Enterprise Linux Eus Security Vulnerabilities and Issues — Page 16 of Enterprise Linux Eus CVE List

Lucene search

RedhatEnterprise Linux Eus

778 matches found

CVE•added 2012/06/05 10:55 p.m.•63 views

CVE-2012-1798

The TIFFGetEXIFProperties function in coders/tiff.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted EXIF IFD in a TIFF image.

6.5CVSS6.7AI score0.01412EPSS

CVE•added 2014/08/01 11:13 a.m.•63 views

CVE-2014-5045

The mountpoint_last function in fs/namei.c in the Linux kernel before 3.15.8 does not properly maintain a certain reference count during attempts to use the umount system call in conjunction with a symlink, which allows local users to cause a denial of service (memory consumption or use-after-free)...

6.2CVSS6.4AI score0.00029EPSS

CVE•added 2012/06/05 11:55 p.m.•62 views

CVE-2012-1938

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 13.0, Thunderbird before 13.0, and SeaMonkey before 2.10 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) m...

9.3CVSS9.9AI score0.01248EPSS

CVE•added 2012/08/29 10:56 a.m.•62 views

CVE-2012-3967

The WebGL implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 on Linux, when a large number of sampler uniforms are used, does not properly interact with Mesa drivers, which allows remo...

9.3CVSS9.3AI score0.00593EPSS

CVE•added 2012/10/12 10:44 a.m.•62 views

CVE-2012-4193

Mozilla Firefox before 16.0.1, Firefox ESR 10.x before 10.0.9, Thunderbird before 16.0.1, Thunderbird ESR 10.x before 10.0.9, and SeaMonkey before 2.13.1 omit a security check in the defaultValue function during the unwrapping of security wrappers, which allows remote attackers to bypass the Same O...

6.8CVSS9AI score0.01406EPSS

CVE•added 2012/11/21 12:55 p.m.•62 views

CVE-2012-4202

Heap-based buffer overflow in the image::RasterImage::DrawFrameTo function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code via a crafted GIF ima...

9.3CVSS9AI score0.06753EPSS

CVE•added 2008/08/08 7:41 p.m.•61 views

CVE-2008-1945

QEMU 0.9.0 does not properly handle changes to removable media, which allows guest OS users to read arbitrary files on the host OS by using the diskformat: parameter in the -usbdevice option to modify the disk-image header to identify a different format, a related issue to CVE-2008-2004.

2.1CVSS7.3AI score0.00112EPSS

CVE•added 2010/01/27 5:30 p.m.•59 views

CVE-2009-4272

A certain Red Hat patch for net/ipv4/route.c in the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5 allows remote attackers to cause a denial of service (deadlock) via crafted packets that force collisions in the IPv4 routing hash table, and trigger a routing "emergency" in which a hash ch...

7.8CVSS6.9AI score0.0181EPSS

CVE•added 2022/09/29 3:15 a.m.•59 views

CVE-2014-0148

Qemu before 2.0 block driver for Hyper-V VHDX Images is vulnerable to infinite loops and other potential issues when calculating BAT entries, due to missing bounds checks for block_size and logical_sector_size variables. These are used to derive other fields like 'sectors_per_block' etc. A user abl...

5.5CVSS6.5AI score0.00061EPSS

CVE•added 2012/08/29 10:56 a.m.•58 views

CVE-2012-3976

Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, and SeaMonkey before 2.12 do not properly handle onLocationChange events during navigation between different https sites, which allows remote attackers to spoof the X.509 certificate information in the address bar via a crafted web page.

4.3CVSS8.6AI score0.00776EPSS

CVE•added 2013/05/16 11:45 a.m.•58 views

CVE-2013-2728

Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.1860; and Adobe AIR SDK & Compiler before 3....

10CVSS7.7AI score0.03998EPSS

CVE•added 2013/05/16 11:45 a.m.•58 views

CVE-2013-3332

10CVSS7.7AI score0.03998EPSS

CVE•added 2006/10/05 4:4 a.m.•57 views

CVE-2006-5158

The nlmclnt_mark_reclaim in clntlock.c in NFS lockd in Linux kernel before 2.6.16 allows remote attackers to cause a denial of service (process crash) and deny access to NFS exports via unspecified vectors that trigger a kernel oops (null dereference) and a deadlock.

7.5CVSS7.1AI score0.03256EPSS

CVE•added 2013/05/21 6:55 p.m.•57 views

CVE-2012-6137

rhn-migrate-classic-to-rhsm tool in Red Hat subscription-manager does not verify the Red Hat Network Classic server's X.509 certificate when migrating to a Certificate-based Red Hat Network, which allows remote man-in-the-middle attackers to obtain sensitive information such as user credentials.

4.3CVSS7.1AI score0.0025EPSS

CVE•added 2012/11/21 12:55 p.m.•55 views

CVE-2012-4209

Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 do not prevent use of a "top" frame name-attribute value to access the location property, which makes it easier for remote attackers to conduct cross...

4.3CVSS7.8AI score0.02065EPSS

CVE•added 2012/11/21 12:55 p.m.•54 views

CVE-2012-5830

Use-after-free vulnerability in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 on Mac OS X allows remote attackers to execute arbitrary code via an HTML document.

8.8CVSS8.9AI score0.01446EPSS

CVE•added 2013/05/16 11:45 a.m.•54 views

CVE-2013-3327

10CVSS7.7AI score0.03998EPSS

CVE•added 2013/05/16 11:45 a.m.•54 views

CVE-2013-3330

10CVSS7.7AI score0.03998EPSS

CVE•added 2013/05/16 11:45 a.m.•53 views

CVE-2013-3324

10CVSS7.7AI score0.03998EPSS

CVE•added 2013/05/16 11:45 a.m.•53 views

CVE-2013-3326

10CVSS7.7AI score0.03998EPSS

CVE•added 2013/05/16 11:45 a.m.•53 views

CVE-2013-3333

10CVSS7.7AI score0.03998EPSS

CVE•added 2013/05/16 11:45 a.m.•50 views

CVE-2013-3329

10CVSS7.7AI score0.03998EPSS

CVE•added 2013/05/16 11:45 a.m.•49 views

CVE-2013-3335

10CVSS7.7AI score0.03998EPSS

CVE•added 2013/05/16 11:45 a.m.•48 views

CVE-2013-3325

10CVSS7.7AI score0.03998EPSS

CVE•added 2013/05/16 11:45 a.m.•48 views

CVE-2013-3328

10CVSS7.7AI score0.03998EPSS

CVE•added 2013/05/16 11:45 a.m.•46 views

CVE-2013-3331

10CVSS7.7AI score0.03998EPSS

CVE•added 2013/05/16 11:45 a.m.•44 views

CVE-2013-3334

10CVSS7.7AI score0.03998EPSS

CVE•added 2025/02/27 4:15 p.m.•41 views

CVE-2025-1756

mongosh may be susceptible to local privilege escalation under certain conditions potentially enabling unauthorized actions on a user's system with elevated privilege, when a crafted file is stored in C:\node_modules. This issue affects mongosh prior to 2.3.0

7.8CVSS7.5AI score0.00025EPSS

Total number of security vulnerabilities778