Vulnerabilities > Redhat > Enterprise Linux > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-05-12 | CVE-2010-0730 | Improper Input Validation vulnerability in Redhat Enterprise Linux and Enterprise Linux Desktop The MMIO instruction decoder in the Xen hypervisor in the Linux kernel 2.6.18 in Red Hat Enterprise Linux (RHEL) 5 allows guest OS users to cause a denial of service (32-bit guest OS crash) via vectors that trigger an unspecified instruction emulation. | 2.6 |
| 2008-08-18 | CVE-2008-3270 | Cryptographic Issues vulnerability in Redhat Enterprise Linux 5.0 yum-rhn-plugin in Red Hat Enterprise Linux (RHEL) 5 does not verify the SSL certificate for a file download from a Red Hat Network (RHN) server, which makes it easier for remote man-in-the-middle attackers to cause a denial of service (loss of updates) or force the download and installation of official Red Hat packages that were not requested. | 2.6 |
| 2008-05-23 | CVE-2007-5496 | Cross-Site Scripting vulnerability in Selinux Setroubleshoot 2.0.5 Cross-site scripting (XSS) vulnerability in setroubleshoot 2.0.5 allows local users to inject arbitrary web script or HTML via a crafted (1) file or (2) process name, which triggers an Access Vector Cache (AVC) log entry in a log file used during composition of HTML documents for sealert. | 1.9 |
| 2008-05-14 | CVE-2008-1943 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Xensource XEN Buffer overflow in the backend of XenSource Xen Para Virtualized Frame Buffer (PVFB) 3.0 through 3.1.2 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted description of a shared framebuffer. | 2.1 |
| 2007-11-10 | CVE-2007-4570 | Improper Input Validation vulnerability in Redhat Mcstrans 0.2.3 Algorithmic complexity vulnerability in the MCS translation daemon in mcstrans 0.2.3 allows local users to cause a denial of service (temporary daemon outage) via a large range of compartments in sensitivity labels. | 1.9 |
| 2007-11-08 | CVE-2007-4129 | Link Following vulnerability in Fedoraproject Coolkey 1.1.0 CoolKey 1.1.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files in the /tmp/.pk11ipc1/ directory. | 3.3 |
| 2007-09-18 | CVE-2007-0004 | Permissions, Privileges, and Access Controls vulnerability in Redhat Enterprise Linux 3.0 The NFS client implementation in the kernel in Red Hat Enterprise Linux (RHEL) 3, when a filesystem is mounted with the noacl option, checks permissions for the open system call via vfs_permission (mode bits) data rather than an NFS ACCESS call to the server, which allows local client processes to obtain a false success status from open calls that the server would deny, and possibly obtain sensitive information about file permissions on the server, as demonstrated in a root_squash environment. | 1.9 |
| 2007-09-17 | CVE-2007-3379 | Denial-Of-Service vulnerability in Enterprise Linux for SAP Unspecified vulnerability in the kernel in Red Hat Enterprise Linux (RHEL) 4 on the x86_64 platform allows local users to cause a denial of service (OOPS) via unspecified vectors related to the get_gate_vma function and the fuser command. | 2.1 |
| 2007-09-05 | CVE-2007-3849 | Permissions, Privileges, and Access Controls vulnerability in Redhat Enterprise Linux 5.0 Red Hat Enterprise Linux (RHEL) 5 ships the rpm for the Advanced Intrusion Detection Environment (AIDE) before 0.13.1 with a database that lacks checksum information, which allows context-dependent attackers to bypass file integrity checks and modify certain files. | 1.9 |
| 2007-08-27 | CVE-2007-2797 | Unspecified vulnerability in Xterm 1927.El4/2083.1 xterm, including 192-7.el4 in Red Hat Enterprise Linux and 208-3.1 in Debian GNU/Linux, sets the wrong group ownership of tty devices, which allows local users to write data to other users' terminals. | 2.1 |