Redhat: >> Enterprise Linux >> 6.0 Security Vulnerabilities
Hardlink before 0.1.2 operates on full file system objects path names which can allow a local attacker to use this flaw to conduct symlink attacks.
CVSS Score
7.1
EPSS Score
0.001
Published
2019-11-26
Hardlink before 0.1.2 suffer from multiple stack-based buffer overflow flaws because of the way directory trees with deeply nested directories are processed. A remote attacker could provide a specially-crafted directory tree, and trick the local user into consolidating it, leading to hardlink executable crash, or, potentially arbitrary code execution with the privileges of the user running the hardlink executable.
CVSS Score
8.8
EPSS Score
0.031
Published
2019-11-26
libuser has information disclosure when moving user's home directory
CVSS Score
5.5
EPSS Score
0.001
Published
2019-11-25
quagga (ospf6d) 0.99.21 has a DoS flaw in the way the ospf6d daemon performs routes removal
CVSS Score
6.5
EPSS Score
0.003
Published
2019-11-25
libuser 0.56 and 0.57 has a TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees.
CVSS Score
6.3
EPSS Score
0.001
Published
2019-11-25
A vulnerability was found in Linux Kernel, where a Heap Overflow was found in mwifiex_set_wmm_params() function of Marvell Wifi Driver.
CVSS Score
7.8
EPSS Score
0.002
Published
2019-11-25
A vulnerability was found in Infinispan such that the invokeAccessibly method from the public class ReflectionUtil allows any application class to invoke private methods in any class with Infinispan's privileges. The attacker can use reflection to introduce new, malicious behavior into the application.
CVSS Score
7.5
EPSS Score
0.01
Published
2019-11-25
PyXML: Hash table collisions CPU usage Denial of Service
CVSS Score
7.5
EPSS Score
0.005
Published
2019-11-22
redhat-upgrade-tool: Does not check GPG signatures when upgrading versions
CVSS Score
9.8
EPSS Score
0.003
Published
2019-11-22
MediaWiki before 1.19.4 and 1.20.x before 1.20.3 contains an error in the api.php script which allows remote attackers to obtain sensitive information.
CVSS Score
7.5
EPSS Score
0.016
Published
2019-11-20