Filtered by vendor Redhat Subscriptions
Total 22739 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2018-1000007 5 Canonical, Debian, Fujitsu and 2 more 27 Ubuntu Linux, Debian Linux, M10-1 and 24 more 2024-11-21 9.8 Critical
libcurl 7.1 through 7.57.0 might accidentally leak authentication data to third parties. When asked to send custom headers in its HTTP requests, libcurl will send that set of headers first to the host in the initial URL but also, if asked to follow redirects and a 30X HTTP response code is returned, to the host mentioned in URL in the `Location:` response header value. Sending the same set of headers to subsequent hosts is in particular a problem for applications that pass on custom `Authorization:` headers, as this header often contains privacy sensitive information or data that could allow others to impersonate the libcurl-using client's request.
CVE-2018-1000005 4 Canonical, Debian, Haxx and 1 more 4 Ubuntu Linux, Debian Linux, Libcurl and 1 more 2024-11-21 N/A
libcurl 7.49.0 to and including 7.57.0 contains an out bounds read in code handling HTTP/2 trailers. It was reported (https://github.com/curl/curl/pull/2231) that reading an HTTP/2 trailer could mess up future trailers since the stored size was one byte less than required. The problem is that the code that creates HTTP/1-like headers from the HTTP/2 trailer data once appended a string like `:` to the target buffer, while this was recently changed to `: ` (a space was added after the colon) but the following math wasn't updated correspondingly. When accessed, the data is read out of bounds and causes either a crash or that the (too large) data gets passed to client write. This could lead to a denial-of-service situation or an information disclosure if someone has a service that echoes back or uses the trailers for something.
CVE-2018-1000004 2 Linux, Redhat 5 Linux Kernel, Enterprise Linux, Enterprise Mrg and 2 more 2024-11-21 N/A
In the Linux kernel 4.12, 3.10, 2.6 and possibly earlier versions a race condition vulnerability exists in the sound system, this can lead to a deadlock and denial of service condition.
CVE-2018-1000001 3 Canonical, Gnu, Redhat 10 Ubuntu Linux, Glibc, Enterprise Linux and 7 more 2024-11-21 N/A
In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution.
CVE-2018-0875 2 Microsoft, Redhat 3 Asp.net Core, Powershell Core, Rhel Dotnet 2024-11-21 N/A
.NET Core 1.0, .NET Core 1.1, NET Core 2.0 and PowerShell Core 6.0.0 allow a denial of Service vulnerability due to how specially crafted requests are handled, aka ".NET Core Denial of Service Vulnerability".
CVE-2018-0764 2 Microsoft, Redhat 11 .net Core, .net Framework, Powershell Core and 8 more 2024-11-21 N/A
Microsoft .NET Framework 1.1, 2.0, 3.0, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 5.7 and .NET Core 1.0. 1.1 and 2.0 allow a denial of service vulnerability due to the way XML documents are processed, aka ".NET and .NET Core Denial Of Service Vulnerability". This CVE is unique from CVE-2018-0765.
CVE-2018-0739 4 Canonical, Debian, Openssl and 1 more 6 Ubuntu Linux, Debian Linux, Openssl and 3 more 2024-11-21 N/A
Constructed ASN.1 types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from untrusted sources so this is considered safe. Fixed in OpenSSL 1.1.0h (Affected 1.1.0-1.1.0g). Fixed in OpenSSL 1.0.2o (Affected 1.0.2b-1.0.2n).
CVE-2018-0737 3 Canonical, Openssl, Redhat 4 Ubuntu Linux, Openssl, Enterprise Linux and 1 more 2024-11-21 N/A
The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2b-1.0.2o).
CVE-2018-0735 7 Canonical, Debian, Netapp and 4 more 24 Ubuntu Linux, Debian Linux, Cloud Backup and 21 more 2024-11-21 5.9 Medium
The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.1.1a (Affected 1.1.1).
CVE-2018-0734 7 Canonical, Debian, Netapp and 4 more 23 Ubuntu Linux, Debian Linux, Cloud Backup and 20 more 2024-11-21 5.9 Medium
The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a (Affected 1.1.1). Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.0.2q (Affected 1.0.2-1.0.2p).
CVE-2018-0732 5 Canonical, Debian, Nodejs and 2 more 7 Ubuntu Linux, Debian Linux, Node.js and 4 more 2024-11-21 7.5 High
During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This could be exploited in a Denial Of Service attack. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2-1.0.2o).
CVE-2018-0618 3 Debian, Gnu, Redhat 3 Debian Linux, Mailman, Enterprise Linux 2024-11-21 N/A
Cross-site scripting vulnerability in Mailman 2.1.26 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2018-0505 3 Debian, Mediawiki, Redhat 3 Debian Linux, Mediawiki, Openshift 2024-11-21 N/A
Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains a flaw where BotPasswords can bypass CentralAuth's account lock
CVE-2018-0504 3 Debian, Mediawiki, Redhat 3 Debian Linux, Mediawiki, Openshift 2024-11-21 N/A
Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains an information disclosure flaw in the Special:Redirect/logid
CVE-2018-0503 3 Debian, Mediawiki, Redhat 3 Debian Linux, Mediawiki, Openshift 2024-11-21 N/A
Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains a flaw where contrary to the documentation, $wgRateLimits entry for 'user' overrides that for 'newbie'.
CVE-2018-0500 3 Canonical, Haxx, Redhat 3 Ubuntu Linux, Curl, Jboss Core Services 2024-11-21 N/A
Curl_smtp_escape_eob in lib/smtp.c in curl 7.54.1 to and including curl 7.60.0 has a heap-based buffer overflow that might be exploitable by an attacker who can control the data that curl transmits over SMTP with certain settings (i.e., use of a nonstandard --limit-rate argument or CURLOPT_BUFFERSIZE value).
CVE-2018-0495 5 Canonical, Debian, Gnupg and 2 more 14 Ubuntu Linux, Debian Linux, Libgcrypt and 11 more 2024-11-21 N/A
Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the _gcry_ecc_ecdsa_sign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.
CVE-2018-0494 4 Canonical, Debian, Gnu and 1 more 7 Ubuntu Linux, Debian Linux, Wget and 4 more 2024-11-21 N/A
GNU Wget before 1.19.5 is prone to a cookie injection vulnerability in the resp_new function in http.c via a \r\n sequence in a continuation line.
CVE-2017-9120 3 Netapp, Php, Redhat 3 Storage Automation Store, Php, Rhel Software Collections 2024-11-21 9.8 Critical
PHP 7.x through 7.1.5 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a long string because of an Integer overflow in mysqli_real_escape_string.
CVE-2017-9118 3 Netapp, Php, Redhat 3 Storage Automation Store, Php, Rhel Software Collections 2024-11-21 7.5 High
PHP 7.1.5 has an Out of bounds access in php_pcre_replace_impl via a crafted preg_replace call.