Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Enterprise_linux
(Redhat)Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2016-06-09 | CVE-2016-2150 | SPICE allows local guest OS users to read from or write to arbitrary host memory locations via crafted primary surface parameters, a similar issue to CVE-2015-5261. | Debian_linux, Leap, Opensuse, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_hpc_node_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_workstation, Spice | 7.1 | ||
2018-10-24 | CVE-2016-10730 | An issue was discovered in Amanda 3.3.1. A user with backup privileges can trivially compromise a client installation. Amstar is an Amanda Application API script. It should not be run by users directly. It uses star to backup and restore data. It runs binaries with root permissions when parsing the command line argument --star-path. | Enterprise_linux, Amanda | 7.8 | ||
2018-10-24 | CVE-2016-10729 | An issue was discovered in Amanda 3.3.1. A user with backup privileges can trivially compromise a client installation. The "runtar" setuid root binary does not check for additional arguments supplied after --create, allowing users to manipulate commands and perform command injection as root. | Debian_linux, Enterprise_linux, Amanda | 7.8 | ||
2016-04-19 | CVE-2016-0741 | slapd/connection.c in 389 Directory Server (formerly Fedora Directory Server) 1.3.4.x before 1.3.4.7 allows remote attackers to cause a denial of service (infinite loop and connection blocking) by leveraging an abnormally closed connection. | 389_directory_server, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_hpc_node, Enterprise_linux_server, Enterprise_linux_workstation | 7.5 | ||
2016-04-13 | CVE-2016-0739 | libssh before 0.7.3 improperly truncates ephemeral secrets generated for the (1) diffie-hellman-group1 and (2) diffie-hellman-group14 key exchange methods to 128 bits, which makes it easier for man-in-the-middle attackers to decrypt or intercept SSH sessions via unspecified vectors, aka a "bits/bytes confusion bug." | Ubuntu_linux, Debian_linux, Fedora, Libssh, Enterprise_linux | 5.9 | ||
2016-04-21 | CVE-2016-0665 | Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.10 and earlier allows local users to affect availability via vectors related to Security: Encryption. | Ubuntu_linux, Mysql, Enterprise_linux | 5.5 | ||
2016-04-21 | CVE-2016-0661 | Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.10 and earlier allows local users to affect availability via vectors related to Options. | Ubuntu_linux, Mysql, Enterprise_linux | 4.7 | ||
2016-04-21 | CVE-2016-0655 | Unspecified vulnerability in Oracle MySQL 5.6.29 and earlier and 5.7.11 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to InnoDB. | Debian_linux, Mariadb, Leap, Mysql, Enterprise_linux | 4.7 | ||
2016-04-21 | CVE-2016-0643 | Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect confidentiality via vectors related to DML. | Debian_linux, Powerkvm, Mariadb, Leap, Mysql, Enterprise_linux | 3.3 | ||
2016-04-21 | CVE-2016-0639 | Unspecified vulnerability in Oracle MySQL 5.6.29 and earlier and 5.7.11 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Pluggable Authentication. | Mysql, Enterprise_linux | 9.8 |