Lucene search

K
RedhatEnterprise Linux Server Aus

1054 matches found

CVE
CVE
added 2015/01/21 6:59 p.m.115 views

CVE-2015-0391

Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect availability via vectors related to DDL.

4CVSS6.1AI score0.00353EPSS
CVE
CVE
added 2016/01/12 7:59 p.m.115 views

CVE-2015-1779

The VNC websocket frame decoder in QEMU allows remote attackers to cause a denial of service (memory and CPU consumption) via a large (1) websocket payload or (2) HTTP headers section.

8.6CVSS7.9AI score0.05081EPSS
CVE
CVE
added 2015/08/12 2:59 p.m.115 views

CVE-2015-5165

The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors.

9.3CVSS6.5AI score0.10855EPSS
CVE
CVE
added 2016/01/21 3:2 a.m.115 views

CVE-2016-0608

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to UDF.

3.5CVSS5AI score0.0041EPSS
CVE
CVE
added 2016/07/21 10:14 a.m.115 views

CVE-2016-5444

Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.

4.3CVSS4.6AI score0.03131EPSS
CVE
CVE
added 2025/04/03 3:15 a.m.115 views

CVE-2025-2784

A flaw was found in libsoup. The package is vulnerable to a heap buffer over-read when sniffing content via the skip_insight_whitespace() function. Libsoup clients may read one byte out-of-bounds in response to a crafted HTTP response by an HTTP server.

7CVSS7AI score0.00874EPSS
CVE
CVE
added 2012/06/21 3:55 p.m.114 views

CVE-2012-1149

Integer overflow in the vclmi.dll module in OpenOffice.org (OOo) 3.3, 3.4 Beta, and possibly earlier, and LibreOffice before 3.5.3, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted embedded image object, as demonstrated by a ...

7.5CVSS7AI score0.0271EPSS
CVE
CVE
added 2014/04/16 2:55 a.m.114 views

CVE-2014-2431

Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote attackers to affect availability via unknown vectors related to Options.

2.6CVSS4.2AI score0.01132EPSS
CVE
CVE
added 2015/12/07 8:59 p.m.114 views

CVE-2015-3276

The nss_parse_ciphers function in libraries/libldap/tls_m.c in OpenLDAP does not properly parse OpenSSL-style multi-keyword mode cipher strings, which might cause a weaker than intended cipher to be used and allow remote attackers to have unspecified impact via unknown vectors.

7.5CVSS7.5AI score0.01805EPSS
CVE
CVE
added 2016/04/21 10:59 a.m.114 views

CVE-2016-0651

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier allows local users to affect availability via vectors related to Optimizer.

5.5CVSS4.6AI score0.00273EPSS
CVE
CVE
added 2016/05/20 10:59 a.m.114 views

CVE-2016-1836

Use-after-free vulnerability in the xmlDictComputeFastKey function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service via a crafted XML document.

5.5CVSS6.5AI score0.01153EPSS
CVE
CVE
added 2017/09/14 6:29 a.m.114 views

CVE-2017-12902

The Zephyr parser in tcpdump before 4.9.2 has a buffer over-read in print-zephyr.c, several functions.

9.8CVSS9.3AI score0.0206EPSS
CVE
CVE
added 2017/09/14 6:29 a.m.114 views

CVE-2017-12987

The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_11.c:parse_elements().

9.8CVSS9.3AI score0.0206EPSS
CVE
CVE
added 2018/06/11 9:29 p.m.114 views

CVE-2017-7749

A use-after-free vulnerability when using an incorrect URL during the reloading of a docshell. This results in a potentially exploitable crash. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird

9.8CVSS8.1AI score0.01973EPSS
CVE
CVE
added 2018/06/11 9:29 p.m.114 views

CVE-2018-5184

Using remote content in encrypted messages can lead to the disclosure of plaintext. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird

7.5CVSS7.2AI score0.00789EPSS
CVE
CVE
added 2019/03/21 6:29 p.m.114 views

CVE-2019-9903

PDFDoc::markObject in PDFDoc.cc in Poppler 0.74.0 mishandles dict marking, leading to stack consumption in the function Dict::find() located at Dict.cc, which can (for example) be triggered by passing a crafted pdf file to the pdfunite binary.

6.5CVSS6.3AI score0.01509EPSS
CVE
CVE
added 2014/04/16 2:55 a.m.113 views

CVE-2014-2436

Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to RBR.

6.5CVSS3.9AI score0.00825EPSS
CVE
CVE
added 2015/01/21 6:59 p.m.113 views

CVE-2015-0382

Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication, a different vulnerability than CVE-2015-0381.

4.3CVSS6.6AI score0.0563EPSS
CVE
CVE
added 2016/01/21 3:2 a.m.113 views

CVE-2016-0609

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to privileges.

1.7CVSS5.1AI score0.00876EPSS
CVE
CVE
added 2017/07/17 5:29 p.m.113 views

CVE-2017-10978

An FR-GV-201 issue in FreeRADIUS 2.x before 2.2.10 and 3.x before 3.0.15 allows "Read / write overflow in make_secret()" and a denial of service.

7.5CVSS8.4AI score0.03305EPSS
CVE
CVE
added 2018/06/11 9:29 p.m.113 views

CVE-2018-5170

It is possible to spoof the filename of an attachment and display an arbitrary attachment name. This could lead to a user opening a remote attachment which is a different file type than expected. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird

4.3CVSS6.1AI score0.0117EPSS
CVE
CVE
added 2013/12/11 3:55 p.m.112 views

CVE-2013-5618

Use-after-free vulnerability in the nsNodeUtils::LastRelease function in the table-editing user interface in the editor component in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code by tri...

10CVSS9.6AI score0.10378EPSS
CVE
CVE
added 2014/04/16 2:55 a.m.112 views

CVE-2014-2419

Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.

4CVSS3.9AI score0.01361EPSS
CVE
CVE
added 2015/01/21 6:59 p.m.112 views

CVE-2015-0374

Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges : Foreign Key.

3.5CVSS5.9AI score0.00237EPSS
CVE
CVE
added 2015/01/21 6:59 p.m.112 views

CVE-2015-0381

Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication, a different vulnerability than CVE-2015-0382.

4.3CVSS6.6AI score0.0563EPSS
CVE
CVE
added 2015/10/21 11:59 p.m.112 views

CVE-2015-4864

Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.

3.5CVSS4.7AI score0.00347EPSS
CVE
CVE
added 2013/12/11 3:55 p.m.111 views

CVE-2013-5614

Mozilla Firefox before 26.0 and SeaMonkey before 2.23 do not properly consider the sandbox attribute of an IFRAME element during processing of a contained OBJECT element, which allows remote attackers to bypass intended sandbox restrictions via a crafted web site.

4.3CVSS9.1AI score0.00245EPSS
CVE
CVE
added 2013/12/11 3:55 p.m.111 views

CVE-2013-5616

Use-after-free vulnerability in the nsEventListenerManager::HandleEventSubType function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corrup...

9.8CVSS9.6AI score0.02874EPSS
CVE
CVE
added 2014/02/06 5:44 a.m.111 views

CVE-2014-1487

The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Policy and obtain sensitive authentication information via vectors involving error messages.

7.5CVSS8.3AI score0.00501EPSS
CVE
CVE
added 2016/01/21 3:2 a.m.111 views

CVE-2016-0606

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect integrity via unknown vectors related to encryption.

3.5CVSS5AI score0.00202EPSS
CVE
CVE
added 2016/06/09 4:59 p.m.111 views

CVE-2016-0749

The smartcard interaction in SPICE allows remote attackers to cause a denial of service (QEMU-KVM process crash) or possibly execute arbitrary code via vectors related to connecting to a guest VM, which triggers a heap-based buffer overflow.

10CVSS9.6AI score0.20473EPSS
CVE
CVE
added 2018/08/01 1:29 p.m.111 views

CVE-2016-8635

It was found that Diffie Hellman Client key exchange handling in NSS 3.21.x was vulnerable to small subgroup confinement attack. An attacker could use this flaw to recover private keys by confining the client DH key to small subgroup of the desired group.

5.9CVSS6.3AI score0.00443EPSS
CVE
CVE
added 2023/05/17 11:15 p.m.111 views

CVE-2023-2295

A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the sender reuses the l...

7.5CVSS7.7AI score0.01671EPSS
CVE
CVE
added 2018/07/27 7:29 p.m.109 views

CVE-2017-2634

It was found that the Linux kernel's Datagram Congestion Control Protocol (DCCP) implementation before 2.6.22.17 used the IPv4-only inet_sk_rebuild_header() function for both IPv4 and IPv6 DCCP connections, which could result in memory corruptions. A remote attacker could use this flaw to crash the...

7.8CVSS7.1AI score0.03662EPSS
CVE
CVE
added 2011/02/18 8:0 p.m.108 views

CVE-2011-1044

The ib_uverbs_poll_cq function in drivers/infiniband/core/uverbs_cmd.c in the Linux kernel before 2.6.37 does not initialize a certain response buffer, which allows local users to obtain potentially sensitive information from kernel memory via vectors that cause this buffer to be only partially fil...

2.1CVSS5.4AI score0.00069EPSS
CVE
CVE
added 2013/04/17 5:55 p.m.108 views

CVE-2013-2378

Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, 5.5.29 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Information Schema.

6.5CVSS4.3AI score0.00473EPSS
CVE
CVE
added 2014/04/16 2:55 a.m.108 views

CVE-2014-2432

Unspecified vulnerability Oracle the MySQL Server component 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Federated.

2.8CVSS4.2AI score0.01404EPSS
CVE
CVE
added 2016/04/12 2:0 a.m.108 views

CVE-2016-2857

The net_checksum_calculate function in net/checksum.c in QEMU allows local guest OS users to cause a denial of service (out-of-bounds heap read and crash) via the payload length in a crafted packet.

8.4CVSS6.6AI score0.00058EPSS
CVE
CVE
added 2014/12/16 6:59 p.m.107 views

CVE-2014-8964

Heap-based buffer overflow in PCRE 8.36 and earlier allows remote attackers to cause a denial of service (crash) or have other unspecified impact via a crafted regular expression, related to an assertion that allows zero repeats.

5CVSS8.4AI score0.02089EPSS
CVE
CVE
added 2016/09/21 2:25 p.m.107 views

CVE-2016-5844

Integer overflow in the ISO parser in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a crafted ISO file.

6.5CVSS6.5AI score0.02481EPSS
CVE
CVE
added 2017/09/14 6:29 a.m.107 views

CVE-2017-12896

The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:isakmp_rfc3948_print().

9.8CVSS9.3AI score0.0206EPSS
CVE
CVE
added 2013/01/13 8:55 p.m.106 views

CVE-2013-0767

The nsSVGPathElement::GetPathLengthScale function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary cod...

10CVSS9.5AI score0.01907EPSS
CVE
CVE
added 2018/06/11 9:29 p.m.106 views

CVE-2017-5472

A use-after-free vulnerability with the frameloader during tree reconstruction while regenerating CSS layout when attempting to use a node in the tree that no longer exists. This results in a potentially exploitable crash. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thund...

9.8CVSS8.1AI score0.01973EPSS
CVE
CVE
added 2014/04/16 2:55 a.m.105 views

CVE-2014-2430

Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect availability via unknown vectors related to Performance Schema.

3.5CVSS3.9AI score0.00901EPSS
CVE
CVE
added 2018/06/11 9:29 p.m.105 views

CVE-2017-7751

A use-after-free vulnerability with content viewer listeners that results in a potentially exploitable crash. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird

9.8CVSS8.1AI score0.01973EPSS
CVE
CVE
added 2018/06/11 9:29 p.m.105 views

CVE-2017-7758

An out-of-bounds read vulnerability with the Opus encoder when the number of channels in an audio stream changes while the encoder is in use. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird

9.1CVSS7.7AI score0.01773EPSS
CVE
CVE
added 2018/06/11 9:29 p.m.105 views

CVE-2018-5162

Plaintext of decrypted emails can leak through the src attribute of remote images, or links. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird

7.5CVSS7.3AI score0.00699EPSS
CVE
CVE
added 2023/05/17 10:15 p.m.105 views

CVE-2023-2203

A flaw was found in the WebKitGTK package. An improper input validation issue may lead to a use-after-free vulnerability. This flaw allows attackers with network access to pass specially crafted web content files, causing a denial of service or arbitrary code execution. This CVE exists because of a...

8.8CVSS8.9AI score0.00101EPSS
CVE
CVE
added 2023/08/25 5:15 p.m.105 views

CVE-2023-38201

A flaw was found in the Keylime registrar that could allow a bypass of the challenge-response protocol during agent registration. This issue may allow an attacker to impersonate an agent and hide the true status of a monitored machine if the fake agent is added to the verifier list by a legitimate ...

6.5CVSS6.4AI score0.00023EPSS
CVE
CVE
added 2020/01/14 5:15 p.m.104 views

CVE-2014-7844

BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via a crafted email address.

7.8CVSS7.9AI score0.0091EPSS
Total number of security vulnerabilities1054