Enterprise_linux_server_aus - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Enterprise_linux_server_aus
(Redhat)

Repositories

• https://github.com/torvalds/linux
• https://github.com/krb5/krb5
• https://github.com/libarchive/libarchive
• https://github.com/rubygems/rubygems
• https://github.com/the-tcpdump-group/tcpdump

• https://github.com/mdadams/jasper
• https://github.com/neomutt/neomutt
• https://github.com/mysql/mysql-server
• https://github.com/newsoft/libvncserver
• https://github.com/golang/go
• git://git.openssl.org/openssl.git
• https://github.com/apache/httpd
• https://github.com/dajobe/raptor
• https://github.com/mm2/Little-CMS
• https://github.com/qos-ch/slf4j
• https://github.com/uclouvain/openjpeg
• https://github.com/FreeRDP/FreeRDP
• https://github.com/Perl/perl5
• https://github.com/openssh/openssh-portable
• https://github.com/jpirko/libndp
• https://github.com/szukw000/openjpeg
• https://github.com/sosreport/sos-collector
• https://github.com/openbsd/src
• https://github.com/paramiko/paramiko
• https://github.com/mjg59/linux
• https://github.com/ImageMagick/ImageMagick
• https://github.com/git/git
• https://github.com/karelzak/util-linux
• https://github.com/GNOME/evince
• https://git.savannah.gnu.org/git/patch.git
• https://github.com/UNINETT/mod_auth_mellon
• https://github.com/flori/json
• https://github.com/flatpak/flatpak
• https://github.com/vadz/libtiff

#Vulnerabilities

1045

Date	Id	Summary	Products	Score	Patch	Annotated
2022-02-18	CVE-2016-2124	A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the plaintext password sent over the wire even if Kerberos authentication was required.	Ubuntu_linux, Debian_linux, Fedora, Codeready_linux_builder, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_for_ibm_z_systems, Enterprise_linux_for_ibm_z_systems_eus, Enterprise_linux_for_power_big_endian, Enterprise_linux_for_power_little_endian, Enterprise_linux_for_power_little_endian_eus, Enterprise_linux_for_scientific_computing, Enterprise_linux_resilient_storage, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_server_update_services_for_sap_solutions, Enterprise_linux_tus, Enterprise_linux_workstation, Gluster_storage, Openstack, Virtualization_host, Samba	5.9
2014-03-19	CVE-2014-1505	The SVG filter implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive displacement-correlation information, and possibly bypass the Same Origin Policy and read text from a different domain, via a timing attack involving feDisplacementMap elements, a related issue to CVE-2013-1693.	Ubuntu_linux, Debian_linux, Firefox, Firefox_esr, Seamonkey, Thunderbird, Suse_linux_enterprise_software_development_kit, Opensuse, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Suse_linux_enterprise_desktop, Suse_linux_enterprise_server	7.5
2015-04-01	CVE-2015-2808	The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the "Bar Mitzvah" issue.	Ubuntu_linux, Debian_linux, Sparc_enterprise_m3000_firmware, Sparc_enterprise_m4000_firmware, Sparc_enterprise_m5000_firmware, Sparc_enterprise_m8000_firmware, Sparc_enterprise_m9000_firmware, 9700_firmware, E6000_firmware, E9000_firmware, Oceanstor_18500_firmware, Oceanstor_18800_firmware, Oceanstor_18800f_firmware, Oceanstor_9000_firmware, Oceanstor_cse_firmware, Oceanstor_hvs85t_firmware, Oceanstor_replicationdirector, Oceanstor_s2600t_firmware, Oceanstor_s5500t_firmware, Oceanstor_s5600t_firmware, Oceanstor_s5800t_firmware, Oceanstor_s6800t_firmware, Oceanstor_vis6600t_firmware, Policy_center, Quidway_s9300_firmware, S12700_firmware, S2700_firmware, S2750_firmware, S3700_firmware, S5700ei_firmware, S5700hi_firmware, S5700li_firmware, S5700s\-Li_firmware, S5700si_firmware, S5710ei_firmware, S5710hi_firmware, S5720ei_firmware, S5720hi_firmware, S6700_firmware, S7700_firmware, Smc2\.0, Te60_firmware, Ultravr, Cognos_metrics_manager, Opensuse, Communications_application_session_controller, Communications_policy_management, Http_server, Integrated_lights_out_manager_firmware, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Satellite, Linux_enterprise_debuginfo, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit, Manager	N/A
2019-05-07	CVE-2019-11811	An issue was discovered in the Linux kernel before 5.0.4. There is a use-after-free upon attempted read access to /proc/ioports after the ipmi_si module is removed, related to drivers/char/ipmi/ipmi_si_intf.c, drivers/char/ipmi/ipmi_si_mem_io.c, and drivers/char/ipmi/ipmi_si_port_io.c.	Linux_kernel, Leap, Enterprise_linux, Enterprise_linux_aus, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation	7.0
2019-11-25	CVE-2019-14815	A vulnerability was found in Linux Kernel, where a Heap Overflow was found in mwifiex_set_wmm_params() function of Marvell Wifi Driver.	Linux_kernel, Altavault, Baseboard_management_controller, Hci, Solidfire, Solidfire_baseboard_management_controller_firmware, Steelstore, Codeready_linux_builder_eus, Codeready_linux_builder_for_power_little_endian_eus, Enterprise_linux, Enterprise_linux_for_ibm_z_systems_\(Structure_a\), Enterprise_linux_for_ibm_z_systems_eus, Enterprise_linux_for_real_time, Enterprise_linux_for_real_time_for_nfv, Enterprise_linux_for_real_time_for_nfv_tus, Enterprise_linux_for_real_time_tus, Enterprise_linux_server_aus, Enterprise_linux_server_tus	7.8
2019-09-20	CVE-2019-14816	There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.	Ubuntu_linux, Debian_linux, Fedora, Linux_kernel, A220_firmware, A320_firmware, A700s_firmware, A800_firmware, C190_firmware, Data_availability_services, Fas2720_firmware, Fas2750_firmware, H300e_firmware, H300s_firmware, H410s_firmware, H500e_firmware, H500s_firmware, H610s_firmware, H700e_firmware, H700s_firmware, Hci_management_node, Service_processor, Solidfire, Steelstore_cloud_integrated_storage, Leap, Enterprise_linux, Enterprise_linux_compute_node_eus, Enterprise_linux_eus, Enterprise_linux_for_power_big_endian_eus, Enterprise_linux_for_real_time, Enterprise_linux_for_real_time_for_nfv, Enterprise_linux_for_real_time_for_nfv_tus, Enterprise_linux_for_real_time_tus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_tus, Messaging_realtime_grid, Virtualization	7.8
2018-03-16	CVE-2018-1068	A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory.	Ubuntu_linux, Debian_linux, Linux_kernel, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Virtualization_host	6.7
2019-01-16	CVE-2017-3145	BIND was improperly sequencing cleanup operations on upstream recursion fetch contexts, leading in some cases to a use-after-free error that can trigger an assertion failure and crash in named. Affects BIND 9.0.0 to 9.8.x, 9.9.0 to 9.9.11, 9.10.0 to 9.10.6, 9.11.0 to 9.11.2, 9.9.3-S1 to 9.9.11-S1, 9.10.5-S1 to 9.10.6-S1, 9.12.0a1 to 9.12.0rc1.	Debian_linux, Bind, Junos, Data_ontap_edge, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation	7.5
2018-03-23	CVE-2018-1000140	rsyslog librelp version 1.2.14 and earlier contains a Buffer Overflow vulnerability in the checking of x509 certificates from a peer that can result in Remote code execution. This attack appear to be exploitable a remote attacker that can connect to rsyslog and trigger a stack buffer overflow by sending a specially crafted x509 certificate.	Ubuntu_linux, Debian_linux, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Librelp	9.8
2019-01-16	CVE-2019-2535	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options). Supported versions that are affected are 8.0.13 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.1...	Oncommand_unified_manager, Oncommand_workflow_automation, Snapcenter, Storage_automation_store, Mysql, Enterprise_linux, Enterprise_linux_eus, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Software_collections	4.1