Shodan
Vulnerabilities
Vulnerable Software
Redhat:  >> Enterprise Linux  >> 6.0  Security Vulnerabilities
CVE-2011-3631
Hardlink before 0.1.2 has multiple integer overflows leading to heap-based buffer overflows because of the way string lengths concatenation is done in the calculation of the required memory space to be used. A remote attacker could provide a specially-crafted directory tree and trick the local user into consolidating it, leading to hardlink executable crash or potentially arbitrary code execution with user privileges.
CVSS Score
8.8
EPSS Score
0.042
Published
2019-11-26
CVE-2011-3632
Hardlink before 0.1.2 operates on full file system objects path names which can allow a local attacker to use this flaw to conduct symlink attacks.
CVSS Score
7.1
EPSS Score
0.001
Published
2019-11-26
CVE-2011-3630
Hardlink before 0.1.2 suffer from multiple stack-based buffer overflow flaws because of the way directory trees with deeply nested directories are processed. A remote attacker could provide a specially-crafted directory tree, and trick the local user into consolidating it, leading to hardlink executable crash, or, potentially arbitrary code execution with the privileges of the user running the hardlink executable.
CVSS Score
8.8
EPSS Score
0.031
Published
2019-11-26
CVE-2012-5644
libuser has information disclosure when moving user's home directory
CVSS Score
5.5
EPSS Score
0.001
Published
2019-11-25
CVE-2012-5521
quagga (ospf6d) 0.99.21 has a DoS flaw in the way the ospf6d daemon performs routes removal
CVSS Score
6.5
EPSS Score
0.003
Published
2019-11-25
CVE-2012-5630
libuser 0.56 and 0.57 has a TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees.
CVSS Score
6.3
EPSS Score
0.001
Published
2019-11-25
CVE-2019-14815
A vulnerability was found in Linux Kernel, where a Heap Overflow was found in mwifiex_set_wmm_params() function of Marvell Wifi Driver.
CVSS Score
7.8
EPSS Score
0.001
Published
2019-11-25
CVE-2019-10174
A vulnerability was found in Infinispan such that the invokeAccessibly method from the public class ReflectionUtil allows any application class to invoke private methods in any class with Infinispan's privileges. The attacker can use reflection to introduce new, malicious behavior into the application.
CVSS Score
7.5
EPSS Score
0.011
Published
2019-11-25
CVE-2012-0877
PyXML: Hash table collisions CPU usage Denial of Service
CVSS Score
7.5
EPSS Score
0.005
Published
2019-11-22
CVE-2014-3585
redhat-upgrade-tool: Does not check GPG signatures when upgrading versions
CVSS Score
9.8
EPSS Score
0.003
Published
2019-11-22


Products
Pricing
Contact Us

Shodan ® - All rights reserved