Enterprise Linux Server Eus Security Vulnerabilities and Issues — Page 2 of Enterprise Linux Server Eus CVE List

Lucene search

RedhatEnterprise Linux Server Eus

60 matches found

CVE•added 2017/10/05 1:29 a.m.•112 views

CVE-2017-1000115

Mercurial prior to version 4.3 is vulnerable to a missing symlink check that can malicious repositories to modify files outside the repository

7.5CVSS8.2AI score0.02142EPSS

CVE•added 2017/07/17 5:29 p.m.•107 views

CVE-2017-10978

An FR-GV-201 issue in FreeRADIUS 2.x before 2.2.10 and 3.x before 3.0.15 allows "Read / write overflow in make_secret()" and a denial of service.

7.5CVSS8.4AI score0.02231EPSS

CVE•added 2017/07/25 2:29 p.m.•88 views

CVE-2017-7980

Heap-based buffer overflow in Cirrus CLGD 54xx VGA Emulator in Quick Emulator (Qemu) 2.8 and earlier allows local guest OS users to execute arbitrary code or cause a denial of service (crash) via vectors related to a VNC client updating its display after a VGA operation.

7.8CVSS7.2AI score0.00166EPSS

CVE•added 2017/02/16 11:59 a.m.•84 views

CVE-2017-6009

An issue was discovered in icoutils 0.31.1. A buffer overflow was observed in the "decode_ne_resource_id" function in the "restable.c" source file. This is happening because the "len" parameter for memcpy is not checked for size and thus becomes a negative integer in the process, resulting in a fai...

5.5CVSS5.8AI score0.0028EPSS

CVE•added 2017/10/18 8:29 p.m.•81 views

CVE-2015-5739

The net/http library in net/textproto/reader.go in Go before 1.4.3 does not properly parse HTTP header keys, which allows remote attackers to conduct HTTP request smuggling attacks via a space instead of a hyphen, as demonstrated by "Content Length" instead of "Content-Length."

9.8CVSS9AI score0.10892EPSS

CVE•added 2017/02/16 11:59 a.m.•80 views

CVE-2017-6010

An issue was discovered in icoutils 0.31.1. A buffer overflow was observed in the "extract_icons" function in the "extract.c" source file. This issue can be triggered by processing a corrupted ico file and will result in an icotool crash.

5.5CVSS5.7AI score0.00354EPSS

CVE•added 2017/02/16 11:59 a.m.•79 views

CVE-2017-6011

An issue was discovered in icoutils 0.31.1. An out-of-bounds read leading to a buffer overflow was observed in the "simple_vec" function in the "extract.c" source file. This affects icotool.

5.5CVSS5.7AI score0.00354EPSS

CVE•added 2017/08/22 6:29 p.m.•78 views

CVE-2017-5208

Integer overflow in the wrestool program in icoutils before 0.31.1 allows remote attackers to cause a denial of service (memory corruption) via a crafted executable, which triggers a denial of service (application crash) or the possibility of execution of arbitrary code.

8.8CVSS7.6AI score0.01645EPSS

CVE•added 2017/10/18 8:29 p.m.•68 views

CVE-2015-5740

The net/http library in net/http/transfer.go in Go before 1.4.3 does not properly parse HTTP headers, which allows remote attackers to conduct HTTP request smuggling attacks via a request with two Content-length headers.

9.8CVSS9AI score0.06044EPSS

CVE•added 2017/07/25 6:29 p.m.•63 views

CVE-2015-3149

The Hotspot component in OpenJDK8 as packaged in Red Hat Enterprise Linux 6 and 7 allows local users to write to arbitrary files via a symlink attack.

5.5CVSS5.2AI score0.00067EPSS

Total number of security vulnerabilities60