Vulnerabilities (CVE)

Vendor filter

Redhat Subscribe

Product filter

Openstack Subscribe

Filter

2756 total CVE
CVE Vendors Products Updated CVSS
CVE-2016-2183 5 Python, Openssl, Cisco and 2 more 8 Content Security Management Appliance, Openssl, Enterprise Linux and 5 more 2019-05-20 5.0
The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a...
CVE-2018-17972 4 Canonical, Linux, Redhat and 1 more 10 Ubuntu Linux, Linux Kernel, Enterprise Linux Desktop and 7 more 2019-05-20 4.9
An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel through 4.18.11. It does not ensure that only root may inspect the kernel stack of an arbitrary task, allowing a local attacker to exploit racy stack...
CVE-2019-1003000 2 Jenkins, Redhat 2 Script Security, Openshift Container Platform 2019-05-17 6.5
A sandbox bypass vulnerability exists in Script Security Plugin 1.49 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java that allows attackers with the ability to provide sandboxed scripts to...
CVE-2018-16476 2 Rubyonrails, Redhat 3 Active Job, Rails, Cloudforms 2019-05-17 5.0
A Broken Access Control vulnerability in Active Job versions >= 4.2.0 allows an attacker to craft user input which can cause Active Job to deserialize it using GlobalId and give them access to information that they should not have. This...
CVE-2019-9636 4 Python, Fedoraproject, Redhat and 1 more 10 Python, Fedora, Enterprise Linux Desktop and 7 more 2019-05-17 5.0
Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: Improper Handling of Unicode Encoding (with an incorrect netloc) during NFKC normalization. The impact is: Information disclosure (credentials, cookies, etc. that are cached...
CVE-2019-3900 3 Fedoraproject, Linux, Redhat 3 Fedora, Linux Kernel, Enterprise Linux 2019-05-17 6.8
An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming packets in handle_rx(). It could occur if one end sends packets faster than the other end can process them. A...
CVE-2019-3894 1 Redhat 2 Jboss Enterprise Application Platform, Wildfly 2019-05-17 6.5
It was discovered that the ElytronManagedThread in Wildfly's Elytron subsystem in versions from 11 to 16 stores a SecurityIdentity to run the thread as. These threads do not necessarily terminate if the keep alive time has not expired. This could...
CVE-2019-3805 1 Redhat 2 Jboss Enterprise Application Platform, Wildfly 2019-05-17 4.7
A flaw was discovered in wildfly versions up to 16.0.0.Final that would allow local users who are able to execute init.d script to terminate arbitrary processes on the system. An attacker could exploit this by modifying the PID file in...
CVE-2018-12020 4 Gnupg, Canonical, Debian and 1 more 10 Gnupg, Ubuntu, Ubuntu Linux and 7 more 2019-05-16 5.0
mainproc.c in GnuPG before 2.2.8 mishandles the original filename during decryption and verification actions, which allows remote attackers to spoof the output that GnuPG sends on file descriptor 2 to other programs that use the "--status-fd 2"...
CVE-2016-4286 2 Adobe, Redhat 5 Flash Player Desktop Runtime, Flash Player, Enterprise Linux Desktop and 2 more 2019-05-16 9.3
Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to bypass intended access restrictions via unspecified vectors.
CVE-2016-7855 2 Adobe, Redhat 4 Flash Player, Enterprise Linux Desktop, Enterprise Linux Server and 1 more 2019-05-16 9.3
Use-after-free vulnerability in Adobe Flash Player before 23.0.0.205 on Windows and OS X and before 11.2.202.643 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in October 2016.
CVE-2016-7857 2 Adobe, Redhat 5 Flash Player For Linux, Flash Player, Enterprise Linux Desktop and 2 more 2019-05-16 9.3
Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution.
CVE-2016-7859 2 Adobe, Redhat 5 Flash Player For Linux, Flash Player, Enterprise Linux Desktop and 2 more 2019-05-16 9.3
Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution.
CVE-2019-2698 2 Oracle, Redhat 3 Jdk, Jre, Openshift Container Platform 2019-05-16 6.8
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 7u211 and 8u202. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...
CVE-2019-2684 3 Oracle, Redhat, Opensuse 4 Jdk, Jre, Openshift Container Platform and 1 more 2019-05-16 4.3
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Difficult to exploit vulnerability allows...
CVE-2019-2602 3 Oracle, Redhat, Opensuse 4 Jdk, Jre, Openshift Container Platform and 1 more 2019-05-16 5.0
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Easily exploitable vulnerability allows...
CVE-2019-2449 3 Oracle, Netapp, Redhat 9 Jdk, Oncommand Unified Manager, Oncommand Workflow Automation and 6 more 2019-05-16 2.6
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). The supported version that is affected is Java SE: 8u192. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...
CVE-2019-2422 6 Oracle, Netapp, Canonical and 3 more 15 Jdk, Jre, Oncommand Unified Manager and 12 more 2019-05-16 4.3
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u201, 8u192 and 11.0.1; Java SE Embedded: 8u191. Difficult to exploit vulnerability allows unauthenticated...
CVE-2018-12549 2 Eclipse, Redhat 5 Openj9, Enterprise Linux Desktop, Enterprise Linux Server and 2 more 2019-05-16 7.5
In Eclipse OpenJ9 version 0.11.0, the OpenJ9 JIT compiler may incorrectly omit a null check on the receiver object of an Unsafe call when accelerating it.
CVE-2018-12547 1 Redhat 4 Enterprise Linux Desktop, Enterprise Linux Server, Enterprise Linux Workstation and 1 more 2019-05-16 7.5
In Eclipse OpenJ9, prior to the 0.12.0 release, the jio_snprintf() and jio_vsnprintf() native methods ignored the length parameter. This affects existing APIs that called the functions to exceed the allocated buffer. This functions were not...