Lucene search

K
RedhatEnterprise Linux Server Tus

765 matches found

CVE
CVE
added 2017/10/19 5:29 p.m.221 views

CVE-2017-10349

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple pr...

5.3CVSS5.4AI score0.00559EPSS
CVE
CVE
added 2017/08/08 3:29 p.m.220 views

CVE-2017-10243

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAX-WS). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with net...

6.5CVSS5.9AI score0.00562EPSS
CVE
CVE
added 2018/07/17 5:29 p.m.220 views

CVE-2018-14357

An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They allow remote IMAP servers to execute arbitrary commands via backquote characters, related to the mailboxes command associated with an automatic subscription.

9.8CVSS9.7AI score0.04035EPSS
CVE
CVE
added 2018/01/18 2:29 a.m.220 views

CVE-2018-2599

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker w...

5.8CVSS4.8AI score0.00096EPSS
CVE
CVE
added 2017/08/08 3:29 p.m.219 views

CVE-2017-10067

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successfu...

7.5CVSS7.9AI score0.00687EPSS
CVE
CVE
added 2017/08/08 3:29 p.m.219 views

CVE-2017-10107

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protoc...

9.6CVSS9AI score0.00416EPSS
CVE
CVE
added 2017/08/08 3:29 p.m.219 views

CVE-2017-10109

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker w...

5.3CVSS5.4AI score0.00506EPSS
CVE
CVE
added 2017/01/27 10:59 p.m.219 views

CVE-2017-3318

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Error Handling). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastruc...

4CVSS4.1AI score0.00036EPSS
CVE
CVE
added 2018/08/17 12:29 p.m.219 views

CVE-2018-10873

A vulnerability was discovered in SPICE before version 0.14.1 where the generated code used for demarshalling messages lacked sufficient bounds checks. A malicious client or server, after authentication, could send specially crafted messages to its peer which would result in a crash or, potentially...

8.8CVSS8AI score0.0079EPSS
CVE
CVE
added 2018/01/18 2:29 a.m.219 views

CVE-2018-2618

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker wi...

5.9CVSS5.7AI score0.00112EPSS
CVE
CVE
added 2018/03/20 4:29 p.m.219 views

CVE-2018-8088

org.slf4j.ext.EventData in the slf4j-ext module in QOS.CH SLF4J before 1.8.0-beta2 allows remote attackers to bypass intended access restrictions via crafted data. EventData in the slf4j-ext module in QOS.CH SLF4J, has been fixed in SLF4J versions 1.7.26 later and in the 2.0.x series.

9.8CVSS9.3AI score0.00836EPSS
CVE
CVE
added 2017/08/08 3:29 p.m.218 views

CVE-2017-10102

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple prot...

9CVSS8.7AI score0.00525EPSS
CVE
CVE
added 2017/10/19 5:29 p.m.218 views

CVE-2017-10345

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows unauthenticated attac...

3.1CVSS4.2AI score0.00525EPSS
CVE
CVE
added 2017/04/24 7:59 p.m.218 views

CVE-2017-3308

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protoco...

7.7CVSS6.1AI score0.00323EPSS
CVE
CVE
added 2017/05/29 4:29 p.m.218 views

CVE-2017-9287

servers/slapd/back-mdb/search.c in OpenLDAP through 2.4.44 is prone to a double free vulnerability. A user with access to search the directory can crash slapd by issuing a search including the Paged Results control with a page size of 0.

6.5CVSS6.4AI score0.38966EPSS
CVE
CVE
added 2017/08/08 3:29 p.m.216 views

CVE-2017-10108

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker w...

5.3CVSS5.3AI score0.00414EPSS
CVE
CVE
added 2017/10/19 5:29 p.m.216 views

CVE-2017-10378

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.57 and earlier, 5.6.37 and earlier and 5.7.11 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple pro...

6.5CVSS6.2AI score0.00369EPSS
CVE
CVE
added 2017/10/19 5:29 p.m.215 views

CVE-2017-10357

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via mu...

5.3CVSS5.4AI score0.00559EPSS
CVE
CVE
added 2017/01/27 10:59 p.m.215 views

CVE-2017-3265

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure ...

5.6CVSS5.4AI score0.00189EPSS
CVE
CVE
added 2018/01/18 2:29 a.m.215 views

CVE-2018-2637

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JMX). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker wi...

7.4CVSS6.2AI score0.00164EPSS
CVE
CVE
added 2019/02/28 6:29 p.m.214 views

CVE-2018-12390

Mozilla developers and community members reported memory safety bugs present in Firefox 62 and Firefox ESR 60.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Fir...

9.8CVSS8.3AI score0.0472EPSS
CVE
CVE
added 2018/01/18 2:29 a.m.214 views

CVE-2018-2579

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attac...

4.3CVSS3.8AI score0.00077EPSS
CVE
CVE
added 2017/08/08 3:29 p.m.213 views

CVE-2017-10116

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Difficult to exploit vulnerability allows unauthenticated attacker with...

8.3CVSS8.5AI score0.01701EPSS
CVE
CVE
added 2017/08/08 3:29 p.m.213 views

CVE-2017-10135

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Difficult to exploit vulnerability allows unauthenticated attacker with netw...

5.9CVSS5.9AI score0.00264EPSS
CVE
CVE
added 2017/10/19 5:29 p.m.213 views

CVE-2017-10347

Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple pr...

5.3CVSS5.5AI score0.00506EPSS
CVE
CVE
added 2017/08/08 3:29 p.m.213 views

CVE-2017-3651

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple prot...

4.3CVSS4AI score0.00429EPSS
CVE
CVE
added 2017/08/08 3:29 p.m.213 views

CVE-2017-3653

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protoco...

3.5CVSS3.4AI score0.00287EPSS
CVE
CVE
added 2018/03/12 9:29 p.m.213 views

CVE-2018-7858

Quick Emulator (aka QEMU), when built with the Cirrus CLGD 54xx VGA Emulator support, allows local guest OS privileged users to cause a denial of service (out-of-bounds access and QEMU process crash) by leveraging incorrect region calculation when updating VGA display.

5.5CVSS5.2AI score0.00074EPSS
CVE
CVE
added 2017/08/08 3:29 p.m.212 views

CVE-2017-10096

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple proto...

9.6CVSS9.1AI score0.00416EPSS
CVE
CVE
added 2017/08/08 3:29 p.m.212 views

CVE-2017-10110

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attac...

9.6CVSS9.1AI score0.00365EPSS
CVE
CVE
added 2017/10/19 5:29 p.m.212 views

CVE-2017-10285

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple pro...

9.6CVSS9AI score0.00466EPSS
CVE
CVE
added 2018/04/19 2:29 a.m.212 views

CVE-2018-2781

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocol...

4.9CVSS5.4AI score0.00096EPSS
CVE
CVE
added 2018/11/29 6:29 p.m.212 views

CVE-2018-8786

FreeRDP prior to version 2.0.0-rc4 contains an Integer Truncation that leads to a Heap-Based Buffer Overflow in function update_read_bitmap_update() and results in a memory corruption and probably even a remote code execution.

9.8CVSS9.7AI score0.21604EPSS
CVE
CVE
added 2017/08/08 3:29 p.m.211 views

CVE-2017-10053

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network...

5.3CVSS5.3AI score0.0076EPSS
CVE
CVE
added 2017/08/08 3:29 p.m.211 views

CVE-2017-10101

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple proto...

9.6CVSS9AI score0.00365EPSS
CVE
CVE
added 2017/10/19 5:29 p.m.211 views

CVE-2017-10295

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows unauthenticated attacker...

4.3CVSS5.1AI score0.00258EPSS
CVE
CVE
added 2018/11/02 7:29 a.m.211 views

CVE-2018-18897

An issue was discovered in Poppler 0.71.0. There is a memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc, as demonstrated by pdftocairo.

6.5CVSS6.6AI score0.00197EPSS
CVE
CVE
added 2018/01/18 2:29 a.m.211 views

CVE-2018-2629

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JGSS). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker w...

5.3CVSS5AI score0.00434EPSS
CVE
CVE
added 2022/08/23 4:15 p.m.211 views

CVE-2021-23177

An improper link resolution flaw while extracting an archive can lead to changing the access control list (ACL) of the target of the link. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. A local attacker may use this flaw...

7.8CVSS7.6AI score0.0005EPSS
CVE
CVE
added 2017/08/08 3:29 p.m.210 views

CVE-2017-10089

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: ImageIO). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful a...

9.6CVSS9.1AI score0.00365EPSS
CVE
CVE
added 2018/01/23 4:29 p.m.210 views

CVE-2018-5950

Cross-site scripting (XSS) vulnerability in the web UI in Mailman before 2.1.26 allows remote attackers to inject arbitrary web script or HTML via a user-options URL.

6.1CVSS5.9AI score0.02431EPSS
CVE
CVE
added 2018/10/18 1:29 p.m.207 views

CVE-2018-12365

A compromised IPC child process can escape the content sandbox and list the names of arbitrary files on the file system without user consent or interaction. This could result in exposure of private local files. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < ...

6.5CVSS7.4AI score0.00496EPSS
CVE
CVE
added 2018/01/18 2:29 a.m.207 views

CVE-2018-2663

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacke...

4.3CVSS4.3AI score0.00084EPSS
CVE
CVE
added 2019/07/22 3:15 p.m.207 views

CVE-2019-9959

The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attacker, as demonstrated by pdftocairo.

6.5CVSS6.4AI score0.01488EPSS
CVE
CVE
added 2022/08/22 3:15 p.m.206 views

CVE-2021-3659

A NULL pointer dereference flaw was found in the Linux kernel’s IEEE 802.15.4 wireless networking subsystem in the way the user closes the LR-WPAN connection. This flaw allows a local user to crash the system. The highest threat from this vulnerability is to system availability.

5.5CVSS5.8AI score0.0002EPSS
CVE
CVE
added 2016/05/23 10:59 a.m.205 views

CVE-2016-4578

sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the (1) snd_timer_user_ccallback and (2) snd_timer_user_tinter...

5.5CVSS5.9AI score0.00203EPSS
Web
CVE
CVE
added 2015/11/13 3:59 a.m.204 views

CVE-2015-8126

Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow remote attackers to cause a denial of service (application crash) or possibly ha...

7.5CVSS7.9AI score0.04186EPSS
CVE
CVE
added 2018/10/18 1:29 p.m.203 views

CVE-2018-12377

A use-after-free vulnerability can occur when refresh driver timers are refreshed in some circumstances during shutdown when the timer is deleted while still in use. This results in a potentially exploitable crash. This vulnerability affects Firefox < 62, Firefox ESR < 60.2, and Thunderbird

9.8CVSS6.4AI score0.02628EPSS
CVE
CVE
added 2018/01/18 2:29 a.m.203 views

CVE-2018-2634

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JGSS). Supported versions that are affected are Java SE: 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple pro...

6.8CVSS6.2AI score0.00119EPSS
CVE
CVE
added 2019/04/09 6:29 p.m.202 views

CVE-2017-3139

A denial of service flaw was found in the way BIND handled DNSSEC validation. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response.

7.5CVSS7.1AI score0.00723EPSS
Total number of security vulnerabilities765