|
248831
|
5.5 |
MEDIUM
Local
|
x.org
redhat
|
libxdmcp
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux
enterprise_linux_server
enterprise_linux_server_aus
enterprise_linux_server_eus
|
It was discovered that libXdmcp before 1.1.2 including used weak entropy to generate session keys. On a multi-user system using xdmcp, a local attacker could potentially use information available fro…
|
-
|
CVE-2017-2625
|
2024-11-21 12:23 |
2018-07-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248832
|
7.0 |
HIGH
Local
|
x.org
debian
|
xorg-server
debian_linux
|
It was found that xorg-x11-server before 1.19.0 including uses memcmp() to check the received MIT cookie against a series of valid cookies. If the cookie is correct, it is allowed to attach to the Xo…
|
CWE-200
Information Exposure
|
CVE-2017-2624
|
2024-11-21 12:23 |
2018-07-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248833
|
5.3 |
MEDIUM
Network
|
rpm-ostree
redhat
|
rpm-ostree
rpm-ostree-client
enterprise_linux
|
It was discovered that rpm-ostree and rpm-ostree-client before 2017.3 fail to properly check GPG signatures on packages when doing layering. Packages with unsigned or badly signed content could fail …
|
CWE-295
Improper Certificate Validation
|
CVE-2017-2623
|
2024-11-21 12:23 |
2018-07-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248834
|
5.5 |
MEDIUM
Local
|
redhat
openstack
|
openstack
heat
|
An access-control flaw was found in the OpenStack Orchestration (heat) service before 8.0.0, 6.1.0 and 7.0.2 where a service log directory was improperly made world readable. A malicious system user …
|
-
|
CVE-2017-2621
|
2024-11-21 12:23 |
2018-07-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248835
|
6.3 |
MEDIUM
Local
|
redhat
|
enterprise_virtualization
|
When updating a password in the rhvm database the ovirt-aaa-jdbc-tool tools before 1.1.3 fail to correctly check for the current password if it is expired. This would allow access to an attacker with…
|
CWE-640
Weak Password Recovery Mechanism for Forgotten Password
|
CVE-2017-2614
|
2024-11-21 12:23 |
2018-07-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248836
|
8.1 |
HIGH
Network
|
freeipa
redhat
|
freeipa
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux
enterprise_linux_server
enterprise_linux_server_aus
enterprise_linux_server_eus
|
A vulnerability was found in ipa before 4.4. IdM's ca-del, ca-disable, and ca-enable commands did not properly check the user's permissions while modifying CAs in Dogtag. An authenticated, unauthoriz…
|
CWE-275
Permission Issues
|
CVE-2017-2590
|
2024-11-21 12:23 |
2018-07-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248837
|
5.5 |
MEDIUM
Local
|
netpbm_project
|
netpbm
|
A memory allocation vulnerability was found in netpbm before 10.61. A maliciously crafted SVG file could cause the application to crash.
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2017-2587
|
2024-11-21 12:23 |
2018-07-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248838
|
5.5 |
MEDIUM
Local
|
netpbm_project
|
netpbm
|
A null pointer dereference vulnerability was found in netpbm before 10.61. A maliciously crafted SVG file could cause the application to crash.
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-2586
|
2024-11-21 12:23 |
2018-07-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248839
|
7.8 |
HIGH
Local
|
netpbm_project
|
netpbm
|
An out-of-bounds write vulnerability was found in netpbm before 10.61. A maliciously crafted file could cause the application to crash or possibly allow code execution.
|
CWE-787
Out-of-bounds Write
|
CVE-2017-2581
|
2024-11-21 12:23 |
2018-07-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248840
|
7.8 |
HIGH
Local
|
netpbm_project
|
netpbm
|
An out-of-bounds write vulnerability was found in netpbm before 10.61. A maliciously crafted file could cause the application to crash or possibly allow code execution.
|
CWE-787
Out-of-bounds Write
|
CVE-2017-2580
|
2024-11-21 12:23 |
2018-07-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
