|
250571
|
5.3 |
MEDIUM
Network
|
rpm-ostree
redhat
|
rpm-ostree
rpm-ostree-client
enterprise_linux
|
It was discovered that rpm-ostree and rpm-ostree-client before 2017.3 fail to properly check GPG signatures on packages when doing layering. Packages with unsigned or badly signed content could fail …
|
CWE-295
Improper Certificate Validation
|
CVE-2017-2623
|
2024-11-21 12:23 |
2018-07-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250572
|
5.5 |
MEDIUM
Local
|
redhat
openstack
|
openstack
heat
|
An access-control flaw was found in the OpenStack Orchestration (heat) service before 8.0.0, 6.1.0 and 7.0.2 where a service log directory was improperly made world readable. A malicious system user …
|
-
|
CVE-2017-2621
|
2024-11-21 12:23 |
2018-07-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250573
|
6.3 |
MEDIUM
Local
|
redhat
|
enterprise_virtualization
|
When updating a password in the rhvm database the ovirt-aaa-jdbc-tool tools before 1.1.3 fail to correctly check for the current password if it is expired. This would allow access to an attacker with…
|
CWE-640
Weak Password Recovery Mechanism for Forgotten Password
|
CVE-2017-2614
|
2024-11-21 12:23 |
2018-07-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250574
|
8.1 |
HIGH
Network
|
freeipa
redhat
|
freeipa
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux
enterprise_linux_server
enterprise_linux_server_aus
enterprise_linux_server_eus
|
A vulnerability was found in ipa before 4.4. IdM's ca-del, ca-disable, and ca-enable commands did not properly check the user's permissions while modifying CAs in Dogtag. An authenticated, unauthoriz…
|
CWE-275
Permission Issues
|
CVE-2017-2590
|
2024-11-21 12:23 |
2018-07-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250575
|
5.5 |
MEDIUM
Local
|
netpbm_project
|
netpbm
|
A memory allocation vulnerability was found in netpbm before 10.61. A maliciously crafted SVG file could cause the application to crash.
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2017-2587
|
2024-11-21 12:23 |
2018-07-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250576
|
5.5 |
MEDIUM
Local
|
netpbm_project
|
netpbm
|
A null pointer dereference vulnerability was found in netpbm before 10.61. A maliciously crafted SVG file could cause the application to crash.
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-2586
|
2024-11-21 12:23 |
2018-07-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250577
|
7.8 |
HIGH
Local
|
netpbm_project
|
netpbm
|
An out-of-bounds write vulnerability was found in netpbm before 10.61. A maliciously crafted file could cause the application to crash or possibly allow code execution.
|
CWE-787
Out-of-bounds Write
|
CVE-2017-2581
|
2024-11-21 12:23 |
2018-07-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250578
|
7.8 |
HIGH
Local
|
netpbm_project
|
netpbm
|
An out-of-bounds write vulnerability was found in netpbm before 10.61. A maliciously crafted file could cause the application to crash or possibly allow code execution.
|
CWE-787
Out-of-bounds Write
|
CVE-2017-2580
|
2024-11-21 12:23 |
2018-07-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250579
|
7.8 |
HIGH
Local
|
netpbm_project
|
netpbm
|
An out-of-bounds read vulnerability was found in netpbm before 10.61. The expandCodeOntoStack() function has an insufficient code value check, so that a maliciously crafted file could cause the appli…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-2579
|
2024-11-21 12:23 |
2018-07-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250580
|
7.5 |
HIGH
Network
|
redhat
debian
|
undertow
debian_linux
jboss_enterprise_application_platform
|
It was found in Undertow before 1.3.28 that with non-clean TCP close, the Websocket server gets into infinite loop on every IO thread, effectively causing DoS.
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2017-2670
|
2024-11-21 12:23 |
2018-07-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
