This is the 180 day notification for the End of Production Phase 2 of
Red Hat Enterprise Virtualization 3.x.
Category Archives: Security
Security
CVE-2017-7453
The iwgif_record_pixel function in imagew-gif.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
CVE-2017-7454
The iwgif_record_pixel function in imagew-gif.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file.
CVE-2017-7452
The iwbmp_read_info_header function in imagew-bmp.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
Vuln: Django 'django.contrib.auth.views.login()' Function Open Redirection Vulnerability
Django ‘django.contrib.auth.views.login()’ Function Open Redirection Vulnerability
Vuln: Django 'django.views.static.serve()' Function Open Redirection Vulnerability
Django ‘django.views.static.serve()’ Function Open Redirection Vulnerability
Vuln: Linux kernel CVE-2017-7308 Local Denial of Service Vulnerability
Linux kernel CVE-2017-7308 Local Denial of Service Vulnerability
CVE-2017-7450
AIRTAME HDMI dongle with firmware before 2.2.0 allows unauthenticated access to a big part of the management interface. It is possible to extract all information including the Wi-Fi password, reboot, or force a software update at an arbitrary time.
CVE-2017-7448
The allocate_channel_framebuffer function in uncompressed_components.hh in Dropbox Lepton 1.2.1 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a malformed JPEG image.
CVE-2017-7447
HelpDEZk 1.1.1 has CSRF in admin/home#/logos/ with an impact of remote execution of arbitrary PHP code.