Enterprise Linux Eus Security Vulnerabilities and Issues — Page 16 of Enterprise Linux Eus CVE List

Lucene search

RedhatEnterprise Linux Eus

778 matches found

CVE•added 2013/02/27 12:55 a.m.•71 views

CVE-2013-0643

The Firefox sandbox in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6.602.171 on Windows and Mac OS X, and before 10.3.183.67 and 11.x before 11.2.202.273 on Linux, does not properly restrict privileges, which makes it easier for remote attackers to execute arbitrary code via crafted SW...

9.3CVSS7.6AI score0.36303EPSS

In wild

CVE•added 2015/02/06 11:59 a.m.•70 views

CVE-2015-1210

The V8ThrowException::createDOMException function in bindings/core/v8/V8ThrowException.cpp in the V8 bindings in Blink, as used in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android, does not properly consider frame access restrictions during the thro...

5CVSS6AI score0.00704EPSS

CVE•added 2012/10/10 5:55 p.m.•68 views

CVE-2012-4184

The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 does not prevent access to properties of a prototype for a standard class, which allows remote attack...

4.3CVSS9.1AI score0.01102EPSS

CVE•added 2012/10/29 6:55 p.m.•68 views

CVE-2012-4195

The nsLocation::CheckURL function in Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 does not properly determine the calling document and principal in its return value, which makes it easier ...

4.3CVSS8.2AI score0.00962EPSS

CVE•added 2012/10/29 6:55 p.m.•68 views

CVE-2012-4196

Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 allow remote attackers to bypass the Same Origin Policy and read the Location object via a prototype property-injection attack that defeats cer...

6.4CVSS8.8AI score0.00964EPSS

CVE•added 2012/11/11 1:0 p.m.•67 views

CVE-2012-4564

ppm2tiff does not check the return value of the TIFFScanlineSize function, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PPM image that triggers an integer overflow, a zero-memory allocation, and a heap-based buffer overflow.

6.8CVSS8.7AI score0.2646EPSS

CVE•added 2014/08/01 11:13 a.m.•67 views

CVE-2014-5045

The mountpoint_last function in fs/namei.c in the Linux kernel before 3.15.8 does not properly maintain a certain reference count during attempts to use the umount system call in conjunction with a symlink, which allows local users to cause a denial of service (memory consumption or use-after-free)...

6.2CVSS6.4AI score0.00029EPSS

CVE•added 2008/08/08 7:41 p.m.•66 views

CVE-2008-1945

QEMU 0.9.0 does not properly handle changes to removable media, which allows guest OS users to read arbitrary files on the host OS by using the diskformat: parameter in the -usbdevice option to modify the disk-image header to identify a different format, a related issue to CVE-2008-2004.

2.1CVSS7.3AI score0.00112EPSS

Web

CVE•added 2012/06/05 10:55 p.m.•66 views

CVE-2012-1798

The TIFFGetEXIFProperties function in coders/tiff.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted EXIF IFD in a TIFF image.

6.5CVSS6.7AI score0.01412EPSS

CVE•added 2012/10/12 10:44 a.m.•65 views

CVE-2012-4193

Mozilla Firefox before 16.0.1, Firefox ESR 10.x before 10.0.9, Thunderbird before 16.0.1, Thunderbird ESR 10.x before 10.0.9, and SeaMonkey before 2.13.1 omit a security check in the defaultValue function during the unwrapping of security wrappers, which allows remote attackers to bypass the Same O...

6.8CVSS9AI score0.01406EPSS

CVE•added 2010/01/27 5:30 p.m.•64 views

CVE-2009-4272

A certain Red Hat patch for net/ipv4/route.c in the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5 allows remote attackers to cause a denial of service (deadlock) via crafted packets that force collisions in the IPv4 routing hash table, and trigger a routing "emergency" in which a hash ch...

7.8CVSS6.9AI score0.0181EPSS

CVE•added 2022/09/29 3:15 a.m.•62 views

CVE-2014-0148

Qemu before 2.0 block driver for Hyper-V VHDX Images is vulnerable to infinite loops and other potential issues when calculating BAT entries, due to missing bounds checks for block_size and logical_sector_size variables. These are used to derive other fields like 'sectors_per_block' etc. A user abl...

5.5CVSS6.5AI score0.00061EPSS

CVE•added 2013/05/16 11:45 a.m.•61 views

CVE-2013-3332

Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.1860; and Adobe AIR SDK & Compiler before 3....

10CVSS7.7AI score0.03998EPSS

CVE•added 2006/10/05 4:4 a.m.•60 views

CVE-2006-5158

The nlmclnt_mark_reclaim in clntlock.c in NFS lockd in Linux kernel before 2.6.16 allows remote attackers to cause a denial of service (process crash) and deny access to NFS exports via unspecified vectors that trigger a kernel oops (null dereference) and a deadlock.

7.5CVSS7.1AI score0.03256EPSS

CVE•added 2013/05/21 6:55 p.m.•60 views

CVE-2012-6137

rhn-migrate-classic-to-rhsm tool in Red Hat subscription-manager does not verify the Red Hat Network Classic server's X.509 certificate when migrating to a Certificate-based Red Hat Network, which allows remote man-in-the-middle attackers to obtain sensitive information such as user credentials.

4.3CVSS7.1AI score0.0025EPSS

CVE•added 2013/05/16 11:45 a.m.•60 views

CVE-2013-2728

10CVSS7.7AI score0.03998EPSS

CVE•added 2013/05/16 11:45 a.m.•57 views

CVE-2013-3330

10CVSS7.7AI score0.03998EPSS

CVE•added 2013/05/16 11:45 a.m.•56 views

CVE-2013-3324

10CVSS7.7AI score0.03998EPSS

CVE•added 2013/05/16 11:45 a.m.•56 views

CVE-2013-3327

10CVSS7.7AI score0.03998EPSS

CVE•added 2013/05/16 11:45 a.m.•55 views

CVE-2013-3326

10CVSS7.7AI score0.03998EPSS

CVE•added 2013/05/16 11:45 a.m.•55 views

CVE-2013-3333

10CVSS7.7AI score0.03998EPSS

CVE•added 2013/05/16 11:45 a.m.•52 views

CVE-2013-3329

10CVSS7.7AI score0.03998EPSS

CVE•added 2013/05/16 11:45 a.m.•51 views

CVE-2013-3335

10CVSS7.7AI score0.03998EPSS

CVE•added 2013/05/16 11:45 a.m.•50 views

CVE-2013-3325

10CVSS7.7AI score0.03998EPSS

CVE•added 2013/05/16 11:45 a.m.•50 views

CVE-2013-3328

10CVSS7.7AI score0.03998EPSS

CVE•added 2013/05/16 11:45 a.m.•48 views

CVE-2013-3331

10CVSS7.7AI score0.03998EPSS

CVE•added 2013/05/16 11:45 a.m.•46 views

CVE-2013-3334

10CVSS7.7AI score0.03998EPSS

CVE•added 2025/02/27 4:15 p.m.•42 views

CVE-2025-1756

mongosh may be susceptible to local privilege escalation under certain conditions potentially enabling unauthorized actions on a user's system with elevated privilege, when a crafted file is stored in C:\node_modules. This issue affects mongosh prior to 2.3.0

7.8CVSS7.5AI score0.00019EPSS

Total number of security vulnerabilities778