Filtered by vendor Redhat Subscriptions
Filtered by product Rhel Software Collections Subscriptions
Total 1793 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2013-2099 3 Canonical, Python, Redhat 8 Ubuntu Linux, Python, Openstack and 5 more 2024-11-21 N/A
Algorithmic complexity vulnerability in the ssl.match_hostname function in Python 3.2.x, 3.3.x, and earlier, and unspecified versions of python-backports-ssl_match_hostname as used for older Python versions, allows remote attackers to cause a denial of service (CPU consumption) via multiple wildcard characters in the common name in a certificate.
CVE-2013-1753 2 Python, Redhat 3 Python, Enterprise Linux, Rhel Software Collections 2024-11-21 7.5 High
The gzip_decode function in the xmlrpc client library in Python 3.4 and earlier allows remote attackers to cause a denial of service (memory consumption) via a crafted HTTP request.
CVE-2012-5615 3 Mariadb, Oracle, Redhat 5 Mariadb, Mysql, Enterprise Linux and 2 more 2024-11-21 N/A
Oracle MySQL 5.5.38 and earlier, 5.6.19 and earlier, and MariaDB 5.5.28a, 5.3.11, 5.2.13, 5.1.66, and possibly other versions, generates different error messages with different time delays depending on whether a user name exists, which allows remote attackers to enumerate valid usernames.
CVE-2011-2767 4 Apache, Canonical, Debian and 1 more 8 Mod Perl, Ubuntu Linux, Debian Linux and 5 more 2024-11-21 N/A
mod_perl 2.0 through 2.0.10 allows attackers to execute arbitrary Perl code by placing it in a user-owned .htaccess file, because (contrary to the documentation) there is no configuration option that permits Perl code for the administrator's control of HTTP request processing without also permitting unprivileged users to run Perl code in the context of the user account that runs Apache HTTP Server processes.
CVE-2009-5147 2 Redhat, Ruby-lang 2 Rhel Software Collections, Ruby 2024-11-21 N/A
DL::dlopen in Ruby 1.8, 1.9.0, 1.9.2, 1.9.3, 2.0.0 before patchlevel 648, and 2.1 before 2.1.8 opens libraries with tainted names.
CVE-2007-4559 2 Python, Redhat 4 Python, Enterprise Linux, Rhel Eus and 1 more 2024-11-21 5.5 Medium
Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive, a related issue to CVE-2001-1267.
CVE-2022-27458 1 Redhat 2 Enterprise Linux, Rhel Software Collections 2024-05-02 7.5 High
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-27447. Reason: This candidate is a reservation duplicate of CVE-2022-27447. Notes: All CVE users should reference CVE-2022-27447 instead of this candidate.
CVE-2021-20095 1 Redhat 2 Enterprise Linux, Rhel Software Collections 2023-11-07 7.8 High
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none
CVE-2016-5617 1 Redhat 2 Enterprise Linux, Rhel Software Collections 2023-11-07 N/A
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-6664. Reason: This candidate is a reservation duplicate of CVE-2016-6664. Notes: All CVE users should reference CVE-2016-6664 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage
CVE-2016-5616 1 Redhat 2 Enterprise Linux, Rhel Software Collections 2023-11-07 N/A
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-6663. Reason: This candidate is a reservation duplicate of CVE-2016-6663. Notes: All CVE users should reference CVE-2016-6663 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage
CVE-2016-5483 1 Redhat 2 Enterprise Linux, Rhel Software Collections 2023-11-07 N/A
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-3600. Reason: This candidate is a reservation duplicate of CVE-2017-3600. Notes: All CVE users should reference CVE-2017-3600 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage
CVE-2016-1000023 1 Redhat 2 Openshift, Rhel Software Collections 2023-11-07 N/A
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-10540. Reason: This candidate is a reservation duplicate of CVE-2016-10540. Notes: All CVE users should reference CVE-2016-10540 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage
CVE-2013-1752 1 Redhat 2 Enterprise Linux, Rhel Software Collections 2023-11-07 N/A
Various versions of Python do not properly restrict readline calls, which allows remote attackers to cause a denial of service (memory consumption) via a long string, related to (1) httplib - fixed in 2.7.4, 2.6.9, and 3.3.3; (2) ftplib - fixed in 2.7.6, 2.6.9, 3.3.3; (3) imaplib - not yet fixed in 2.7.x, fixed in 2.6.9, 3.3.3; (4) nntplib - fixed in 2.7.6, 2.6.9, 3.3.3; (5) poplib - not yet fixed in 2.7.x, fixed in 2.6.9, 3.3.3; and (6) smtplib - not yet fixed in 2.7.x, fixed in 2.6.9, not yet fixed in 3.3.x. NOTE: this was REJECTed because it is incompatible with CNT1 "Independently Fixable" in the CVE Counting Decisions