Lucene search

K
RedhatEnterprise Linux Server Aus

1054 matches found

CVE
CVE
added 2017/01/27 10:59 p.m.219 views

CVE-2017-3318

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Error Handling). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastruc...

4CVSS4.1AI score0.00036EPSS
CVE
CVE
added 2018/08/17 12:29 p.m.219 views

CVE-2018-10873

A vulnerability was discovered in SPICE before version 0.14.1 where the generated code used for demarshalling messages lacked sufficient bounds checks. A malicious client or server, after authentication, could send specially crafted messages to its peer which would result in a crash or, potentially...

8.8CVSS8AI score0.0079EPSS
CVE
CVE
added 2018/01/18 2:29 a.m.219 views

CVE-2018-2618

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker wi...

5.9CVSS5.7AI score0.00112EPSS
CVE
CVE
added 2018/03/20 4:29 p.m.219 views

CVE-2018-8088

org.slf4j.ext.EventData in the slf4j-ext module in QOS.CH SLF4J before 1.8.0-beta2 allows remote attackers to bypass intended access restrictions via crafted data. EventData in the slf4j-ext module in QOS.CH SLF4J, has been fixed in SLF4J versions 1.7.26 later and in the 2.0.x series.

9.8CVSS9.3AI score0.00836EPSS
CVE
CVE
added 2017/08/08 3:29 p.m.218 views

CVE-2017-10102

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple prot...

9CVSS8.7AI score0.00525EPSS
CVE
CVE
added 2017/10/19 5:29 p.m.218 views

CVE-2017-10345

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows unauthenticated attac...

3.1CVSS4.2AI score0.00525EPSS
CVE
CVE
added 2017/04/24 7:59 p.m.218 views

CVE-2017-3308

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protoco...

7.7CVSS6.1AI score0.00323EPSS
CVE
CVE
added 2017/05/29 4:29 p.m.218 views

CVE-2017-9287

servers/slapd/back-mdb/search.c in OpenLDAP through 2.4.44 is prone to a double free vulnerability. A user with access to search the directory can crash slapd by issuing a search including the Paged Results control with a page size of 0.

6.5CVSS6.4AI score0.38966EPSS
CVE
CVE
added 2017/08/08 3:29 p.m.216 views

CVE-2017-10108

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker w...

5.3CVSS5.3AI score0.00414EPSS
CVE
CVE
added 2017/10/19 5:29 p.m.216 views

CVE-2017-10378

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.57 and earlier, 5.6.37 and earlier and 5.7.11 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple pro...

6.5CVSS6.2AI score0.00369EPSS
CVE
CVE
added 2014/02/21 5:7 a.m.215 views

CVE-2014-0502

Double free vulnerability in Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows and Mac OS X and before 11.2.202.341 on Linux, Adobe AIR before 4.0.0.1628 on Android, Adobe AIR SDK before 4.0.0.1628, and Adobe AIR SDK & Compiler before 4.0.0.1628 allows rem...

10CVSS7.8AI score0.85668EPSS
In wild
CVE
CVE
added 2017/10/19 5:29 p.m.215 views

CVE-2017-10357

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via mu...

5.3CVSS5.4AI score0.00559EPSS
CVE
CVE
added 2017/01/27 10:59 p.m.215 views

CVE-2017-3265

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure ...

5.6CVSS5.4AI score0.00189EPSS
CVE
CVE
added 2018/07/30 3:29 p.m.215 views

CVE-2017-7518

A flaw was found in the Linux kernel before version 4.12 in the way the KVM module processed the trap flag(TF) bit in EFLAGS during emulation of the syscall instruction, which leads to a debug exception(#DB) being raised in the guest stack. A user/process inside a guest could use this flaw to poten...

7.8CVSS7.3AI score0.0009EPSS
CVE
CVE
added 2018/01/18 2:29 a.m.215 views

CVE-2018-2637

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JMX). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker wi...

7.4CVSS6.2AI score0.00164EPSS
CVE
CVE
added 2017/02/12 4:59 a.m.214 views

CVE-2017-3302

Crash in libmysqlclient.so in Oracle MySQL before 5.6.21 and 5.7.x before 5.7.5 and MariaDB through 5.5.54, 10.0.x through 10.0.29, 10.1.x through 10.1.21, and 10.2.x through 10.2.3.

7.5CVSS5.6AI score0.01585EPSS
CVE
CVE
added 2019/02/28 6:29 p.m.214 views

CVE-2018-12390

Mozilla developers and community members reported memory safety bugs present in Firefox 62 and Firefox ESR 60.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Fir...

9.8CVSS8.3AI score0.0472EPSS
CVE
CVE
added 2018/11/21 4:29 p.m.214 views

CVE-2018-19409

An issue was discovered in Artifex Ghostscript before 9.26. LockSafetyParams is not checked correctly if another device is used.

9.8CVSS6.3AI score0.11441EPSS
CVE
CVE
added 2018/01/18 2:29 a.m.214 views

CVE-2018-2579

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attac...

4.3CVSS3.8AI score0.00077EPSS
CVE
CVE
added 2017/08/08 3:29 p.m.213 views

CVE-2017-10116

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Difficult to exploit vulnerability allows unauthenticated attacker with...

8.3CVSS8.5AI score0.01701EPSS
CVE
CVE
added 2017/08/08 3:29 p.m.213 views

CVE-2017-10135

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Difficult to exploit vulnerability allows unauthenticated attacker with netw...

5.9CVSS5.9AI score0.00264EPSS
CVE
CVE
added 2017/10/19 5:29 p.m.213 views

CVE-2017-10347

Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple pr...

5.3CVSS5.5AI score0.00506EPSS
CVE
CVE
added 2017/08/08 3:29 p.m.213 views

CVE-2017-3651

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple prot...

4.3CVSS4AI score0.00429EPSS
CVE
CVE
added 2017/08/08 3:29 p.m.213 views

CVE-2017-3653

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protoco...

3.5CVSS3.4AI score0.00287EPSS
CVE
CVE
added 2018/03/12 9:29 p.m.213 views

CVE-2018-7858

Quick Emulator (aka QEMU), when built with the Cirrus CLGD 54xx VGA Emulator support, allows local guest OS privileged users to cause a denial of service (out-of-bounds access and QEMU process crash) by leveraging incorrect region calculation when updating VGA display.

5.5CVSS5.2AI score0.00074EPSS
CVE
CVE
added 2014/02/05 5:15 a.m.212 views

CVE-2014-0497

Integer underflow in Adobe Flash Player before 11.7.700.261 and 11.8.x through 12.0.x before 12.0.0.44 on Windows and Mac OS X, and before 11.2.202.336 on Linux, allows remote attackers to execute arbitrary code via unspecified vectors.

10CVSS7.8AI score0.93016EPSS
In wild
CVE
CVE
added 2017/08/08 3:29 p.m.212 views

CVE-2017-10096

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple proto...

9.6CVSS9.1AI score0.00416EPSS
CVE
CVE
added 2017/08/08 3:29 p.m.212 views

CVE-2017-10110

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attac...

9.6CVSS9.1AI score0.00365EPSS
CVE
CVE
added 2017/10/19 5:29 p.m.212 views

CVE-2017-10285

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple pro...

9.6CVSS9AI score0.00466EPSS
CVE
CVE
added 2018/04/19 2:29 a.m.212 views

CVE-2018-2781

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocol...

4.9CVSS5.4AI score0.00096EPSS
CVE
CVE
added 2018/11/29 6:29 p.m.212 views

CVE-2018-8786

FreeRDP prior to version 2.0.0-rc4 contains an Integer Truncation that leads to a Heap-Based Buffer Overflow in function update_read_bitmap_update() and results in a memory corruption and probably even a remote code execution.

9.8CVSS9.7AI score0.21604EPSS
CVE
CVE
added 2017/08/08 3:29 p.m.211 views

CVE-2017-10053

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network...

5.3CVSS5.3AI score0.0076EPSS
CVE
CVE
added 2017/08/08 3:29 p.m.211 views

CVE-2017-10101

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple proto...

9.6CVSS9AI score0.00365EPSS
CVE
CVE
added 2017/10/19 5:29 p.m.211 views

CVE-2017-10295

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows unauthenticated attacker...

4.3CVSS5.1AI score0.00258EPSS
CVE
CVE
added 2018/11/02 7:29 a.m.211 views

CVE-2018-18897

An issue was discovered in Poppler 0.71.0. There is a memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc, as demonstrated by pdftocairo.

6.5CVSS6.6AI score0.00197EPSS
CVE
CVE
added 2018/01/18 2:29 a.m.211 views

CVE-2018-2629

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JGSS). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker w...

5.3CVSS5AI score0.00434EPSS
CVE
CVE
added 2022/08/23 4:15 p.m.211 views

CVE-2021-23177

An improper link resolution flaw while extracting an archive can lead to changing the access control list (ACL) of the target of the link. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. A local attacker may use this flaw...

7.8CVSS7.6AI score0.0005EPSS
CVE
CVE
added 2017/08/08 3:29 p.m.210 views

CVE-2017-10089

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: ImageIO). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful a...

9.6CVSS9.1AI score0.00365EPSS
CVE
CVE
added 2018/01/23 4:29 p.m.210 views

CVE-2018-5950

Cross-site scripting (XSS) vulnerability in the web UI in Mailman before 2.1.26 allows remote attackers to inject arbitrary web script or HTML via a user-options URL.

6.1CVSS5.9AI score0.02431EPSS
CVE
CVE
added 2018/06/11 9:29 p.m.209 views

CVE-2017-5390

The JSON viewer in the Developer Tools uses insecure methods to create a communication channel for copying and viewing JSON or HTTP headers data, allowing for potential privilege escalation. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox

9.8CVSS8.9AI score0.0184EPSS
CVE
CVE
added 2016/06/13 7:59 p.m.207 views

CVE-2016-3698

libndp before 1.6, as used in NetworkManager, does not properly validate the origin of Neighbor Discovery Protocol (NDP) messages, which allows remote attackers to conduct man-in-the-middle attacks or cause a denial of service (network connectivity disruption) by advertising a node as a router from...

8.1CVSS7.5AI score0.00769EPSS
CVE
CVE
added 2018/10/18 1:29 p.m.207 views

CVE-2018-12365

A compromised IPC child process can escape the content sandbox and list the names of arbitrary files on the file system without user consent or interaction. This could result in exposure of private local files. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < ...

6.5CVSS7.4AI score0.00653EPSS
CVE
CVE
added 2018/01/18 2:29 a.m.207 views

CVE-2018-2663

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacke...

4.3CVSS4.3AI score0.00084EPSS
CVE
CVE
added 2019/07/22 3:15 p.m.207 views

CVE-2019-9959

The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attacker, as demonstrated by pdftocairo.

6.5CVSS6.4AI score0.01488EPSS
CVE
CVE
added 2022/08/22 3:15 p.m.206 views

CVE-2021-3659

A NULL pointer dereference flaw was found in the Linux kernel’s IEEE 802.15.4 wireless networking subsystem in the way the user closes the LR-WPAN connection. This flaw allows a local user to crash the system. The highest threat from this vulnerability is to system availability.

5.5CVSS5.8AI score0.0002EPSS
CVE
CVE
added 2016/05/05 1:59 a.m.205 views

CVE-2016-2105

Integer overflow in the EVP_EncodeUpdate function in crypto/evp/encode.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of binary data.

7.5CVSS7.7AI score0.62171EPSS
CVE
CVE
added 2016/05/23 10:59 a.m.205 views

CVE-2016-4578

sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the (1) snd_timer_user_ccallback and (2) snd_timer_user_tinter...

5.5CVSS5.9AI score0.00203EPSS
Web
CVE
CVE
added 2015/11/13 3:59 a.m.204 views

CVE-2015-8126

Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow remote attackers to cause a denial of service (application crash) or possibly ha...

7.5CVSS7.9AI score0.04186EPSS
CVE
CVE
added 2018/10/18 1:29 p.m.203 views

CVE-2018-12377

A use-after-free vulnerability can occur when refresh driver timers are refreshed in some circumstances during shutdown when the timer is deleted while still in use. This results in a potentially exploitable crash. This vulnerability affects Firefox < 62, Firefox ESR < 60.2, and Thunderbird

9.8CVSS6.4AI score0.02628EPSS
CVE
CVE
added 2018/01/18 2:29 a.m.203 views

CVE-2018-2634

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JGSS). Supported versions that are affected are Java SE: 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple pro...

6.8CVSS6.2AI score0.00119EPSS
Total number of security vulnerabilities1054