Enterprise_linux_server_aus - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Enterprise_linux_server_aus
(Redhat)

Repositories

• https://github.com/torvalds/linux
• https://github.com/krb5/krb5
• https://github.com/libarchive/libarchive
• https://github.com/rubygems/rubygems
• https://github.com/the-tcpdump-group/tcpdump

• https://github.com/mdadams/jasper
• https://github.com/neomutt/neomutt
• https://github.com/mysql/mysql-server
• https://github.com/newsoft/libvncserver
• https://github.com/golang/go
• git://git.openssl.org/openssl.git
• https://github.com/dajobe/raptor
• https://github.com/mm2/Little-CMS
• https://github.com/qos-ch/slf4j
• https://github.com/uclouvain/openjpeg
• https://github.com/FreeRDP/FreeRDP
• https://github.com/Perl/perl5
• https://github.com/apache/httpd
• https://github.com/openssh/openssh-portable
• https://github.com/jpirko/libndp
• https://github.com/szukw000/openjpeg
• https://github.com/sosreport/sos-collector
• https://github.com/openbsd/src
• https://github.com/paramiko/paramiko
• https://github.com/mjg59/linux
• https://github.com/ImageMagick/ImageMagick
• https://github.com/git/git
• https://github.com/karelzak/util-linux
• https://github.com/GNOME/evince
• https://git.savannah.gnu.org/git/patch.git
• https://github.com/UNINETT/mod_auth_mellon
• https://github.com/flori/json
• https://github.com/flatpak/flatpak
• https://github.com/vadz/libtiff

#Vulnerabilities

1032

Date	Id	Summary	Products	Score	Patch	Annotated
2018-01-18	CVE-2018-2641	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded,...	Ubuntu_linux, Debian_linux, Xp7_command_view, Xp_command_view, Xp_p9000_command_view, Jdk, Jre, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Satellite, Struxureware_data_center_expert	6.1
2018-01-18	CVE-2018-2677	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in...	Ubuntu_linux, Debian_linux, Xp7_command_view, Xp_command_view, Xp_p9000_command_view, Jdk, Jre, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Satellite, Struxureware_data_center_expert	4.3
2018-01-18	CVE-2018-2678	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of...	Ubuntu_linux, Debian_linux, Xp7_command_view, Xp_command_view, Xp_p9000_command_view, Jdk, Jre, Jrockit, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Satellite, Struxureware_data_center_expert	4.3
2009-03-06	CVE-2009-0834	The audit_syscall_entry function in the Linux kernel 2.6.28.7 and earlier on the x86_64 platform does not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass certain syscall audit configurations via crafted syscalls, a related issue to CVE-2009-0342 and CVE-2009-0343.	Ubuntu_linux, Debian_linux, Linux_kernel, Opensuse, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_workstation, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit	N/A
2011-02-18	CVE-2011-1044	The ib_uverbs_poll_cq function in drivers/infiniband/core/uverbs_cmd.c in the Linux kernel before 2.6.37 does not initialize a certain response buffer, which allows local users to obtain potentially sensitive information from kernel memory via vectors that cause this buffer to be only partially filled, a different vulnerability than CVE-2010-4649.	Linux_kernel, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_workstation	N/A
2012-01-18	CVE-2012-0031	scoreboard.c in the Apache HTTP Server 2.2.21 and earlier might allow local users to cause a denial of service (daemon crash during shutdown) or possibly have unspecified other impact by modifying a certain type field within a scoreboard shared memory segment, leading to an invalid call to the free function.	Http_server, Debian_linux, Opensuse, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_workstation, Jboss_enterprise_web_server, Storage, Linux_enterprise_server, Linux_enterprise_software_development_kit	N/A
2012-03-22	CVE-2011-3045	Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file, a different vulnerability than CVE-2011-3026.	Debian_linux, Fedora, Chrome, Libpng, Opensuse, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_workstation, Gluster_storage, Storage, Storage_for_public_cloud	N/A
2013-06-10	CVE-2013-1862	mod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via an HTTP request containing an escape sequence for a terminal emulator.	Http_server, Ubuntu_linux, Opensuse, Http_server, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_workstation, Jboss_enterprise_application_platform	N/A
2014-04-15	CVE-2013-5704	The mod_headers module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass "RequestHeader unset" directives by placing a header in the trailer portion of data sent with chunked transfer coding. NOTE: the vendor states "this is not a security issue in httpd as such."	Http_server, Mac_os_x, Mac_os_x_server, Ubuntu_linux, Enterprise_manager_ops_center, Http_server, Linux, Solaris, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Jboss_enterprise_web_server	N/A
2014-07-03	CVE-2014-4656	Multiple integer overflows in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 allow local users to cause a denial of service by leveraging /dev/snd/controlCX access, related to (1) index values in the snd_ctl_add function and (2) numid values in the snd_ctl_remove_numid_conflict function.	Ubuntu_linux, Linux_kernel, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Linux_enterprise_server	N/A