Lucene search

K
OracleLinux

226 matches found

CVE
CVE
added 2016/01/14 10:59 p.m.3167 views

CVE-2016-0777

The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.

6.5CVSS6.4AI score0.66391EPSS
CVE
CVE
added 2014/09/24 6:48 p.m.2764 views

CVE-2014-6271

GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cg...

10CVSS9.9AI score0.9422EPSS
In wildWeb
CVE
CVE
added 2016/01/14 10:59 p.m.1927 views

CVE-2016-0778

The (1) roaming_read and (2) roaming_write functions in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2, when certain proxy and forward options are enabled, do not properly maintain connection file descriptors, which allows remote servers to cause a denial of service (heap-...

8.1CVSS7.3AI score0.03251EPSS
CVE
CVE
added 2017/04/11 6:59 p.m.1824 views

CVE-2016-1908

The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on...

9.8CVSS9AI score0.04666EPSS
CVE
CVE
added 2016/07/19 2:0 a.m.1421 views

CVE-2016-5387

The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary ...

8.1CVSS8AI score0.72423EPSS
CVE
CVE
added 2014/09/25 1:55 a.m.1269 views

CVE-2014-7169

GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the F...

10CVSS8.4AI score0.9422EPSS
In wildWeb
CVE
CVE
added 2014/06/07 2:55 p.m.1084 views

CVE-2014-3153

The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEX_REQUEUE command that facilitates unsafe waiter modification.

7.8CVSS6.5AI score0.80511EPSS
In wild
CVE
CVE
added 2016/05/05 6:59 p.m.1066 views

CVE-2016-3715

The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image.

5.8CVSS6.3AI score0.86045EPSS
In wild
CVE
CVE
added 2016/05/05 6:59 p.m.1062 views

CVE-2016-3718

The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image.

5.5CVSS6.7AI score0.87335EPSS
In wild
CVE
CVE
added 2014/04/15 10:55 a.m.842 views

CVE-2013-5704

The mod_headers module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass "RequestHeader unset" directives by placing a header in the trailer portion of data sent with chunked transfer coding. NOTE: the vendor states "this is not a security issue in httpd as such."

5CVSS5.7AI score0.8313EPSS
CVE
CVE
added 2016/04/21 11:0 a.m.703 views

CVE-2016-3427

Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.

10CVSS6.8AI score0.93626EPSS
In wild
CVE
CVE
added 2014/05/07 10:55 a.m.559 views

CVE-2014-0196

The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition in...

6.9CVSS6.3AI score0.61195EPSS
In wild
CVE
CVE
added 2015/01/28 7:59 p.m.528 views

CVE-2015-0235

Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST."

10CVSS7.7AI score0.85843EPSS
In wild
CVE
CVE
added 2016/05/16 10:59 a.m.517 views

CVE-2015-4643

Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 allows remote FTP servers to execute arbitrary code via a long reply to a LIST command, leading to a heap-based buffer overflow. NOTE: this vulnerability exists because o...

9.8CVSS8.9AI score0.07873EPSS
CVE
CVE
added 2016/09/28 10:59 a.m.466 views

CVE-2016-2776

buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query.

7.8CVSS6.4AI score0.90734EPSS
Web
CVE
CVE
added 2015/12/16 3:59 p.m.436 views

CVE-2015-8000

db.c in named in ISC BIND 9.x before 9.9.8-P2 and 9.10.x before 9.10.3-P2 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a malformed class attribute.

5CVSS6.7AI score0.54087EPSS
CVE
CVE
added 2014/10/10 10:55 a.m.418 views

CVE-2014-3581

The cache_merge_headers_out function in modules/cache/cache_util.c in the mod_cache module in the Apache HTTP Server before 2.4.11 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty HTTP Content-Type header.

5CVSS6.2AI score0.02942EPSS
CVE
CVE
added 2014/01/02 2:59 p.m.378 views

CVE-2013-5211

The monlist feature in ntp_request.c in ntpd in NTP before 4.2.7p26 allows remote attackers to cause a denial of service (traffic amplification) via forged (1) REQ_MON_GETLIST or (2) REQ_MON_GETLIST_1 requests, as exploited in the wild in December 2013.

5CVSS5.7AI score0.9173EPSS
Web
CVE
CVE
added 2016/07/19 2:0 a.m.332 views

CVE-2016-5385

PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traf...

8.1CVSS8AI score0.81569EPSS
CVE
CVE
added 2016/06/20 1:59 a.m.309 views

CVE-2016-2177

OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-buffer boundary checks, which might allow remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact by leveraging unexpected malloc behavior, related to s3_srvr...

9.8CVSS8.3AI score0.47947EPSS
CVE
CVE
added 2016/09/16 5:59 a.m.291 views

CVE-2016-2182

The BN_bn2dec function in crypto/bn/bn_print.c in OpenSSL before 1.1.0 does not properly validate division results, which allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via unknown vectors.

9.8CVSS9.1AI score0.50854EPSS
CVE
CVE
added 2016/07/03 9:59 p.m.288 views

CVE-2016-4997

The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel before 4.6.3 allow local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-container root access to provide a crafted offset value...

7.8CVSS7.5AI score0.05222EPSS
CVE
CVE
added 2024/12/24 7:15 p.m.279 views

CVE-2022-21505

In the linux kernel, if IMA appraisal is used with the "ima_appraise=log" boot param, lockdown can be defeated with kexec on any machine when Secure Boot is disabled or unavailable. IMA prevents setting "ima_appraise=log" from the boot param when Secure Boot is enabled, but this does not cover case...

6.7CVSS7AI score0.00041EPSS
CVE
CVE
added 2014/07/09 11:7 a.m.266 views

CVE-2014-3479

The cdf_check_stream_offset function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, relies on incorrect sector-size data, which allows remote attackers to cause a denial of service (application crash) via a crafted stream offset in a CD...

4.3CVSS8.9AI score0.12043EPSS
CVE
CVE
added 2016/07/19 2:0 a.m.260 views

CVE-2016-5388

Apache Tomcat 7.x through 7.0.70 and 8.x through 8.5.4, when the CGI Servlet is enabled, follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an a...

8.1CVSS6.8AI score0.32584EPSS
CVE
CVE
added 2022/06/09 9:15 p.m.256 views

CVE-2022-21499

KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown. An attacker with access to a serial port could trigger the debugger so it is important that the debugger respect the lockdown mode when/if it is triggered. CVSS 3.1 Base Score 6.7 (Confidential...

6.7CVSS7AI score0.00144EPSS
CVE
CVE
added 2015/06/09 6:59 p.m.254 views

CVE-2015-3329

Multiple stack-based buffer overflows in the phar_set_inode function in phar_internal.h in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allow remote attackers to execute arbitrary code via a crafted length value in a (1) tar, (2) phar, or (3) ZIP archive.

7.5CVSS8AI score0.2496EPSS
CVE
CVE
added 2014/07/09 11:7 a.m.253 views

CVE-2014-0207

The cdf_read_short_sector function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted CDF file.

4.3CVSS8.9AI score0.1675EPSS
CVE
CVE
added 2014/07/09 11:7 a.m.251 views

CVE-2014-3480

The cdf_count_chain function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, does not properly validate sector-count data, which allows remote attackers to cause a denial of service (application crash) via a crafted CDF file.

4.3CVSS8.9AI score0.05953EPSS
CVE
CVE
added 2016/08/06 8:59 p.m.251 views

CVE-2016-6197

fs/overlayfs/dir.c in the OverlayFS filesystem implementation in the Linux kernel before 4.6 does not properly verify the upper dentry before proceeding with unlink and rename system-call processing, which allows local users to cause a denial of service (system crash) via a rename system call that ...

5.5CVSS5.4AI score0.00036EPSS
CVE
CVE
added 2014/07/09 11:7 a.m.241 views

CVE-2014-3487

The cdf_read_property_info function in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, does not properly validate a stream offset, which allows remote attackers to cause a denial of service (application crash) via a crafted CDF file.

4.3CVSS8.8AI score0.15213EPSS
CVE
CVE
added 2015/06/09 6:59 p.m.235 views

CVE-2015-4024

Algorithmic complexity vulnerability in the multipart_buffer_headers function in main/rfc1867.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote attackers to cause a denial of service (CPU consumption) via crafted form data that triggers an improper order-of-growth ou...

5CVSS7.3AI score0.6629EPSS
CVE
CVE
added 2016/03/13 6:59 p.m.226 views

CVE-2016-1950

Heap-based buffer overflow in Mozilla Network Security Services (NSS) before 3.19.2.3 and 3.20.x and 3.21.x before 3.21.1, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to execute arbitrary code via crafted ASN.1 data in an X.509 certificate.

8.8CVSS7.9AI score0.01752EPSS
CVE
CVE
added 2014/11/10 11:55 a.m.219 views

CVE-2014-8559

The d_walk function in fs/dcache.c in the Linux kernel through 3.17.2 does not properly maintain the semantics of rename_lock, which allows local users to cause a denial of service (deadlock and system hang) via a crafted application.

5.5CVSS5.2AI score0.00055EPSS
CVE
CVE
added 2015/06/09 6:59 p.m.208 views

CVE-2015-3330

The php_handler function in sapi/apache2handler/sapi_apache2.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, when the Apache HTTP Server 2.4.x is used, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via pipelined HTTP...

6.8CVSS8.1AI score0.24174EPSS
CVE
CVE
added 2015/10/06 1:59 a.m.204 views

CVE-2014-9751

The read_network_packet function in ntp_io.c in ntpd in NTP 4.x before 4.2.8p1 on Linux and OS X does not properly determine whether a source IP address is an IPv6 loopback address, which makes it easier for remote attackers to spoof restricted packets, and read or write to the runtime state, by le...

6.8CVSS7.2AI score0.09651EPSS
CVE
CVE
added 2016/09/16 5:59 a.m.204 views

CVE-2016-2181

The Anti-Replay feature in the DTLS implementation in OpenSSL before 1.1.0 mishandles early use of a new epoch number in conjunction with a large sequence number, which allows remote attackers to cause a denial of service (false-positive packet drops) via spoofed DTLS records, related to rec_layer_...

7.5CVSS8.3AI score0.18201EPSS
CVE
CVE
added 2015/08/14 6:59 p.m.201 views

CVE-2015-1819

The xmlreader in libxml allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack.

5CVSS6.5AI score0.02464EPSS
CVE
CVE
added 2015/11/13 3:59 a.m.198 views

CVE-2015-8126

Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow remote attackers to cause a denial of service (application crash) or possibly ha...

7.5CVSS7.9AI score0.04755EPSS
CVE
CVE
added 2016/09/16 5:59 a.m.198 views

CVE-2016-6302

The tls_decrypt_ticket function in ssl/t1_lib.c in OpenSSL before 1.1.0 does not consider the HMAC size during validation of the ticket length, which allows remote attackers to cause a denial of service via a ticket that is too short.

7.5CVSS7.3AI score0.1426EPSS
CVE
CVE
added 2016/06/20 1:59 a.m.196 views

CVE-2016-2178

The dsa_sign_setup function in crypto/dsa/dsa_ossl.c in OpenSSL through 1.0.2h does not properly ensure the use of constant-time operations, which makes it easier for local users to discover a DSA private key via a timing side-channel attack.

5.5CVSS7.2AI score0.00253EPSS
CVE
CVE
added 2016/05/23 10:59 a.m.195 views

CVE-2016-4913

The get_rock_ridge_filename function in fs/isofs/rock.c in the Linux kernel before 4.5.5 mishandles NM (aka alternate name) entries containing \0 characters, which allows local users to obtain sensitive information from kernel memory or possibly have unspecified other impact via a crafted isofs fil...

7.8CVSS7.4AI score0.00099EPSS
CVE
CVE
added 2016/08/01 2:59 a.m.192 views

CVE-2016-2180

The TS_OBJ_print_bio function in crypto/ts/ts_lib.c in the X.509 Public Key Infrastructure Time-Stamp Protocol (TSP) implementation in OpenSSL through 1.0.2h allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted time-stamp file that is mishand...

7.5CVSS8.1AI score0.04377EPSS
CVE
CVE
added 2016/06/09 4:59 p.m.192 views

CVE-2016-4448

Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in unknown vectors.

10CVSS9.5AI score0.01612EPSS
CVE
CVE
added 2025/05/30 2:15 p.m.191 views

CVE-2025-4598

A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original ...

4.7CVSS6.5AI score0.00037EPSS
CVE
CVE
added 2015/12/06 8:59 p.m.188 views

CVE-2015-3195

The ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q, and 1.0.2 before 1.0.2e mishandles errors caused by malformed X509_ATTRIBUTE data, which allows remote attackers to obtain sensitive information from process memory by...

5.3CVSS6.3AI score0.02938EPSS
CVE
CVE
added 2016/09/16 5:59 a.m.188 views

CVE-2016-2179

The DTLS implementation in OpenSSL before 1.1.0 does not properly restrict the lifetime of queue entries associated with unused out-of-order messages, which allows remote attackers to cause a denial of service (memory consumption) by maintaining many crafted DTLS sessions simultaneously, related to...

7.5CVSS8.2AI score0.18403EPSS
CVE
CVE
added 2016/04/25 2:59 p.m.187 views

CVE-2016-4054

Buffer overflow in Squid 3.x before 3.5.17 and 4.x before 4.0.9 allows remote attackers to execute arbitrary code via crafted Edge Side Includes (ESI) responses.

8.1CVSS8.7AI score0.54902EPSS
CVE
CVE
added 2015/03/30 10:59 a.m.184 views

CVE-2015-1351

Use-after-free vulnerability in the _zend_shared_memdup function in zend_shared_alloc.c in the OPcache extension in PHP through 5.6.7 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

7.5CVSS7.7AI score0.07239EPSS
CVE
CVE
added 2016/07/21 10:14 a.m.184 views

CVE-2016-3598

Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Libraries, a different vulnerability than CVE-2016-3610.

9.6CVSS7.8AI score0.10142EPSS
Total number of security vulnerabilities226