Filtered by vendor Redhat
Subscriptions
Filtered by product Enterprise Linux
Subscriptions
Total
15490 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-29660 | 6 Broadcom, Debian, Fedoraproject and 3 more | 18 Fabric Operating System, Debian Linux, Fedora and 15 more | 2024-11-21 | 4.4 Medium |
| A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c may allow a read-after-free attack against TIOCGSID, aka CID-c8bcd9c5be24. | ||||
| CVE-2020-29652 | 2 Golang, Redhat | 4 Ssh, Container Native Virtualization, Enterprise Linux and 1 more | 2024-11-21 | 7.5 High |
| A nil pointer dereference in the golang.org/x/crypto/ssh component through v0.0.0-20201203163018-be400aefbc4c for Go allows remote attackers to cause a denial of service against SSH servers. | ||||
| CVE-2020-29623 | 4 Apple, Fedoraproject, Redhat and 1 more | 9 Ipados, Iphone Os, Mac Os X and 6 more | 2024-11-21 | 3.3 Low |
| "Clear History and Website Data" did not clear the history. The issue was addressed with improved data deletion. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. A user may be unable to fully delete browsing history. | ||||
| CVE-2020-29599 | 3 Debian, Imagemagick, Redhat | 3 Debian Linux, Imagemagick, Enterprise Linux | 2024-11-21 | 7.8 High |
| ImageMagick before 6.9.11-40 and 7.x before 7.0.10-40 mishandles the -authenticate option, which allows setting a password for password-protected PDF files. The user-controlled password was not properly escaped/sanitized and it was therefore possible to inject additional shell commands via coders/pdf.c. | ||||
| CVE-2020-29573 | 3 Gnu, Netapp, Redhat | 9 Glibc, Cloud Backup, Solidfire Baseboard Management Controller and 6 more | 2024-11-21 | 7.5 High |
| sysdeps/i386/ldbl2mpn.c in the GNU C Library (aka glibc or libc6) before 2.23 on x86 targets has a stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern, as seen when passing a \x00\x04\x00\x00\x00\x00\x00\x00\x00\x04 value to sprintf. NOTE: the issue does not affect glibc by default in 2016 or later (i.e., 2.23 or later) because of commits made in 2015 for inlining of C99 math functions through use of GCC built-ins. In other words, the reference to 2.23 is intentional despite the mention of "Fixed for glibc 2.33" in the 26649 reference. | ||||
| CVE-2020-29443 | 3 Debian, Qemu, Redhat | 5 Debian Linux, Qemu, Advanced Virtualization and 2 more | 2024-11-21 | 3.9 Low |
| ide_atapi_cmd_reply_end in hw/ide/atapi.c in QEMU 5.1.0 allows out-of-bounds read access because a buffer index is not validated. | ||||
| CVE-2020-29368 | 3 Linux, Netapp, Redhat | 11 Linux Kernel, Cloud Backup, Element Software and 8 more | 2024-11-21 | 7.0 High |
| An issue was discovered in __split_huge_pmd in mm/huge_memory.c in the Linux kernel before 5.7.5. The copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check, aka CID-c444eb564fb1. | ||||
| CVE-2020-29363 | 4 Debian, Oracle, P11-kit Project and 1 more | 4 Debian Linux, Communications Cloud Native Core Policy, P11-kit and 1 more | 2024-11-21 | 7.5 High |
| An issue was discovered in p11-kit 0.23.6 through 0.23.21. A heap-based buffer overflow has been discovered in the RPC protocol used by p11-kit server/remote commands and the client library. When the remote entity supplies a serialized byte array in a CK_ATTRIBUTE, the receiving entity may not allocate sufficient length for the buffer to store the deserialized value. | ||||
| CVE-2020-29362 | 2 P11-kit Project, Redhat | 2 P11-kit, Enterprise Linux | 2024-11-21 | 5.3 Medium |
| An issue was discovered in p11-kit 0.21.1 through 0.23.21. A heap-based buffer over-read has been discovered in the RPC protocol used by thep11-kit server/remote commands and the client library. When the remote entity supplies a byte array through a serialized PKCS#11 function call, the receiving entity may allow the reading of up to 4 bytes of memory past the heap allocation. | ||||
| CVE-2020-29361 | 3 Debian, P11-kit Project, Redhat | 3 Debian Linux, P11-kit, Enterprise Linux | 2024-11-21 | 7.5 High |
| An issue was discovered in p11-kit 0.21.1 through 0.23.21. Multiple integer overflows have been discovered in the array allocations in the p11-kit library and the p11-kit list command, where overflow checks are missing before calling realloc or calloc. | ||||
| CVE-2020-29130 | 4 Debian, Fedoraproject, Libslirp Project and 1 more | 4 Debian Linux, Fedora, Libslirp and 1 more | 2024-11-21 | 4.3 Medium |
| slirp.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packet length. | ||||
| CVE-2020-29129 | 4 Debian, Fedoraproject, Libslirp Project and 1 more | 4 Debian Linux, Fedora, Libslirp and 1 more | 2024-11-21 | 4.3 Medium |
| ncsi.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packet length. | ||||
| CVE-2020-28974 | 3 Debian, Linux, Redhat | 3 Debian Linux, Linux Kernel, Enterprise Linux | 2024-11-21 | 5.0 Medium |
| A slab-out-of-bounds read in fbcon in the Linux kernel before 5.9.7 could be used by local attackers to read privileged information or potentially crash the kernel, aka CID-3c4e0dff2095. This occurs because KD_FONT_OP_COPY in drivers/tty/vt/vt.c can be used for manipulations such as font height. | ||||
| CVE-2020-28948 | 5 Debian, Drupal, Fedoraproject and 2 more | 6 Debian Linux, Drupal, Fedora and 3 more | 2024-11-21 | 7.8 High |
| Archive_Tar through 1.4.10 allows an unserialization attack because phar: is blocked but PHAR: is not blocked. | ||||
| CVE-2020-28935 | 3 Debian, Nlnetlabs, Redhat | 5 Debian Linux, Name Server Daemon, Unbound and 2 more | 2024-11-21 | 5.5 Medium |
| NLnet Labs Unbound, up to and including version 1.12.0, and NLnet Labs NSD, up to and including version 4.3.3, contain a local vulnerability that would allow for a local symlink attack. When writing the PID file, Unbound and NSD create the file if it is not there, or open an existing file for writing. In case the file was already present, they would follow symlinks if the file happened to be a symlink instead of a regular file. An additional chown of the file would then take place after it was written, making the user Unbound/NSD is supposed to run as the new owner of the file. If an attacker has local access to the user Unbound/NSD runs as, she could create a symlink in place of the PID file pointing to a file that she would like to erase. If then Unbound/NSD is killed and the PID file is not cleared, upon restarting with root privileges, Unbound/NSD will rewrite any file pointed at by the symlink. This is a local vulnerability that could create a Denial of Service of the system Unbound/NSD is running on. It requires an attacker having access to the limited permission user Unbound/NSD runs as and point through the symlink to a critical file on the system. | ||||
| CVE-2020-28916 | 3 Debian, Qemu, Redhat | 3 Debian Linux, Qemu, Enterprise Linux | 2024-11-21 | 5.5 Medium |
| hw/net/e1000e_core.c in QEMU 5.0.0 has an infinite loop via an RX descriptor with a NULL buffer address. | ||||
| CVE-2020-28915 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Rhev Hypervisor | 2024-11-21 | 5.8 Medium |
| A buffer over-read (at the framebuffer layer) in the fbcon code in the Linux kernel before 5.8.15 could be used by local attackers to read kernel memory, aka CID-6735b4632def. | ||||
| CVE-2020-28896 | 4 Debian, Mutt, Neomutt and 1 more | 4 Debian Linux, Mutt, Neomutt and 1 more | 2024-11-21 | 5.3 Medium |
| Mutt before 2.0.2 and NeoMutt before 2020-11-20 did not ensure that $ssl_force_tls was processed if an IMAP server's initial server response was invalid. The connection was not properly closed, and the code could continue attempting to authenticate. This could result in authentication credentials being exposed on an unencrypted connection, or to a machine-in-the-middle. | ||||
| CVE-2020-28852 | 2 Golang, Redhat | 5 Text, Acm, Enterprise Linux and 2 more | 2024-11-21 | 7.5 High |
| In x/text in Go before v0.3.5, a "slice bounds out of range" panic occurs in language.ParseAcceptLanguage while processing a BCP 47 tag. (x/text/language is supposed to be able to parse an HTTP Accept-Language header.) | ||||
| CVE-2020-28851 | 2 Golang, Redhat | 5 Go, Acm, Enterprise Linux and 2 more | 2024-11-21 | 7.5 High |
| In x/text in Go 1.15.4, an "index out of range" panic occurs in language.ParseAcceptLanguage while parsing the -u- extension. (x/text/language is supposed to be able to parse an HTTP Accept-Language header.) | ||||