Redhat: >> Enterprise Linux Server >> 7.0 Security Vulnerabilities
virt-who uses world-readable permissions for /etc/sysconfig/virt-who, which allows local users to obtain password for hypervisors by reading the file.
CVSS Score
2.1
EPSS Score
0.001
Published
2014-05-02
Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote attackers to affect availability via unknown vectors related to Options.
CVSS Score
2.6
EPSS Score
0.01
Published
2014-04-16
Unspecified vulnerability Oracle the MySQL Server component 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Federated.
CVSS Score
2.8
EPSS Score
0.008
Published
2014-04-16
Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to RBR.
CVSS Score
6.5
EPSS Score
0.009
Published
2014-04-16
Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Replication.
CVSS Score
3.5
EPSS Score
0.007
Published
2014-04-16
Unspecified vulnerability in the MySQL Client component in Oracle MySQL 5.5.36 and earlier and 5.6.16 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
CVSS Score
5.1
EPSS Score
0.008
Published
2014-04-16
Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.
CVSS Score
4.0
EPSS Score
0.013
Published
2014-04-16
Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect availability via unknown vectors related to Performance Schema.
CVSS Score
3.5
EPSS Score
0.006
Published
2014-04-16
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to XML.
CVSS Score
4.0
EPSS Score
0.009
Published
2014-04-16
The mod_headers module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass "RequestHeader unset" directives by placing a header in the trailer portion of data sent with chunked transfer coding. NOTE: the vendor states "this is not a security issue in httpd as such."
CVSS Score
5.0
EPSS Score
0.761
Published
2014-04-15