Filtered by vendor Redhat
Subscriptions
Filtered by product Enterprise Linux
Subscriptions
Total
15490 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-24490 | 3 Bluez, Linux, Redhat | 3 Bluez, Linux Kernel, Enterprise Linux | 2024-11-21 | 6.5 Medium |
| Improper buffer restrictions in BlueZ may allow an unauthenticated user to potentially enable denial of service via adjacent access. This affects all Linux kernel versions that support BlueZ. | ||||
| CVE-2020-24489 | 3 Debian, Intel, Redhat | 221 Debian Linux, Atom X5-e3930, Atom X5-e3940 and 218 more | 2024-11-21 | 8.8 High |
| Incomplete cleanup in some Intel(R) VT-d products may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2020-24394 | 6 Canonical, Linux, Opensuse and 3 more | 11 Ubuntu Linux, Linux Kernel, Leap and 8 more | 2024-11-21 | 7.1 High |
| In the Linux kernel before 5.7.8, fs/nfsd/vfs.c (in the NFS server) can set incorrect permissions on new filesystem objects when the filesystem lacks ACL support, aka CID-22cf8419f131. This occurs because the current umask is not considered. | ||||
| CVE-2020-24386 | 4 Debian, Dovecot, Fedoraproject and 1 more | 4 Debian Linux, Dovecot, Fedora and 1 more | 2024-11-21 | 6.8 Medium |
| An issue was discovered in Dovecot before 2.3.13. By using IMAP IDLE, an authenticated attacker can trigger unhibernation via attacker-controlled parameters, leading to access to other users' email messages (and path disclosure). | ||||
| CVE-2020-24332 | 3 Fedoraproject, Redhat, Trustedcomputinggroup | 3 Fedora, Enterprise Linux, Trousers | 2024-11-21 | 5.5 Medium |
| An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges, the creation of the system.data file is prone to symlink attacks. The tss user can be used to create or corrupt existing files, which could possibly lead to a DoS attack. | ||||
| CVE-2020-24331 | 3 Fedoraproject, Redhat, Trousers Project | 3 Fedora, Enterprise Linux, Trousers | 2024-11-21 | 7.8 High |
| An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges, the tss user still has read and write access to the /etc/tcsd.conf file (which contains various settings related to this daemon). | ||||
| CVE-2020-24330 | 3 Fedoraproject, Redhat, Trousers Project | 3 Fedora, Enterprise Linux, Trousers | 2024-11-21 | 7.8 High |
| An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges instead of by the tss user, it fails to drop the root gid privilege when no longer needed. | ||||
| CVE-2020-24303 | 2 Grafana, Redhat | 2 Grafana, Enterprise Linux | 2024-11-21 | 6.1 Medium |
| Grafana before 7.1.0-beta 1 allows XSS via a query alias for the ElasticSearch datasource. | ||||
| CVE-2020-23903 | 3 Fedoraproject, Redhat, Xiph | 3 Fedora, Enterprise Linux, Speex | 2024-11-21 | 5.5 Medium |
| A Divide by Zero vulnerability in the function static int read_samples of Speex v1.2 allows attackers to cause a denial of service (DoS) via a crafted WAV file. | ||||
| CVE-2020-22219 | 2 Flac Project, Redhat | 6 Flac, Enterprise Linux, Rhel Aus and 3 more | 2024-11-21 | 7.8 High |
| Buffer Overflow vulnerability in function bitwriter_grow_ in flac before 1.4.0 allows remote attackers to run arbitrary code via crafted input to the encoder. | ||||
| CVE-2020-22218 | 2 Libssh2, Redhat | 2 Libssh2, Enterprise Linux | 2024-11-21 | 7.5 High |
| An issue was discovered in function _libssh2_packet_add in libssh2 1.10.0 allows attackers to access out of bounds memory. | ||||
| CVE-2020-22217 | 3 C-ares, Debian, Redhat | 4 C-ares, Debian Linux, Enterprise Linux and 1 more | 2024-11-21 | 5.9 Medium |
| Buffer overflow vulnerability in c-ares before 1_16_1 thru 1_17_0 via function ares_parse_soa_reply in ares_parse_soa_reply.c. | ||||
| CVE-2020-21710 | 2 Artifex, Redhat | 2 Ghostscript, Enterprise Linux | 2024-11-21 | 5.5 Medium |
| A divide by zero issue discovered in eps_print_page in gdevepsn.c in Artifex Software GhostScript 9.50 allows remote attackers to cause a denial of service via opening of crafted PDF file. | ||||
| CVE-2020-1983 | 6 Canonical, Debian, Fedoraproject and 3 more | 9 Ubuntu Linux, Debian Linux, Fedora and 6 more | 2024-11-21 | 7.5 High |
| A use after free vulnerability in ip_reass() in ip_input.c of libslirp 4.2.0 and prior releases allows crafted packets to cause a denial of service. | ||||
| CVE-2020-1971 | 9 Debian, Fedoraproject, Netapp and 6 more | 55 Debian Linux, Fedora, Active Iq Unified Manager and 52 more | 2024-11-21 | 5.9 Medium |
| The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they are equal or not. This function behaves incorrectly when both GENERAL_NAMEs contain an EDIPARTYNAME. A NULL pointer dereference and a crash may occur leading to a possible denial of service attack. OpenSSL itself uses the GENERAL_NAME_cmp function for two purposes: 1) Comparing CRL distribution point names between an available CRL and a CRL distribution point embedded in an X509 certificate 2) When verifying that a timestamp response token signer matches the timestamp authority name (exposed via the API functions TS_RESP_verify_response and TS_RESP_verify_token) If an attacker can control both items being compared then that attacker could trigger a crash. For example if the attacker can trick a client or server into checking a malicious certificate against a malicious CRL then this may occur. Note that some applications automatically download CRLs based on a URL embedded in a certificate. This checking happens prior to the signatures on the certificate and CRL being verified. OpenSSL's s_server, s_client and verify tools have support for the "-crl_download" option which implements automatic CRL downloading and this attack has been demonstrated to work against those tools. Note that an unrelated bug means that affected versions of OpenSSL cannot parse or construct correct encodings of EDIPARTYNAME. However it is possible to construct a malformed EDIPARTYNAME that OpenSSL's parser will accept and hence trigger this attack. All OpenSSL 1.1.1 and 1.0.2 versions are affected by this issue. Other OpenSSL releases are out of support and have not been checked. Fixed in OpenSSL 1.1.1i (Affected 1.1.1-1.1.1h). Fixed in OpenSSL 1.0.2x (Affected 1.0.2-1.0.2w). | ||||
| CVE-2020-1935 | 7 Apache, Canonical, Debian and 4 more | 25 Tomcat, Ubuntu Linux, Debian Linux and 22 more | 2024-11-21 | 4.8 Medium |
| In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used an approach to end-of-line parsing that allowed some invalid HTTP headers to be parsed as valid. This led to a possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the invalid Transfer-Encoding header in a particular manner. Such a reverse proxy is considered unlikely. | ||||
| CVE-2020-1934 | 7 Apache, Canonical, Debian and 4 more | 13 Http Server, Ubuntu Linux, Debian Linux and 10 more | 2024-11-21 | 5.3 Medium |
| In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server. | ||||
| CVE-2020-1931 | 2 Apache, Redhat | 2 Spamassassin, Enterprise Linux | 2024-11-21 | 8.1 High |
| A command execution issue was found in Apache SpamAssassin prior to 3.4.3. Carefully crafted nefarious Configuration (.cf) files can be configured to run system commands similar to CVE-2018-11805. This issue is less stealthy and attempts to exploit the issue will throw warnings. Thanks to Damian Lukowski at credativ for reporting the issue ethically. With this bug unpatched, exploits can be injected in a number of scenarios though doing so remotely is difficult. In addition to upgrading to SA 3.4.4, we again recommend that users should only use update channels or 3rd party .cf files from trusted places. | ||||
| CVE-2020-1930 | 2 Apache, Redhat | 2 Spamassassin, Enterprise Linux | 2024-11-21 | 8.1 High |
| A command execution issue was found in Apache SpamAssassin prior to 3.4.3. Carefully crafted nefarious rule configuration (.cf) files can be configured to run system commands similar to CVE-2018-11805. With this bug unpatched, exploits can be injected in a number of scenarios including the same privileges as spamd is run which may be elevated though doing so remotely is difficult. In addition to upgrading to SA 3.4.4, we again recommend that users should only use update channels or 3rd party .cf files from trusted places. If you cannot upgrade, do not use 3rd party rulesets, do not use sa-compile and do not run spamd as an account with elevated privileges. | ||||
| CVE-2020-1927 | 9 Apache, Broadcom, Canonical and 6 more | 17 Http Server, Brocade Fabric Operating System, Ubuntu Linux and 14 more | 2024-11-21 | 6.1 Medium |
| In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL. | ||||