Enterprise_linux_server - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Enterprise_linux_server
(Redhat)

Repositories

• https://github.com/torvalds/linux
• https://github.com/krb5/krb5
• https://github.com/ceph/ceph
• https://github.com/libarchive/libarchive
• https://github.com/kyz/libmspack

• https://github.com/LibRaw/LibRaw
• https://github.com/rubygems/rubygems
• https://github.com/madler/zlib
• https://github.com/the-tcpdump-group/tcpdump
• https://github.com/fedora-selinux/setroubleshoot
• https://github.com/mdadams/jasper
• https://github.com/ntp-project/ntp
• https://github.com/neomutt/neomutt
• https://github.com/mm2/Little-CMS
• https://github.com/openbsd/src
• https://github.com/abrt/abrt
• https://github.com/mysql/mysql-server
• https://github.com/golang/go
• git://git.openssl.org/openssl.git
• https://github.com/dajobe/raptor
• https://github.com/Katello/katello
• https://github.com/opencontainers/runc
• https://github.com/openstack/swift
• https://github.com/qos-ch/slf4j
• https://github.com/uclouvain/openjpeg
• https://github.com/SELinuxProject/selinux
• https://github.com/ClusterLabs/pacemaker
• https://github.com/FreeRDP/FreeRDP
• https://github.com/Perl/perl5
• https://github.com/jpirko/libndp
• https://github.com/candlepin/subscription-manager
• https://github.com/dogtagpki/pki
• https://github.com/szukw000/openjpeg
• https://github.com/rpm-software-management/yum-utils
• https://github.com/sosreport/sos-collector
• https://github.com/requests/requests
• https://github.com/glennrp/libpng
• https://github.com/paramiko/paramiko
• https://github.com/ImageMagick/ImageMagick
• https://github.com/git/git
• https://github.com/karelzak/util-linux
• https://github.com/GNOME/evince
• https://git.savannah.gnu.org/git/patch.git
• https://github.com/UNINETT/mod_auth_mellon
• https://github.com/flori/json
• https://github.com/flatpak/flatpak
• https://github.com/libguestfs/hivex
• https://github.com/vadz/libtiff
• https://github.com/jquery/jquery-ui

#Vulnerabilities

1891

Date	Id	Summary	Products	Score	Patch	Annotated
2020-02-11	CVE-2020-6416	Insufficient data validation in streams in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	Debian_linux, Fedora, Chrome, Backports_sle, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Package_hub	8.8
2020-02-12	CVE-2020-8945	The proglottis Go wrapper before 0.1.1 for the GPGME library has a use-after-free, as demonstrated by use for container image pulls by Docker or CRI-O. This leads to a crash or potential code execution during GPG signature verification.	Fedora, Gpgme, Enterprise_linux_for_ibm_z_systems, Enterprise_linux_for_power_little_endian, Enterprise_linux_server, Enterprise_linux_workstation, Openshift_container_platform, Openshift_container_platform_for_ibm_z, Openshift_container_platform_for_linuxone	7.5
2020-02-13	CVE-2020-3757	Adobe Flash Player versions 32.0.0.321 and earlier, 32.0.0.314 and earlier, 32.0.0.321 and earlier, and 32.0.0.255 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.	Flash_player, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation	8.8
2020-02-27	CVE-2020-6383	Type confusion in V8 in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	Debian_linux, Fedora, Chrome, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation	8.8
2020-02-27	CVE-2020-6384	Use after free in WebAudio in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	Debian_linux, Fedora, Chrome, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation	8.8
2020-02-27	CVE-2020-6386	Use after free in speech in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	Debian_linux, Fedora, Chrome, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation	8.8
2020-02-27	CVE-2020-6418	Type confusion in V8 in Google Chrome prior to 80.0.3987.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	Debian_linux, Fedora, Chrome, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation	8.8
2020-07-13	CVE-2020-14298	The version of docker as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 advisory included an incorrect version of runc missing the fix for CVE-2019-5736, which was previously fixed via RHSA-2019:0304. This issue could allow a malicious or compromised container to compromise the container host and other containers running on the same host. This issue only affects docker version 1.13.1-108.git4ef4b30.el7, shipped in Red Hat Enterprise Linux 7 Extras. Both earlier and later...	Docker, Enterprise_linux_server, Openshift_container_platform	8.8
2020-07-13	CVE-2020-14300	The docker packages version docker-1.13.1-108.git4ef4b30.el7 as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 (https://access.redhat.com/errata/RHBA-2020:0053) included an incorrect version of runc that was missing multiple bug and security fixes. One of the fixes regressed in that update was the fix for CVE-2016-9962, that was previously corrected in the docker packages in Red Hat Enterprise Linux 7 Extras via RHSA-2017:0116...	Docker, Enterprise_linux_server	8.8
2020-10-27	CVE-2020-3864	A logic issue was addressed with improved validation. This issue is fixed in iCloud for Windows 7.17, iTunes 12.10.4 for Windows, iCloud for Windows 10.9.2, tvOS 13.3.1, Safari 13.0.5, iOS 13.3.1 and iPadOS 13.3.1. A DOM object context may not have had a unique security origin.	Icloud, Ipados, Iphone_os, Itunes, Safari, Tvos, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation	7.8