Lucene search

K
RedhatEnterprise Linux Eus

778 matches found

CVE
CVE
added 2014/01/15 4:8 p.m.120 views

CVE-2014-0401

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors.

4CVSS7.8AI score0.00501EPSS
CVE
CVE
added 2014/02/06 5:44 a.m.120 views

CVE-2014-1486

Use-after-free vulnerability in the imgRequestProxy function in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving unspecified Content-Type values for image data.

10CVSS8.8AI score0.10821EPSS
CVE
CVE
added 2014/07/03 4:22 a.m.120 views

CVE-2014-4656

Multiple integer overflows in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 allow local users to cause a denial of service by leveraging /dev/snd/controlCX access, related to (1) index values in the snd_ctl_add function and (2) numid values in the snd_ctl...

4.6CVSS5.6AI score0.00075EPSS
Web
CVE
CVE
added 2015/04/16 4:59 p.m.120 views

CVE-2015-0505

Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via vectors related to DDL.

3.5CVSS4.8AI score0.00468EPSS
CVE
CVE
added 2013/02/19 11:55 p.m.119 views

CVE-2013-0776

Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allow man-in-the-middle attackers to spoof the address bar by operating a proxy server that provides a 407 HTTP status code accompanied by web script...

4CVSS9.1AI score0.00653EPSS
CVE
CVE
added 2013/04/03 11:56 a.m.119 views

CVE-2013-0791

The CERT_DecodeCertPackage function in Mozilla Network Security Services (NSS), as used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to cause a denial...

5CVSS5.5AI score0.00584EPSS
CVE
CVE
added 2014/04/16 12:55 a.m.119 views

CVE-2014-0384

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to XML.

4CVSS3.8AI score0.01029EPSS
CVE
CVE
added 2014/04/30 10:49 a.m.119 views

CVE-2014-1523

Heap-based buffer overflow in the read_u32 function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG image.

6.5CVSS7.5AI score0.0054EPSS
CVE
CVE
added 2014/04/30 10:49 a.m.119 views

CVE-2014-1531

Use-after-free vulnerability in the nsGenericHTMLElement::GetWidthHeightForImage function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corr...

9.3CVSS8.3AI score0.05086EPSS
CVE
CVE
added 2015/06/15 3:59 p.m.119 views

CVE-2015-3209

Heap-based buffer overflow in the PCNET controller in QEMU allows remote attackers to execute arbitrary code by sending a packet with TXSTATUS_STARTPACKET set and then a crafted packet with TXSTATUS_DEVICEOWNS set.

7.5CVSS6.5AI score0.04545EPSS
CVE
CVE
added 2023/07/24 4:15 p.m.119 views

CVE-2023-38200

A flaw was found in Keylime. Due to their blocking nature, the Keylime registrar is subject to a remote denial of service against its SSL connections. This flaw allows an attacker to exhaust all available connections.

7.5CVSS7.1AI score0.0021EPSS
CVE
CVE
added 2013/03/01 12:37 p.m.118 views

CVE-2011-1182

kernel/signal.c in the Linux kernel before 2.6.39 allows local users to spoof the uid and pid of a signal sender via a sigqueueinfo system call.

3.6CVSS6.8AI score0.00059EPSS
CVE
CVE
added 2012/10/17 12:55 a.m.118 views

CVE-2012-3177

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server.

6.8CVSS4.2AI score0.00982EPSS
CVE
CVE
added 2015/10/21 11:59 p.m.118 views

CVE-2015-4879

Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier, and 5.6.25 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to DML.

4.6CVSS5AI score0.00704EPSS
CVE
CVE
added 2017/01/13 4:59 p.m.118 views

CVE-2016-9811

The windows_icon_typefind function in gst-plugins-base in GStreamer before 1.10.2, when G_SLICE is set to always-malloc, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted ico file.

4.7CVSS4.8AI score0.00485EPSS
CVE
CVE
added 2013/12/11 3:55 p.m.117 views

CVE-2013-5612

Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 makes it easier for remote attackers to inject arbitrary web script or HTML by leveraging a Same Origin Policy violation triggered by lack of a charset parameter in a Content-Type HTTP header.

4.3CVSS7.7AI score0.00739EPSS
CVE
CVE
added 2014/04/16 2:55 a.m.117 views

CVE-2014-2440

Unspecified vulnerability in the MySQL Client component in Oracle MySQL 5.5.36 and earlier and 5.6.16 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

5.1CVSS4.3AI score0.00819EPSS
CVE
CVE
added 2015/10/21 9:59 p.m.117 views

CVE-2015-4816

Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.

4CVSS4.8AI score0.00555EPSS
CVE
CVE
added 2013/01/17 1:55 a.m.116 views

CVE-2013-0375

Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.1.28 and earlier, allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Server Replication.

5.5CVSS3.9AI score0.0035EPSS
CVE
CVE
added 2014/04/30 10:49 a.m.116 views

CVE-2014-1530

The docshell implementation in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to trigger the loading of a URL with a spoofed baseURI property, and conduct cross-site scripting (XSS) attacks, via a crafted web sit...

6.1CVSS6.9AI score0.00865EPSS
CVE
CVE
added 2014/05/11 9:55 p.m.116 views

CVE-2014-1738

The raw_cmd_copyout function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly restrict access to certain pointers during processing of an FDRAWCMD ioctl call, which allows local users to obtain sensitive information from kernel heap memory by leveraging write access to...

2.1CVSS5.9AI score0.0003EPSS
CVE
CVE
added 2015/07/16 11:0 a.m.116 views

CVE-2015-2643

Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.

4CVSS4.6AI score0.00439EPSS
CVE
CVE
added 2016/02/13 2:59 a.m.116 views

CVE-2015-8629

The xdr_nullstring function in lib/kadm5/kadm_rpc_xdr.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13.4 and 1.14.x before 1.14.1 does not verify whether '\0' characters exist as expected, which allows remote authenticated users to obtain sensitive information or cause a denial of service (out...

5.3CVSS5.5AI score0.00681EPSS
CVE
CVE
added 2012/08/29 10:56 a.m.115 views

CVE-2012-3959

Use-after-free vulnerability in the nsRangeUpdater::SelAdjDeleteNode function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of...

10CVSS9.5AI score0.0352EPSS
CVE
CVE
added 2012/10/10 5:55 p.m.115 views

CVE-2012-3991

Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly restrict JSAPI access to the GetProperty function, which allows remote attackers to bypass the Same Origin Policy and possibly have uns...

9.3CVSS9.4AI score0.01916EPSS
CVE
CVE
added 2012/10/10 5:55 p.m.115 views

CVE-2012-4188

Heap-based buffer overflow in the Convolve3x3 function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code via unspecified vectors.

9.3CVSS9.6AI score0.55611EPSS
CVE
CVE
added 2012/11/21 12:55 p.m.115 views

CVE-2012-4207

The HZ-GB-2312 character-set implementation in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 does not properly handle a ~ (tilde) character in proximity to a chunk delimiter, which allows remote ...

4.3CVSS7.8AI score0.01708EPSS
CVE
CVE
added 2014/02/28 6:18 a.m.115 views

CVE-2014-0069

The cifs_iovec_write function in fs/cifs/file.c in the Linux kernel through 3.13.5 does not properly handle uncached write operations that copy fewer than the requested number of bytes, which allows local users to obtain sensitive information from kernel memory, cause a denial of service (memory co...

7.2CVSS6.5AI score0.00049EPSS
CVE
CVE
added 2014/02/06 5:44 a.m.115 views

CVE-2014-1479

The System Only Wrapper (SOW) implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent certain cloning operations, which allows remote attackers to bypass intended restrictions on XUL content via vectors involvi...

7.5CVSS8.3AI score0.01468EPSS
CVE
CVE
added 2025/04/03 2:15 p.m.115 views

CVE-2025-3155

A flaw was found in Yelp. The Gnome user help application allows the help document to execute arbitrary scripts. This vulnerability allows malicious users to input help documents, which may exfiltrate user files to an external environment.

7.4CVSS7.5AI score0.00084EPSS
CVE
CVE
added 2011/02/18 8:0 p.m.114 views

CVE-2010-4649

Integer overflow in the ib_uverbs_poll_cq function in drivers/infiniband/core/uverbs_cmd.c in the Linux kernel before 2.6.37 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large value of a certain structure member.

6.9CVSS6.6AI score0.00069EPSS
CVE
CVE
added 2014/04/30 10:49 a.m.114 views

CVE-2014-1529

The Web Notification API in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to bypass intended source-component restrictions and execute arbitrary JavaScript code in a privileged context via a crafted web page for...

9.3CVSS7.9AI score0.00906EPSS
CVE
CVE
added 2015/01/21 3:28 p.m.114 views

CVE-2014-6568

Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier, and 5.6.21 and earlier, allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DML.

3.5CVSS6.1AI score0.00478EPSS
CVE
CVE
added 2015/01/21 6:59 p.m.114 views

CVE-2015-0391

Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect availability via vectors related to DDL.

4CVSS6.1AI score0.00353EPSS
CVE
CVE
added 2016/01/12 7:59 p.m.114 views

CVE-2015-1779

The VNC websocket frame decoder in QEMU allows remote attackers to cause a denial of service (memory and CPU consumption) via a large (1) websocket payload or (2) HTTP headers section.

8.6CVSS7.9AI score0.05081EPSS
CVE
CVE
added 2015/08/12 2:59 p.m.114 views

CVE-2015-5165

The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors.

9.3CVSS6.5AI score0.10855EPSS
CVE
CVE
added 2019/03/21 6:29 p.m.114 views

CVE-2019-9903

PDFDoc::markObject in PDFDoc.cc in Poppler 0.74.0 mishandles dict marking, leading to stack consumption in the function Dict::find() located at Dict.cc, which can (for example) be triggered by passing a crafted pdf file to the pdfunite binary.

6.5CVSS6.3AI score0.00508EPSS
CVE
CVE
added 2025/04/03 3:15 a.m.114 views

CVE-2025-2784

A flaw was found in libsoup. The package is vulnerable to a heap buffer over-read when sniffing content via the skip_insight_whitespace() function. Libsoup clients may read one byte out-of-bounds in response to a crafted HTTP response by an HTTP server.

7CVSS7AI score0.0117EPSS
CVE
CVE
added 2012/10/10 5:55 p.m.113 views

CVE-2012-4185

Buffer overflow in the nsCharTraits::length function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory cor...

9.3CVSS9.6AI score0.05225EPSS
CVE
CVE
added 2012/11/21 12:55 p.m.113 views

CVE-2012-4214

Use-after-free vulnerability in the nsTextEditorState::PrepareEditor function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial ...

9.3CVSS9.1AI score0.04317EPSS
CVE
CVE
added 2012/11/21 12:55 p.m.113 views

CVE-2012-5842

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allow remote attackers to cause a denial of service (memory corruption and application ...

9.3CVSS9.4AI score0.0178EPSS
CVE
CVE
added 2014/04/16 2:55 a.m.113 views

CVE-2014-2431

Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote attackers to affect availability via unknown vectors related to Options.

2.6CVSS4.2AI score0.01132EPSS
CVE
CVE
added 2015/12/07 8:59 p.m.113 views

CVE-2015-3276

The nss_parse_ciphers function in libraries/libldap/tls_m.c in OpenLDAP does not properly parse OpenSSL-style multi-keyword mode cipher strings, which might cause a weaker than intended cipher to be used and allow remote attackers to have unspecified impact via unknown vectors.

7.5CVSS7.5AI score0.01805EPSS
CVE
CVE
added 2016/04/21 10:59 a.m.113 views

CVE-2016-0651

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier allows local users to affect availability via vectors related to Optimizer.

5.5CVSS4.6AI score0.00273EPSS
CVE
CVE
added 2012/10/10 5:55 p.m.112 views

CVE-2012-3982

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allow remote attackers to cause a denial of service (memory corruption and application cr...

9.3CVSS9.8AI score0.01275EPSS
CVE
CVE
added 2012/10/10 5:55 p.m.112 views

CVE-2012-3986

Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly restrict calls to DOMWindowUtils (aka nsDOMWindowUtils) methods, which allows remote attackers to bypass intended access restrictions v...

4.3CVSS9AI score0.01538EPSS
CVE
CVE
added 2014/04/16 2:55 a.m.112 views

CVE-2014-2436

Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to RBR.

6.5CVSS3.9AI score0.00825EPSS
CVE
CVE
added 2015/01/21 6:59 p.m.112 views

CVE-2015-0382

Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication, a different vulnerability than CVE-2015-0381.

4.3CVSS6.6AI score0.0563EPSS
CVE
CVE
added 2012/07/17 10:55 p.m.111 views

CVE-2012-0540

Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier and 5.5.23 and earlier allows remote authenticated users to affect availability, related to GIS Extension.

4CVSS4.5AI score0.00555EPSS
CVE
CVE
added 2013/12/11 3:55 p.m.111 views

CVE-2013-5618

Use-after-free vulnerability in the nsNodeUtils::LastRelease function in the table-editing user interface in the editor component in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code by tri...

10CVSS9.6AI score0.10378EPSS
Total number of security vulnerabilities778