RCE attacks. The vulnerability exists as a use-after-free vulnerability in the sysrecvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is...

Arbitrary Code Execution

jenkins is vulnerable to arbitrary code execution attacks. The vulnerability exists as the remoting module in Jenkins before 1.650 and LTS before 1.642.2 allows remote attackers to execute arbitrary code by opening a JRMP listener...

Denial Of Service (DoS)

libxml2 is vulnerable to denial of service DoS attacks. The vulnerability exists as libxml2 2.9.0 and earlier allows context-dependent attackers to cause a denial of service CPU and memory consumption via an XML file containing an entity declaration with long replacement text and many references ...

Cross-site Scripting (XSS)

actionpack gem is vulnerable to cross-site scripting XSS vulnerability. The attacker can input malicious string via actionpack/lib/actionview/helpers/translationhelper.rb to trigger generation of a fallback string by the i18n gem...

Cross-site Scripting (XSS)

httpd is vulnerable to cross-site scripting XSS. A remote attacker is able to inject arbitrary Javascript into a victim's browser via hostnames and URIs in the modimagemap, modinfo, modldap, modproxyftp and modstatus modules...

Authorization Bypass

mysql is vulnerable to authorization bypass attacks. The vulnerability exists as MySQL 5.0.88, and possibly other versions and platforms, allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified 1 DATA DIRECTORY or 2 INDEX DIRECTORY arguments...

HTTP Request Smuggling

Apache Tomcat is vulnerable to HTTP request smuggling. Incorrect handling of HTTP requests allows a remote attacker to poison the web cache, bypass web application firewall protections or perform XSS attacks. The vulnerability is exploited by submitting crafted values for the Transfer-Encoding an...