Vulnerabilities (CVE)

Filtered by vendor Redhat Subscribe
Total 5954 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2007-5495 2 Redhat, Selinux 3 Enterprise Linux, Enterprise Linux Desktop, Setroubleshoot 2026-06-16 4.4 MEDIUM N/A
sealert in setroubleshoot 2.0.5 allows local users to overwrite arbitrary files via a symlink attack on the sealert.log temporary file.
CVE-2007-5494 1 Redhat 1 Enterprise Linux 2026-06-16 4.9 MEDIUM N/A
Memory leak in the Red Hat Content Accelerator kernel patch in Red Hat Enterprise Linux (RHEL) 4 and 5 allows local users to cause a denial of service (memory consumption) via a large number of open requests involving O_ATOMICLOOKUP.
CVE-2007-5365 5 Debian, Openbsd, Redhat and 2 more 7 Debian Linux, Openbsd, Enterprise Linux and 4 more 2026-06-16 7.2 HIGH N/A
Stack-based buffer overflow in the cons_options function in options.c in dhcpd in OpenBSD 4.0 through 4.2, and some other dhcpd implementations based on ISC dhcp-2, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a DHCP request specifying a maximum message size smaller than the minimum IP MTU.
CVE-2007-5159 3 Ntfs-3g, Redhat, Ubuntu 3 Ntfs-3g, Fedora, Ubuntu Linux 2026-06-16 4.6 MEDIUM N/A
The ntfs-3g package before 1.913-2.fc7 in Fedora 7, and an ntfs-3g package in Ubuntu 7.10/Gutsy, assign incorrect permissions (setuid root) to mount.ntfs-3g, which allows local users with fuse group membership to read from and write to arbitrary block devices, possibly involving a file descriptor leak.
CVE-2007-5116 6 Debian, Larry Wall, Mandrakesoft and 3 more 10 Debian Linux, Perl, Mandrake Linux and 7 more 2026-06-16 7.5 HIGH N/A
Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression.
CVE-2007-5079 1 Redhat 1 Linux 2026-06-16 6.0 MEDIUM N/A
Red Hat Enterprise Linux 4 does not properly compile and link gdm with tcp_wrappers on x86_64 platforms, which might allow remote attackers to bypass intended access restrictions.
CVE-2007-5001 1 Redhat 2 Enterprise Linux, Enterprise Linux Desktop 2026-06-16 4.9 MEDIUM N/A
Linux kernel before 2.4.21 allows local users to cause a denial of service (kernel panic) via asynchronous input or output on a FIFO special file.
CVE-2007-4994 1 Redhat 1 Certificate Server 2026-06-16 7.5 HIGH N/A
Certificate Server 7.2 in Red Hat Certificate System (RHCS) does not properly handle new revocations that occur while a Certificate Revocation List (CRL) is being generated, which might prevent certain revoked certificates from appearing on the CRL quickly and allow users with revoked certificates to bypass the intended CRL.
CVE-2007-4574 3 Amd, Intel, Redhat 3 Amd64, Ia64, Enterprise Linux 2026-06-16 4.7 MEDIUM N/A
Unspecified vulnerability in the "stack unwinder fixes" in kernel in Red Hat Enterprise Linux 5, when running on AMD64 and Intel 64, allows local users to cause a denial of service via unknown vectors.
CVE-2007-4570 1 Redhat 2 Enterprise Linux, Mcstrans 2026-06-16 1.9 LOW N/A
Algorithmic complexity vulnerability in the MCS translation daemon in mcstrans 0.2.3 allows local users to cause a denial of service (temporary daemon outage) via a large range of compartments in sensitivity labels.
CVE-2007-4137 6 Conectiva, Gentoo, Mandrakesoft and 3 more 8 Linux, Linux, Mandrake Linux and 5 more 2026-06-16 7.5 HIGH N/A
Off-by-one error in the QUtf8Decoder::toUnicode function in Trolltech Qt 3 allows context-dependent attackers to cause a denial of service (crash) via a crafted Unicode string that triggers a heap-based buffer overflow. NOTE: Qt 4 has the same error in the QUtf8Codec::convertToUnicode function, but it is not exploitable.
CVE-2007-4136 1 Redhat 1 Conga 2026-06-16 5.0 MEDIUM N/A
The ricci daemon in Red Hat Conga 0.10.0 allows remote attackers to cause a denial of service (loss of new connections) by repeatedly sending data or attempting connections.
CVE-2007-4134 1 Redhat 1 Fedora 2026-06-16 6.8 MEDIUM N/A
Directory traversal vulnerability in extract.c in star before 1.5a84 allows user-assisted remote attackers to overwrite arbitrary files via certain //.. (slash slash dot dot) sequences in directory symlinks in a TAR archive.
CVE-2007-4132 1 Redhat 1 Network Satelite Server 2026-06-16 6.5 MEDIUM N/A
Unspecified vulnerability in Red Hat Network Satellite Server 5.0.0 allows remote authenticated users to execute arbitrary code via unknown vectors in a "back-end XMLRPC handler."
CVE-2007-4131 3 Gnu, Redhat, Rpath 4 Tar, Enterprise Linux, Enterprise Linux Desktop and 1 more 2026-06-16 6.8 MEDIUM N/A
Directory traversal vulnerability in the contains_dot_dot function in src/names.c in GNU tar allows user-assisted remote attackers to overwrite arbitrary files via certain //.. (slash slash dot dot) sequences in directory symlinks in a TAR archive.
CVE-2007-4130 1 Redhat 2 Enterprise Linux, Enterprise Linux Desktop 2026-06-16 7.2 HIGH N/A
The Linux kernel 2.6.9 before 2.6.9-67 in Red Hat Enterprise Linux (RHEL) 4 on Itanium (ia64) does not properly handle page faults during NUMA memory access, which allows local users to cause a denial of service (panic) via invalid arguments to set_mempolicy in an MPOL_BIND operation.
CVE-2007-4129 2 Fedoraproject, Redhat 2 Coolkey, Enterprise Linux 2026-06-16 3.3 LOW N/A
CoolKey 1.1.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files in the /tmp/.pk11ipc1/ directory.
CVE-2007-3849 1 Redhat 1 Enterprise Linux 2026-06-16 1.9 LOW N/A
Red Hat Enterprise Linux (RHEL) 5 ships the rpm for the Advanced Intrusion Detection Environment (AIDE) before 0.13.1 with a database that lacks checksum information, which allows context-dependent attackers to bypass file integrity checks and modify certain files.
CVE-2007-3739 2 Apple, Redhat 2 Powerpc, Enterprise Linux 2026-06-16 4.7 MEDIUM N/A
mm/mmap.c in the hugetlb kernel, when run on PowerPC systems, does not prevent stack expansion from entering into reserved kernel page memory, which allows local users to cause a denial of service (OOPS) via unspecified vectors.
CVE-2007-3379 1 Redhat 2 Enterprise Linux, Linux 2026-06-16 2.1 LOW N/A
Unspecified vulnerability in the kernel in Red Hat Enterprise Linux (RHEL) 4 on the x86_64 platform allows local users to cause a denial of service (OOPS) via unspecified vectors related to the get_gate_vma function and the fuser command.