Vulnerabilities > Redhat > Enterprise Linux > 5.0

DATE CVE VULNERABILITY TITLE RISK
2019-11-22 CVE-2012-0877 Resource Exhaustion vulnerability in multiple products
PyXML: Hash table collisions CPU usage Denial of Service
network
low complexity
python redhat CWE-400
7.5
7.5
2019-11-19 CVE-2011-4967 Improper Input Validation vulnerability in multiple products
tog-Pegasus has a package hash collision DoS vulnerability
network
low complexity
openpegasus redhat CWE-20
7.5
7.5
2019-11-15 CVE-2011-2726 Incorrect Authorization vulnerability in multiple products
An access bypass issue was found in Drupal 7.x before version 7.5.
network
low complexity
drupal debian redhat fedoraproject CWE-863
7.5
7.5
2019-11-15 CVE-2016-5285 NULL Pointer Dereference vulnerability in multiple products
A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service.
network
low complexity
mozilla debian redhat suse avaya CWE-476
7.5
7.5
2019-11-14 CVE-2011-1145 Classic Buffer Overflow vulnerability in multiple products
The SQLDriverConnect() function in unixODBC before 2.2.14p2 have a possible buffer overflow condition when specifying a large value for SAVEFILE parameter in the connection string.
local
low complexity
unixodbc debian opensuse redhat CWE-120
7.8
7.8
2019-11-13 CVE-2010-4657 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
PHP5 before 5.4.4 allows passing invalid utf-8 strings via the xmlTextWriterWriteAttribute, which are then misparsed by libxml2.
network
low complexity
php redhat debian CWE-772
7.5
7.5
2019-11-12 CVE-2011-2897 Improper Input Validation vulnerability in multiple products
gdk-pixbuf through 2.31.1 has GIF loader buffer overflow when initializing decompression tables due to an input validation flaw
network
low complexity
gnome redhat debian CWE-20
critical
 9.8
9.8
2019-11-05 CVE-2016-4983 Incorrect Permission Assignment for Critical Resource vulnerability in multiple products
A postinstall script in the dovecot rpm allows local users to read the contents of newly created SSL/TLS key files.
local
low complexity
dovecot opensuse redhat CWE-732
3.3
3.3
2019-11-04 CVE-2015-8980 Improper Input Validation vulnerability in multiple products
The plural form formula in ngettext family of calls in php-gettext before 1.0.12 allows remote attackers to execute arbitrary code.
network
low complexity
php-gettext-project opensuse redhat fedoraproject CWE-20
critical
 9.8
9.8
2019-11-01 CVE-2013-3718 Improper Input Validation vulnerability in multiple products
evince is missing a check on number of pages which can lead to a segmentation fault
local
low complexity
gnome debian redhat opensuse CWE-20
5.5
5.5