Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2015-4035

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-25 Jul, 2017 | 18:00
Updated At-06 Aug, 2024 | 06:04
Rejected At-
Credits

scripts/xzgrep.in in xzgrep 5.2.x before 5.2.0, before 5.0.0 does not properly process file names containing semicolons, which allows remote attackers to execute arbitrary code by having a user run xzgrep on a crafted file name.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:25 Jul, 2017 | 18:00
Updated At:06 Aug, 2024 | 06:04
Rejected At:
▼CVE Numbering Authority (CNA)

scripts/xzgrep.in in xzgrep 5.2.x before 5.2.0, before 5.0.0 does not properly process file names containing semicolons, which allows remote attackers to execute arbitrary code by having a user run xzgrep on a crafted file name.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
http://seclists.org/oss-sec/2015/q2/484
mailing-list
x_refsource_MLIST
https://bugzilla.redhat.com/show_bug.cgi?id=1223341
x_refsource_CONFIRM
https://git.tukaani.org/?p=xz.git%3Ba=commitdiff%3Bh=f4b2b52624b802c786e4e2a8eb6895794dd93b24
x_refsource_CONFIRM
http://www.openwall.com/lists/oss-security/2015/05/19/13
mailing-list
x_refsource_MLIST
Hyperlink: http://seclists.org/oss-sec/2015/q2/484
Resource:
mailing-list
x_refsource_MLIST
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=1223341
Resource:
x_refsource_CONFIRM
Hyperlink: https://git.tukaani.org/?p=xz.git%3Ba=commitdiff%3Bh=f4b2b52624b802c786e4e2a8eb6895794dd93b24
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.openwall.com/lists/oss-security/2015/05/19/13
Resource:
mailing-list
x_refsource_MLIST
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
http://seclists.org/oss-sec/2015/q2/484
mailing-list
x_refsource_MLIST
x_transferred
https://bugzilla.redhat.com/show_bug.cgi?id=1223341
x_refsource_CONFIRM
x_transferred
https://git.tukaani.org/?p=xz.git%3Ba=commitdiff%3Bh=f4b2b52624b802c786e4e2a8eb6895794dd93b24
x_refsource_CONFIRM
x_transferred
http://www.openwall.com/lists/oss-security/2015/05/19/13
mailing-list
x_refsource_MLIST
x_transferred
Hyperlink: http://seclists.org/oss-sec/2015/q2/484
Resource:
mailing-list
x_refsource_MLIST
x_transferred
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=1223341
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://git.tukaani.org/?p=xz.git%3Ba=commitdiff%3Bh=f4b2b52624b802c786e4e2a8eb6895794dd93b24
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.openwall.com/lists/oss-security/2015/05/19/13
Resource:
mailing-list
x_refsource_MLIST
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:25 Jul, 2017 | 18:29
Updated At:13 May, 2026 | 00:24

scripts/xzgrep.in in xzgrep 5.2.x before 5.2.0, before 5.0.0 does not properly process file names containing semicolons, which allows remote attackers to execute arbitrary code by having a user run xzgrep on a crafted file name.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.07.8HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary2.04.6MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
Type: Primary
Version: 3.0
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 4.6
Base severity: MEDIUM
Vector:
AV:L/AC:L/Au:N/C:P/I:P/A:P
CPE Matches

tukaani
tukaani
>>xz>>Versions up to 4.999.9(inclusive)
cpe:2.3:a:tukaani:xz:*:beta:*:*:*:*:*:*
Red Hat, Inc.
redhat
>>enterprise_linux>>5.0
cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
Red Hat, Inc.
redhat
>>enterprise_linux>>6.0
cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-20Primarynvd@nist.gov
CWE ID: CWE-20
Type: Primary
Source: nvd@nist.gov
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
http://seclists.org/oss-sec/2015/q2/484cve@mitre.org
Mailing List
Third Party Advisory
http://www.openwall.com/lists/oss-security/2015/05/19/13cve@mitre.org
Mailing List
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1223341cve@mitre.org
Issue Tracking
Vendor Advisory
https://git.tukaani.org/?p=xz.git%3Ba=commitdiff%3Bh=f4b2b52624b802c786e4e2a8eb6895794dd93b24cve@mitre.org
N/A
http://seclists.org/oss-sec/2015/q2/484af854a3a-2127-422b-91ae-364da2661108
Mailing List
Third Party Advisory
http://www.openwall.com/lists/oss-security/2015/05/19/13af854a3a-2127-422b-91ae-364da2661108
Mailing List
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1223341af854a3a-2127-422b-91ae-364da2661108
Issue Tracking
Vendor Advisory
https://git.tukaani.org/?p=xz.git%3Ba=commitdiff%3Bh=f4b2b52624b802c786e4e2a8eb6895794dd93b24af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://seclists.org/oss-sec/2015/q2/484
Source: cve@mitre.org
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://www.openwall.com/lists/oss-security/2015/05/19/13
Source: cve@mitre.org
Resource:
Mailing List
Third Party Advisory
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=1223341
Source: cve@mitre.org
Resource:
Issue Tracking
Vendor Advisory
Hyperlink: https://git.tukaani.org/?p=xz.git%3Ba=commitdiff%3Bh=f4b2b52624b802c786e4e2a8eb6895794dd93b24
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://seclists.org/oss-sec/2015/q2/484
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://www.openwall.com/lists/oss-security/2015/05/19/13
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mailing List
Third Party Advisory
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=1223341
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Issue Tracking
Vendor Advisory
Hyperlink: https://git.tukaani.org/?p=xz.git%3Ba=commitdiff%3Bh=f4b2b52624b802c786e4e2a8eb6895794dd93b24
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

1000Records found

CVE-2022-1055
Matching Score-8
Assigner-Google LLC
ShareView Details
Matching Score-8
Assigner-Google LLC
CVSS Score-8.6||HIGH
EPSS-0.50% / 39.13%
||
7 Day CHG-0.00%
Published-29 Mar, 2022 | 15:05
Updated-02 Aug, 2024 | 23:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use after Free in tc_new_tfilter allowing for privilege escalation in Linux Kernel

A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain privilege escalation. The exploit requires unprivileged user namespaces. We recommend upgrading past commit 04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5

Action-Not Available
Vendor-Fedora ProjectCanonical Ltd.Red Hat, Inc.NetApp, Inc.Linux Kernel Organization, Inc
Product-ubuntu_linuxh300eh500senterprise_linuxh300s_firmwareh410c_firmwareh410sh300sh300e_firmwarelinux_kernelh500eh410s_firmwarefedorah500s_firmwareh500e_firmwareh700s_firmwareh700eh410ch700e_firmwareh700sKernellinux_kernel
CWE ID-CWE-416
Use After Free
CVE-2018-16877
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-8.8||HIGH
EPSS-0.40% / 32.33%
||
7 Day CHG~0.00%
Published-18 Apr, 2019 | 00:00
Updated-05 Aug, 2024 | 10:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in the way pacemaker's client-server authentication was implemented in versions up to and including 2.0.0. A local attacker could use this flaw, and combine it with other IPC weaknesses, to achieve local privilege escalation.

Action-Not Available
Vendor-clusterlabsClusterLabsDebian GNU/LinuxRed Hat, Inc.Canonical Ltd.openSUSEFedora Project
Product-ubuntu_linuxpacemakerdebian_linuxenterprise_linux_server_ausfedoraenterprise_linuxenterprise_linux_eusenterprise_linux_server_tusleappacemaker
CWE ID-CWE-287
Improper Authentication
CVE-2005-0078
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.38% / 29.83%
||
7 Day CHG~0.00%
Published-29 Jan, 2005 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The KDE screen saver in KDE before 3.0.5 does not properly check the return value from a certain function call, which allows attackers with physical access to cause a crash and access the desktop session.

Action-Not Available
Vendor-n/aDebian GNU/LinuxRed Hat, Inc.KDE
Product-debian_linuxkdelinux_advanced_workstationenterprise_linux_desktopenterprise_linuxn/a
CVE-2018-16837
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.35% / 27.41%
||
7 Day CHG~0.00%
Published-23 Oct, 2018 | 15:00
Updated-05 Aug, 2024 | 10:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Ansible "User" module leaks any data which is passed on as a parameter to ssh-keygen. This could lean in undesirable situations such as passphrases credentials passed as a parameter for the ssh-keygen executable. Showing those credentials in clear text form for every user which have access just to the process list.

Action-Not Available
Vendor-[UNKNOWN]Red Hat, Inc.Debian GNU/LinuxSUSE
Product-debian_linuxlinux_enterprisepackage_hubansible_engineansible_towerAnsible
CWE ID-CWE-214
Invocation of Process Using Visible Sensitive Information
CWE ID-CWE-311
Missing Encryption of Sensitive Data
CVE-2018-16864
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.4||HIGH
EPSS-0.72% / 49.30%
||
7 Day CHG~0.00%
Published-11 Jan, 2019 | 20:00
Updated-09 Jun, 2025 | 15:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when a program with long command line arguments calls syslog. A local attacker may use this flaw to crash systemd-journald or escalate his privileges. Versions through v240 are vulnerable.

Action-Not Available
Vendor-systemd_projectThe systemd ProjectOracle CorporationDebian GNU/LinuxCanonical Ltd.Red Hat, Inc.
Product-enterprise_linux_serverubuntu_linuxdebian_linuxenterprise_linux_server_eusenterprise_linux_server_ausenterprise_linux_workstationsystemdenterprise_linux_server_tuscommunications_session_border_controllerenterprise_linux_desktopenterprise_communications_brokersystemd
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2005-0087
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.45% / 36.31%
||
7 Day CHG~0.00%
Published-15 Feb, 2005 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The alsa-lib package in Red Hat Linux 4 disables stack protection for the libasound.so library, which makes it easier for attackers to execute arbitrary code if there are other vulnerabilities in the library.

Action-Not Available
Vendor-alsa-projectn/aRed Hat, Inc.
Product-enterprise_linuxalsa-libn/a
CVE-2018-16865
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-2.96% / 85.52%
||
7 Day CHG~0.00%
Published-11 Jan, 2019 | 21:00
Updated-09 Jun, 2025 | 15:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when many entries are sent to the journal socket. A local attacker, or a remote one if systemd-journal-remote is used, may use this flaw to crash systemd-journald or execute code with journald privileges. Versions through v240 are vulnerable.

Action-Not Available
Vendor-systemd_projectThe systemd ProjectOracle CorporationDebian GNU/LinuxCanonical Ltd.Red Hat, Inc.
Product-enterprise_linux_serverubuntu_linuxdebian_linuxenterprise_linux_server_eusenterprise_linux_server_ausenterprise_linux_workstationsystemdenterprise_linux_server_tuscommunications_session_border_controllerenterprise_linux_desktopenterprise_communications_brokersystemd
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2004-1184
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-1.18% / 63.94%
||
7 Day CHG~0.00%
Published-29 Jan, 2005 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The EPSF pipe support in enscript 1.6.3 allows remote attackers or local users to execute arbitrary commands via shell metacharacters.

Action-Not Available
Vendor-n/aSilicon Graphics, Inc.GNURed Hat, Inc.SUSE
Product-enscriptsuse_linuxpropackfedora_coren/a
CVE-2018-14634
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-14.81% / 96.28%
||
7 Day CHG~0.00%
Published-25 Sep, 2018 | 21:00
Updated-27 Jan, 2026 | 15:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2026-02-16||Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x are believed to be vulnerable.

Action-Not Available
Vendor-F5, Inc.Palo Alto Networks, Inc.NetApp, Inc.Red Hat, Inc.Canonical Ltd.The Linux FoundationLinux Kernel Organization, Inc
Product-big-ip_advanced_firewall_managerenterprise_linux_desktopbig-iq_centralized_managementbig-ip_policy_enforcement_managertraffix_signaling_delivery_controllerpan-osbig-ip_application_acceleration_managerenterprise_linux_server_eusbig-iq_cloud_and_orchestrationbig-ip_local_traffic_managerbig-ip_webacceleratorbig-ip_analyticsbig-ip_link_controlleriworkflowbig-ip_access_policy_managerenterprise_linux_workstationenterprise_linux_server_aussnapprotectenterprise_managerubuntu_linuxbig-ip_edge_gatewaylinux_kernelbig-ip_domain_name_systembig-ip_fraud_protection_servicebig-ip_application_security_managerenterprise_linux_server_tusenterprise_linux_serverbig-ip_global_traffic_managerkernelKernel
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2004-0905
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-3.05% / 85.94%
||
7 Day CHG~0.00%
Published-24 Sep, 2004 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and drop javascript: links to a frame or page in another domain.

Action-Not Available
Vendor-conectivan/aNetscape (Yahoo Inc.)Red Hat, Inc.Mozilla CorporationSUSE
Product-linuxlinux_advanced_workstationsuse_linuxmozillafedora_coreenterprise_linux_desktopnavigatorfirefoxenterprise_linuxn/a
CVE-2004-0643
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-1.43% / 69.68%
||
7 Day CHG~0.00%
Published-10 Sep, 2004 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Double free vulnerability in the krb5_rd_cred function for MIT Kerberos 5 (krb5) 1.3.1 and earlier may allow local users to execute arbitrary code.

Action-Not Available
Vendor-n/aDebian GNU/LinuxRed Hat, Inc.MIT (Massachusetts Institute of Technology)
Product-debian_linuxenterprise_linux_desktopenterprise_linux_workstationenterprise_linux_serverkerberos_5n/a
CWE ID-CWE-415
Double Free
CVE-2021-4207
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-8.2||HIGH
EPSS-0.40% / 31.82%
||
7 Day CHG~0.00%
Published-29 Apr, 2022 | 16:07
Updated-21 Mar, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in the QXL display device emulation in QEMU. A double fetch of guest controlled values `cursor->header.width` and `cursor->header.height` can lead to the allocation of a small cursor object followed by a subsequent heap-based buffer overflow. A malicious privileged guest user could use this flaw to crash the QEMU process on the host or potentially execute arbitrary code within the context of the QEMU process.

Action-Not Available
Vendor-n/aRed Hat, Inc.Debian GNU/LinuxQEMU
Product-debian_linuxqemuenterprise_linuxQEMU
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-4206
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-8.2||HIGH
EPSS-0.83% / 53.21%
||
7 Day CHG~0.00%
Published-29 Apr, 2022 | 16:19
Updated-21 Mar, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in the QXL display device emulation in QEMU. An integer overflow in the cursor_alloc() function can lead to the allocation of a small cursor object followed by a subsequent heap-based buffer overflow. This flaw allows a malicious privileged guest user to crash the QEMU process on the host or potentially execute arbitrary code within the context of the QEMU process.

Action-Not Available
Vendor-n/aRed Hat, Inc.Debian GNU/LinuxQEMU
Product-debian_linuxqemuenterprise_linuxQEMU
CWE ID-CWE-190
Integer Overflow or Wraparound
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-131
Incorrect Calculation of Buffer Size
CVE-2018-13405
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-1.01% / 58.86%
||
7 Day CHG-0.01%
Published-06 Jul, 2018 | 14:00
Updated-05 Aug, 2024 | 09:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. Here, the non-member can trigger creation of a plain file whose group ownership is that group. The intended behavior was that the non-member can trigger creation of a directory (but not a plain file) whose group ownership is that group. The non-member can escalate privileges by making the plain file executable and SGID.

Action-Not Available
Vendor-n/aFedora ProjectCanonical Ltd.Red Hat, Inc.Linux Kernel Organization, IncDebian GNU/LinuxF5, Inc.
Product-enterprise_linux_serverubuntu_linuxbig-ip_webacceleratorvirtualizationbig-ip_application_acceleration_managerbig-ip_advanced_firewall_managerbig-ip_policy_enforcement_managerbig-ip_fraud_protection_serviceenterprise_linux_server_ausenterprise_linux_ausbig-ip_global_traffic_managerbig-ip_local_traffic_managerbig-ip_analyticsbig-ip_domain_name_systembig-ip_application_security_managerbig-ip_edge_gatewaydebian_linuxlinux_kernelbig-ip_link_controllermrg_realtimeenterprise_linux_workstationfedoraenterprise_linux_eusbig-ip_access_policy_managerenterprise_linux_server_tusenterprise_linux_desktopenterprise_linux_for_real_timen/a
CWE ID-CWE-269
Improper Privilege Management
CVE-2021-3717
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.30% / 21.63%
||
7 Day CHG~0.00%
Published-24 May, 2022 | 18:18
Updated-03 Aug, 2024 | 17:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in Wildfly. An incorrect JBOSS_LOCAL_USER challenge location when using the elytron configuration may lead to JBOSS_LOCAL_USER access to all users on the machine. The highest threat from this vulnerability is to confidentiality, integrity, and availability. This flaw affects wildfly-core versions prior to 17.0.

Action-Not Available
Vendor-n/aRed Hat, Inc.
Product-jboss_enterprise_application_platformsingle_sign-onenterprise_linuxwildfly_corewildfly
CWE ID-CWE-552
Files or Directories Accessible to External Parties
CVE-2003-0857
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.29% / 20.65%
||
7 Day CHG~0.00%
Published-20 Nov, 2007 | 23:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The (1) ipq_read and (2) ipulog_read functions in iptables allow local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface.

Action-Not Available
Vendor-n/aRed Hat, Inc.
Product-enterprise_linuxn/a
CVE-2018-12379
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-7.8||HIGH
EPSS-0.39% / 31.25%
||
7 Day CHG~0.00%
Published-18 Oct, 2018 | 13:00
Updated-25 Nov, 2025 | 17:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

When the Mozilla Updater opens a MAR format file which contains a very long item filename, an out-of-bounds write can be triggered, leading to a potentially exploitable crash. This requires running the Mozilla Updater manually on the local system with the malicious MAR file in order to occur. This vulnerability affects Firefox < 62, Firefox ESR < 60.2, and Thunderbird < 60.2.1.

Action-Not Available
Vendor-Mozilla CorporationDebian GNU/LinuxRed Hat, Inc.
Product-thunderbirdenterprise_linux_server_tusfirefoxenterprise_linux_desktopenterprise_linux_server_eusenterprise_linux_serverdebian_linuxenterprise_linux_workstationenterprise_linux_server_ausFirefoxFirefox ESRThunderbird
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-11781
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.8||HIGH
EPSS-0.98% / 58.03%
||
7 Day CHG~0.00%
Published-17 Sep, 2018 | 14:00
Updated-16 Sep, 2024 | 18:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Apache SpamAssassin 3.4.2 fixes a local user code injection in the meta rule syntax.

Action-Not Available
Vendor-Canonical Ltd.The Apache Software FoundationRed Hat, Inc.Debian GNU/Linux
Product-enterprise_linux_serverubuntu_linuxdebian_linuxspamassassinenterprise_linux_server_eusenterprise_linux_workstationenterprise_linux_desktopApache SpamAssassin
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2018-1083
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.63% / 45.67%
||
7 Day CHG~0.00%
Published-28 Mar, 2018 | 13:00
Updated-16 Sep, 2024 | 18:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Zsh before version 5.4.2-test-1 is vulnerable to a buffer overflow in the shell autocomplete functionality. A local unprivileged user can create a specially crafted directory path which leads to code execution in the context of the user who tries to use autocomplete to traverse the before mentioned path. If the user affected is privileged, this leads to privilege escalation.

Action-Not Available
Vendor-zshzshCanonical Ltd.Red Hat, Inc.Debian GNU/Linux
Product-enterprise_linux_serverubuntu_linuxdebian_linuxenterprise_linux_workstationzshenterprise_linux_desktopzsh
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-10879
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4.2||MEDIUM
EPSS-0.86% / 54.09%
||
7 Day CHG~0.00%
Published-26 Jul, 2018 | 18:00
Updated-05 Aug, 2024 | 07:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause a use-after-free in ext4_xattr_set_entry function and a denial of service or unspecified other impact may occur by renaming a file in a crafted ext4 filesystem image.

Action-Not Available
Vendor-[UNKNOWN]Linux Kernel Organization, IncDebian GNU/LinuxCanonical Ltd.Red Hat, Inc.
Product-enterprise_linux_serverubuntu_linuxdebian_linuxlinux_kernelenterprise_linux_workstationenterprise_linuxenterprise_linux_desktopkernel
CWE ID-CWE-416
Use After Free
CVE-2018-10905
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.47% / 37.56%
||
7 Day CHG~0.00%
Published-24 Jul, 2018 | 13:00
Updated-05 Aug, 2024 | 07:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CloudForms Management Engine (cfme) is vulnerable to an improper security setting in the dRuby component of CloudForms. An attacker with access to an unprivileged local shell could use this flaw to execute commands as a high privileged user.

Action-Not Available
Vendor-[UNKNOWN]Red Hat, Inc.
Product-cloudforms_management_enginecloudformscfme
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-1113
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4.8||MEDIUM
EPSS-0.32% / 23.28%
||
7 Day CHG~0.00%
Published-02 Jul, 2018 | 18:00
Updated-05 Aug, 2024 | 03:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

setup before version 2.11.4-1.fc28 in Fedora and Red Hat Enterprise Linux added /sbin/nologin and /usr/sbin/nologin to /etc/shells. This violates security assumptions made by pam_shells and some daemons which allow access based on a user's shell being listed in /etc/shells. Under some circumstances, users which had their shell changed to /sbin/nologin could still access the system.

Action-Not Available
Vendor-[UNKNOWN]Red Hat, Inc.Fedora Project
Product-enterprise_linux_serverenterprise_linux_workstationsetupfedoraenterprise_linuxenterprise_linux_desktopsetup
CWE ID-CWE-285
Improper Authorization
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2018-1124
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.3||HIGH
EPSS-1.83% / 76.31%
||
7 Day CHG~0.00%
Published-23 May, 2018 | 13:00
Updated-18 Dec, 2025 | 11:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

procps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in file2strvec function. This allows a privilege escalation for a local attacker who can create entries in procfs by starting processes, which could result in crashes or arbitrary code execution in proc utilities run by other users.

Action-Not Available
Vendor-procps-ng_project[UNKNOWN]Debian GNU/LinuxCanonical Ltd.Red Hat, Inc.openSUSE
Product-enterprise_linux_serverubuntu_linuxdebian_linuxprocps-ngenterprise_linux_workstationenterprise_linuxenterprise_linux_desktopstruxureware_data_center_expertleapprocps-ng
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-190
Integer Overflow or Wraparound
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-10875
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.59% / 43.79%
||
7 Day CHG~0.00%
Published-13 Jul, 2018 | 22:00
Updated-05 Aug, 2024 | 07:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in ansible. ansible.cfg is read from the current working directory which can be altered to make it point to a plugin or a module path under the control of an attacker, thus allowing the attacker to execute arbitrary code.

Action-Not Available
Vendor-[UNKNOWN]Red Hat, Inc.SUSEDebian GNU/LinuxCanonical Ltd.
Product-ceph_storageubuntu_linuxvirtualizationdebian_linuxopenshiftopenstackvirtualization_hostsuse_linux_enterprise_serverpackage_hubgluster_storageansible_engineansible
CWE ID-CWE-426
Untrusted Search Path
CVE-2018-1087
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-8||HIGH
EPSS-0.77% / 51.21%
||
7 Day CHG~0.00%
Published-15 May, 2018 | 16:00
Updated-05 Aug, 2024 | 03:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

kernel KVM before versions kernel 4.16, kernel 4.16-rc7, kernel 4.17-rc1, kernel 4.17-rc2 and kernel 4.17-rc3 is vulnerable to a flaw in the way the Linux kernel's KVM hypervisor handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch operation, the processor did not deliver interrupts and exceptions, rather they are delivered once the first instruction after the stack switch is executed. An unprivileged KVM guest user could use this flaw to crash the guest or, potentially, escalate their privileges in the guest.

Action-Not Available
Vendor-Linux Kernel Organization, IncDebian GNU/LinuxRed Hat, Inc.Canonical Ltd.
Product-enterprise_linux_serverubuntu_linuxdebian_linuxlinux_kernelenterprise_linux_server_eusenterprise_linux_server_ausenterprise_linux_workstationenterprise_linuxenterprise_linux_server_tusenterprise_linux_virtualizationenterprise_linux_desktopKVM
CWE ID-CWE-250
Execution with Unnecessary Privileges
CVE-2018-11237
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.86% / 53.99%
||
7 Day CHG~0.00%
Published-18 May, 2018 | 16:00
Updated-05 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An AVX-512-optimized implementation of the mempcpy function in the GNU C Library (aka glibc or libc6) 2.27 and earlier may write data beyond the target buffer, leading to a buffer overflow in __mempcpy_avx512_no_vzeroupper.

Action-Not Available
Vendor-n/aRed Hat, Inc.GNUNetApp, Inc.Canonical Ltd.Oracle Corporation
Product-enterprise_linux_serverubuntu_linuxelement_software_managemententerprise_linux_workstationvirtualization_hostdata_ontap_edgeglibccommunications_session_border_controllerenterprise_linux_desktopenterprise_communications_brokern/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-1000001
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-13.61% / 96.01%
||
7 Day CHG~0.00%
Published-31 Jan, 2018 | 14:00
Updated-05 Aug, 2024 | 12:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution.

Action-Not Available
Vendor-n/aRed Hat, Inc.Canonical Ltd.GNU
Product-enterprise_linux_serverubuntu_linuxenterprise_linux_server_eusenterprise_linux_server_ausenterprise_linux_workstationvirtualization_hostglibcenterprise_linux_server_tusenterprise_linux_desktopn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2004-0107
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.39% / 31.13%
||
7 Day CHG~0.00%
Published-16 Mar, 2004 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The (1) post and (2) trigger scripts in sysstat 4.0.7 and earlier allow local users to overwrite arbitrary files via symlink attacks on temporary files, a different vulnerability than CVE-2004-0108.

Action-Not Available
Vendor-sysstatn/aSilicon Graphics, Inc.Red Hat, Inc.
Product-sysstatpropackn/a
CVE-2003-0539
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.36% / 27.79%
||
7 Day CHG~0.00%
Published-10 Jul, 2003 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

skk (Simple Kana to Kanji conversion program) 12.1 and earlier, and the ddskk package which is based on skk, creates temporary files insecurely, which allows local users to overwrite arbitrary files.

Action-Not Available
Vendor-ddskkskkn/aRed Hat, Inc.
Product-ddskkddskk-xemacsdaredevil_skkskkn/a
CVE-2018-1000876
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.66% / 46.90%
||
7 Day CHG+0.01%
Published-20 Dec, 2018 | 17:00
Updated-05 Aug, 2024 | 12:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

binutils version 2.32 and earlier contains a Integer Overflow vulnerability in objdump, bfd_get_dynamic_reloc_upper_bound,bfd_canonicalize_dynamic_reloc that can result in Integer overflow trigger heap overflow. Successful exploitation allows execution of arbitrary code.. This attack appear to be exploitable via Local. This vulnerability appears to have been fixed in after commit 3a551c7a1b80fca579461774860574eabfd7f18f.

Action-Not Available
Vendor-n/aRed Hat, Inc.Canonical Ltd.GNU
Product-enterprise_linux_serverubuntu_linuxenterprise_linux_workstationenterprise_linux_desktopbinutilsn/a
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2017-7980
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.62% / 45.59%
||
7 Day CHG~0.00%
Published-25 Jul, 2017 | 14:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in Cirrus CLGD 54xx VGA Emulator in Quick Emulator (Qemu) 2.8 and earlier allows local guest OS users to execute arbitrary code or cause a denial of service (crash) via vectors related to a VNC client updating its display after a VGA operation.

Action-Not Available
Vendor-n/aCanonical Ltd.QEMURed Hat, Inc.Debian GNU/Linux
Product-debian_linuxubuntu_linuxenterprise_linux_serverqemuenterprise_linux_workstationenterprise_linux_server_tusenterprise_linux_desktopenterprise_linux_server_eusenterprise_linux_server_ausopenstackvirtualizationenterprise_linuxn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2001-0496
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.39% / 31.06%
||
7 Day CHG~0.00%
Published-24 May, 2001 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

kdesu in kdelibs package creates world readable temporary files containing authentication info, which can allow local users to gain privileges.

Action-Not Available
Vendor-n/aMandriva (Mandrakesoft)Red Hat, Inc.
Product-mandrake_linuxlinuxn/a
CVE-2021-3411
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.40% / 32.21%
||
7 Day CHG~0.00%
Published-09 Mar, 2021 | 19:08
Updated-03 Aug, 2024 | 16:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in the Linux kernel in versions prior to 5.10. A violation of memory access was found while detecting a padding of int3 in the linking state. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncRed Hat, Inc.
Product-enterprise_linuxlinux_kernelLinux kernel
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2003-0194
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.37% / 29.05%
||
7 Day CHG~0.00%
Published-17 May, 2003 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

tcpdump does not properly drop privileges to the pcap user when starting up.

Action-Not Available
Vendor-n/aRed Hat, Inc.
Product-tcpdumplinuxn/a
CVE-2017-3636
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5.3||MEDIUM
EPSS-0.44% / 35.14%
||
7 Day CHG~0.00%
Published-08 Aug, 2017 | 15:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.56 and earlier and 5.6.36 and earlier. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L).

Action-Not Available
Vendor-MariaDB FoundationOracle CorporationRed Hat, Inc.Debian GNU/Linux
Product-debian_linuxenterprise_linux_serverenterprise_linux_workstationmariadbmysqlenterprise_linux_desktopenterprise_linux_server_tusenterprise_linux_server_eusenterprise_linux_server_ausopenstackMySQL Server
CVE-2017-2663
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-8.2||HIGH
EPSS-0.36% / 28.56%
||
7 Day CHG~0.00%
Published-27 Jul, 2018 | 20:00
Updated-05 Aug, 2024 | 14:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

It was found that subscription-manager's DBus interface before 1.19.4 let unprivileged user access the com.redhat.RHSM1.Facts.GetFacts and com.redhat.RHSM1.Config.Set methods. An unprivileged local attacker could use these methods to gain access to private information, or launch a privilege escalation attack.

Action-Not Available
Vendor-Red Hat, Inc.
Product-subscription-managersubscription-manager
CWE ID-CWE-270
Privilege Context Switching Error
CVE-2000-0356
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.40% / 32.18%
||
7 Day CHG~0.00%
Published-12 Jul, 2000 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Pluggable Authentication Modules (PAM) in Red Hat Linux 6.1 does not properly lock access to disabled NIS accounts.

Action-Not Available
Vendor-n/aRed Hat, Inc.
Product-linuxn/a
CVE-2000-0365
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.38% / 29.82%
||
7 Day CHG~0.00%
Published-24 May, 2000 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Red Hat Linux 6.0 installs the /dev/pts file system with insecure modes, which allows local users to write to other tty devices.

Action-Not Available
Vendor-n/aRed Hat, Inc.
Product-linuxn/a
CVE-2000-0364
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.38% / 29.82%
||
7 Day CHG~0.00%
Published-24 May, 2000 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

screen and rxvt in Red Hat Linux 6.0 do not properly set the modes of tty devices, which allows local users to write to other ttys.

Action-Not Available
Vendor-n/aRed Hat, Inc.
Product-linuxn/a
CVE-2014-8168
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.1||MEDIUM
EPSS-0.27% / 19.00%
||
7 Day CHG~0.00%
Published-28 Aug, 2017 | 15:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Red Hat Satellite 6 allows local users to access mongod and delete pulp_database.

Action-Not Available
Vendor-n/aRed Hat, Inc.
Product-satelliten/a
CWE ID-CWE-284
Improper Access Control
CVE-2000-0604
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.49% / 38.40%
||
7 Day CHG~0.00%
Published-13 Oct, 2000 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

gkermit in Red Hat Linux is improperly installed with setgid uucp, which allows local users to modify files owned by uucp.

Action-Not Available
Vendor-n/aRed Hat, Inc.
Product-linuxn/a
CVE-1999-1330
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.40% / 31.48%
||
7 Day CHG~0.00%
Published-09 Mar, 2002 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The snprintf function in the db library 1.85.4 ignores the size parameter, which could allow attackers to exploit buffer overflows that would be prevented by a properly implemented snprintf.

Action-Not Available
Vendor-n/aDebian GNU/LinuxRed Hat, Inc.
Product-debian_linuxlinuxn/a
CVE-1999-1347
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.45% / 36.10%
||
7 Day CHG~0.00%
Published-12 Sep, 2001 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Xsession in Red Hat Linux 6.1 and earlier can allow local users with restricted accounts to bypass execution of the .xsession file by starting kde, gnome or anotherlevel from kdm.

Action-Not Available
Vendor-n/aRed Hat, Inc.
Product-linuxn/a
CVE-2017-15131
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.32% / 23.95%
||
7 Day CHG~0.00%
Published-09 Jan, 2018 | 21:00
Updated-05 Aug, 2024 | 19:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

It was found that system umask policy is not being honored when creating XDG user directories, since Xsession sources xdg-user-dirs.sh before setting umask policy. This only affects xdg-user-dirs before 0.15.5 as shipped with Red Hat Enterprise Linux.

Action-Not Available
Vendor-freedesktop.orgRed Hat, Inc.
Product-xdg-user-dirsenterprise_linuxRHEL shipped xdg-user-dirs and gnome-session
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2022-0516
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.33% / 24.57%
||
7 Day CHG~0.00%
Published-08 Mar, 2022 | 14:06
Updated-02 Aug, 2024 | 23:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability was found in kvm_s390_guest_sida_op in the arch/s390/kvm/kvm-s390.c function in KVM for s390 in the Linux kernel. This flaw allows a local attacker with a normal user privilege to obtain unauthorized memory write access. This flaw affects Linux kernel versions prior to 5.17-rc4.

Action-Not Available
Vendor-n/aFedora ProjectRed Hat, Inc.Linux Kernel Organization, IncNetApp, Inc.Debian GNU/Linux
Product-h300eenterprise_linux_server_update_services_for_sap_solutionsh500senterprise_linux_server_ausenterprise_linuxvirtualization_hosth300s_firmwareh410c_firmwareh410sh300scodeready_linux_builderh300e_firmwaredebian_linuxlinux_kernelh500eh410s_firmwarefedorah500s_firmwareh500e_firmwareh700s_firmwareenterprise_linux_eusenterprise_linux_for_ibm_z_systemsenterprise_linux_for_power_little_endian_eusenterprise_linux_server_for_power_little_endian_update_services_for_sap_solutionsh700eh410centerprise_linux_server_tush700e_firmwareenterprise_linux_for_power_little_endianenterprise_linux_for_ibm_z_systems_eush700skernel
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-1999-1288
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.46% / 36.67%
||
7 Day CHG~0.00%
Published-09 Mar, 2002 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Samba 1.9.18 inadvertently includes a prototype application, wsmbconf, which is installed with incorrect permissions including the setgid bit, which allows local users to read and write files and possibly gain privileges via bugs in the program.

Action-Not Available
Vendor-turbolinuxn/aRed Hat, Inc.The MITRE Corporation (Caldera)Samba
Product-linuxsambaopenlinuxturbolinuxn/a
CVE-1999-0433
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.71% / 49.14%
||
7 Day CHG~0.00%
Published-29 Sep, 1999 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service.

Action-Not Available
Vendor-xfree86_projectn/aSlackwareNetBSDRed Hat, Inc.SUSE
Product-x11r6linuxsuse_linuxslackware_linuxnetbsdn/a
CVE-2021-3750
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-8.2||HIGH
EPSS-0.53% / 40.90%
||
7 Day CHG~0.00%
Published-02 May, 2022 | 18:48
Updated-03 Aug, 2024 | 17:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A DMA reentrancy issue was found in the USB EHCI controller emulation of QEMU. EHCI does not verify if the Buffer Pointer overlaps with its MMIO region when it transfers the USB packets. Crafted content may be written to the controller's registers and trigger undesirable actions (such as reset) while the device is still transferring packets. This can ultimately lead to a use-after-free issue. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition, or potentially execute arbitrary code within the context of the QEMU process on the host. This flaw affects QEMU versions before 7.0.0.

Action-Not Available
Vendor-n/aQEMURed Hat, Inc.
Product-qemuenterprise_linuxQEMU
CWE ID-CWE-416
Use After Free
CVE-2002-0169
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.41% / 32.57%
||
7 Day CHG~0.00%
Published-02 Apr, 2003 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The default stylesheet for DocBook on Red Hat Linux 6.2 through 7.2 is installed with an insecure option enabled, which could allow users to overwrite files outside of the current directory from an untrusted document by using a full pathname as an element identifier.

Action-Not Available
Vendor-n/aRed Hat, Inc.
Product-docbook_stylesheetsdocbook_utilsn/a
CVE-1999-1048
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.54% / 41.38%
||
7 Day CHG~0.00%
Published-09 Mar, 2002 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in bash 2.0.0, 1.4.17, and other versions allows local attackers to gain privileges by creating an extremely large directory name, which is inserted into the password prompt via the \w option in the PS1 environmental variable when another user changes into that directory.

Action-Not Available
Vendor-n/aDebian GNU/LinuxRed Hat, Inc.
Product-debian_linuxlinuxn/a
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 19
  • 20
  • Next
Details not found