Filtered by vendor Redhat
Subscriptions
Total
22096 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-4209 | 1 Redhat | 1 Automatic Bug Reporting Tool | 2024-11-21 | N/A |
| Automatic Bug Reporting Tool (ABRT) before 2.1.6 allows local users to obtain sensitive information about arbitrary files via vectors related to sha1sums. | ||||
| CVE-2013-4201 | 2 Katello, Redhat | 2 Katello, Satellite | 2024-11-21 | N/A |
| Katello allows remote authenticated users to call the "system remove_deletion" CLI command via vectors related to "remove system" permissions. | ||||
| CVE-2013-4166 | 2 Gnome, Redhat | 6 Evolution, Evolution Data Server, Enterprise Linux and 3 more | 2024-11-21 | 7.5 High |
| The gpg_ctx_add_recipient function in camel/camel-gpg-context.c in GNOME Evolution 3.8.4 and earlier and Evolution Data Server 3.9.5 and earlier does not properly select the GPG key to use for email encryption, which might cause the email to be encrypted with the wrong key and allow remote attackers to obtain sensitive information. | ||||
| CVE-2013-3718 | 4 Debian, Gnome, Opensuse and 1 more | 4 Debian Linux, Evince, Opensuse and 1 more | 2024-11-21 | 5.5 Medium |
| evince is missing a check on number of pages which can lead to a segmentation fault | ||||
| CVE-2013-2255 | 3 Debian, Openstack, Redhat | 4 Debian Linux, Compute, Keystone and 1 more | 2024-11-21 | 5.9 Medium |
| HTTPSConnections in OpenStack Keystone 2013, OpenStack Compute 2013.1, and possibly other OpenStack components, fail to validate server-side SSL certificates. | ||||
| CVE-2013-2233 | 1 Redhat | 1 Ansible | 2024-11-21 | N/A |
| Ansible before 1.2.1 makes it easier for remote attackers to conduct man-in-the-middle attacks by leveraging failure to cache SSH host keys. | ||||
| CVE-2013-2167 | 3 Debian, Openstack, Redhat | 3 Debian Linux, Python-keystoneclient, Openstack | 2024-11-21 | 9.8 Critical |
| python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache signing bypass | ||||
| CVE-2013-2166 | 4 Debian, Fedoraproject, Openstack and 1 more | 4 Debian Linux, Fedora, Python-keystoneclient and 1 more | 2024-11-21 | 9.8 Critical |
| python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache encryption bypass | ||||
| CVE-2013-2103 | 1 Redhat | 1 Openshift | 2024-11-21 | 8.1 High |
| OpenShift cartridge allows remote URL retrieval | ||||
| CVE-2013-2101 | 2 Redhat, Theforeman | 2 Satellite, Katello | 2024-11-21 | 5.4 Medium |
| Katello has multiple XSS issues in various entities | ||||
| CVE-2013-2060 | 1 Redhat | 1 Openshift | 2024-11-21 | 9.8 Critical |
| The download_from_url function in OpenShift Origin allows remote attackers to execute arbitrary commands via shell metacharacters in the URL of a request to download a cart. | ||||
| CVE-2013-2049 | 1 Redhat | 2 Cloudforms Management Engine, Cloudforms Managementengine | 2024-11-21 | N/A |
| Red Hat CloudForms 2 Management Engine (CFME) allows remote attackers to conduct session tampering attacks by leveraging use of a static secret_token.rb secret. | ||||
| CVE-2013-1820 | 2 Fedoraproject, Redhat | 2 Fedora, Tuned | 2024-11-21 | 5.5 Medium |
| tuned before 2.x allows local users to kill running processes due to insecure permissions with tuned's ktune service. | ||||
| CVE-2013-1817 | 4 Debian, Fedoraproject, Mediawiki and 1 more | 4 Debian Linux, Fedora, Mediawiki and 1 more | 2024-11-21 | 7.5 High |
| MediaWiki before 1.19.4 and 1.20.x before 1.20.3 contains an error in the api.php script which allows remote attackers to obtain sensitive information. | ||||
| CVE-2013-1816 | 4 Debian, Fedoraproject, Mediawiki and 1 more | 4 Debian Linux, Fedora, Mediawiki and 1 more | 2024-11-21 | 7.5 High |
| MediaWiki before 1.19.4 and 1.20.x before 1.20.3 allows remote attackers to cause a denial of service (application crash) by sending a specially crafted request. | ||||
| CVE-2013-1793 | 1 Redhat | 2 Openstack, Openstack Essex | 2024-11-21 | 7.5 High |
| openstack-utils openstack-db has insecure password creation | ||||
| CVE-2013-1753 | 2 Python, Redhat | 3 Python, Enterprise Linux, Rhel Software Collections | 2024-11-21 | 7.5 High |
| The gzip_decode function in the xmlrpc client library in Python 3.4 and earlier allows remote attackers to cause a denial of service (memory consumption) via a crafted HTTP request. | ||||
| CVE-2013-0264 | 1 Redhat | 1 Mrg Management Console | 2024-11-21 | 7.5 High |
| An import error was introduced in Cumin in the code refactoring in r5310. Server certificate validation is always disabled when connecting to Aviary servers, even if the installed packages on a system support it. | ||||
| CVE-2013-0196 | 1 Redhat | 2 Enterprise Linux, Openshift | 2024-11-21 | 6.5 Medium |
| A CSRF issue was found in OpenShift Enterprise 1.2. The web console is using 'Basic authentication' and the REST API has no CSRF attack protection mechanism. This can allow an attacker to obtain the credential and the Authorization: header when requesting the REST API via web browser. | ||||
| CVE-2013-0186 | 1 Redhat | 3 Cloudforms, Cloudforms Managementengine, Manageiq Enterprise Virtualization Manager | 2024-11-21 | 6.1 Medium |
| Multiple cross-site scripting (XSS) vulnerabilities in ManageIQ EVM allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||