Redhat Enterprise Linux vulnerabilities

CVE-2011-1145 [HIGH] CWE-120 CVE-2011-1145: The SQLDriverConnect() function in unixODBC before 2.2.14p2 have a possible buffer overflow conditio The SQLDriverConnect() function in unixODBC before 2.2.14p2 have a possible buffer overflow condition when specifying a large value for SAVEFILE parameter in the connection string.

CVE-2012-1155 [HIGH] CWE-200 CVE-2012-1155: Moodle has a database activity export permission issue where the export function of the database act Moodle has a database activity export permission issue where the export function of the database activity module exports all entries even those from groups the user does not belong to

CVE-2012-1156 [HIGH] CWE-532 CVE-2012-1156: Moodle before 2.2.2 has users' private files included in course backups Moodle before 2.2.2 has users' private files included in course backups

CVE-2012-1168 [HIGH] CWE-20 CVE-2012-1168: Moodle before 2.2.2 has a password and web services issue where when the user profile is updated the Moodle before 2.2.2 has a password and web services issue where when the user profile is updated the user password is reset if not specified.

CVE-2019-11135 [MEDIUM] CWE-385 CVE-2019-11135: TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authentic TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.

CVE-2010-4661 [HIGH] CWE-434 CVE-2010-4661: udisks before 1.0.3 allows a local user to load arbitrary Linux kernel modules. udisks before 1.0.3 allows a local user to load arbitrary Linux kernel modules.

CVE-2010-4664 [HIGH] CWE-269 CVE-2010-4664: In ConsoleKit before 0.4.2, an intended security policy restriction bypass was found. This flaw allo In ConsoleKit before 0.4.2, an intended security policy restriction bypass was found. This flaw allows an authenticated system user to escalate their privileges by initiating a remote VNC session.

CVE-2010-4657 [HIGH] CWE-772 CVE-2010-4657: PHP5 before 5.4.4 allows passing invalid utf-8 strings via the xmlTextWriterWriteAttribute, which ar PHP5 before 5.4.4 allows passing invalid utf-8 strings via the xmlTextWriterWriteAttribute, which are then misparsed by libxml2. This results in memory leak into the resulting output.

CVE-2011-2897 [CRITICAL] CWE-20 CVE-2011-2897: gdk-pixbuf through 2.31.1 has GIF loader buffer overflow when initializing decompression tables due gdk-pixbuf through 2.31.1 has GIF loader buffer overflow when initializing decompression tables due to an input validation flaw

CVE-2019-14824 [MEDIUM] CWE-732 CVE-2019-14824: A flaw was found in the 'deref' plugin of 389-ds-base where it could use the 'search' permission to A flaw was found in the 'deref' plugin of 389-ds-base where it could use the 'search' permission to display attribute values. In some configurations, this could allow an authenticated attacker to view private attributes, such as password hashes.

CVE-2019-18805 [CRITICAL] CWE-190 CVE-2019-18805: An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux kernel before 5.0.11. There is a An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux kernel before 5.0.11. There is a net/ipv4/tcp_input.c signed integer overflow in tcp_ack_update_rtt() when userspace writes a very large integer to /proc/sys/net/ipv4/tcp_min_rtt_wlen, leading to a denial of service or possibly unspecified other impact, aka CID-19fad20d15a6.

CVE-2019-18811 [MEDIUM] CWE-401 CVE-2019-18811: A memory leak in the sof_set_get_large_ctrl_data() function in sound/soc/sof/ipc.c in the Linux kern A memory leak in the sof_set_get_large_ctrl_data() function in sound/soc/sof/ipc.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering sof_get_ctrl_copy_params() failures, aka CID-45c1380358b1.

CVE-2014-8181 [MEDIUM] CWE-665 CVE-2014-8181: The kernel in Red Hat Enterprise Linux 7 and MRG-2 does not clear garbage data for SG_IO buffer, whi The kernel in Red Hat Enterprise Linux 7 and MRG-2 does not clear garbage data for SG_IO buffer, which may leaking sensitive information to userspace.

CVE-2013-5661 [MEDIUM] CWE-290 CVE-2013-5661: Cache Poisoning issue exists in DNS Response Rate Limiting. Cache Poisoning issue exists in DNS Response Rate Limiting.

CVE-2016-4983 [LOW] CWE-732 CVE-2016-4983: A postinstall script in the dovecot rpm allows local users to read the contents of newly created SSL A postinstall script in the dovecot rpm allows local users to read the contents of newly created SSL/TLS key files.

CVE-2016-1000002 [LOW] CWE-200 CVE-2016-1000002: gdm3 3.14.2 and possibly later has an information leak before screen lock gdm3 3.14.2 and possibly later has an information leak before screen lock

CVE-2015-8980 [CRITICAL] CWE-20 CVE-2015-8980: The plural form formula in ngettext family of calls in php-gettext before 1.0.12 allows remote attac The plural form formula in ngettext family of calls in php-gettext before 1.0.12 allows remote attackers to execute arbitrary code.

CVE-2013-4409 [CRITICAL] CWE-20 CVE-2013-4409: An eval() vulnerability exists in Python Software Foundation Djblets 0.7.21 and Beanbag Review Board An eval() vulnerability exists in Python Software Foundation Djblets 0.7.21 and Beanbag Review Board before 1.7.15 when parsing JSON requests.

CVE-2013-4251 [HIGH] CWE-269 CVE-2013-4251: The scipy.weave component in SciPy before 0.12.1 creates insecure temporary directories. The scipy.weave component in SciPy before 0.12.1 creates insecure temporary directories.

CVE-2005-4890 [HIGH] CWE-20 CVE-2005-4890: There is a possible tty hijacking in shadow 4.x before 4.1.5 and sudo 1.x before 1.7.4 via "su - use There is a possible tty hijacking in shadow 4.x before 4.1.5 and sudo 1.x before 1.7.4 via "su - user -c program". The user session can be escaped to the parent session by using the TIOCSTI ioctl to push characters into the input buffer to be read by the next process.