Enterprise Linux Server Tus Security Vulnerabilities and Issues — Enterprise Linux Server Tus CVE List

Lucene search

RedhatEnterprise Linux Server Tus

11 matches found

CVE•added 2018/09/06 9:29 p.m.•651 views

CVE-2018-5391

The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation hav...

7.8CVSS7.7AI score0.01732EPSS

CVE•added 2018/09/25 9:29 p.m.•400 views

CVE-2018-14634

An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x are believed to be vulnerab...

7.8CVSS7.3AI score0.03747EPSS

CVE•added 2018/09/25 12:29 a.m.•316 views

CVE-2018-14633

A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes of the stack. The a...

8.3CVSS7.9AI score0.10432EPSS

CVE•added 2018/09/05 6:29 p.m.•228 views

CVE-2018-16540

In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files to the builtin PDF14 converter could use a use-after-free in copydevice handling to crash the interpreter or possibly have unspecified other impact.

7.8CVSS7.1AI score0.00283EPSS

CVE•added 2018/09/06 2:29 p.m.•170 views

CVE-2018-14624

A vulnerability was discovered in 389-ds-base through versions 1.3.7.10, 1.3.8.8 and 1.4.0.16. The lock controlling the error log was not correctly used when re-opening the log file in log__error_emergency(). An attacker could send a flood of modifications to a very large DN, which would cause slap...

7.5CVSS6.3AI score0.01535EPSS

CVE•added 2018/09/19 3:29 p.m.•170 views

CVE-2018-17183

Artifex Ghostscript before 9.25 allowed a user-writable error exception table, which could be used by remote attackers able to supply crafted PostScript to potentially overwrite or replace error handlers to inject code.

7.8CVSS6.5AI score0.01045EPSS

CVE•added 2018/09/10 4:29 p.m.•138 views

CVE-2018-16802

An issue was discovered in Artifex Ghostscript before 9.25. Incorrect "restoration of privilege" checking when running out of stack during exception handling could be used by attackers able to supply crafted PostScript to execute code using the "pipe" instruction. This is due to an incomplete fix f...

7.8CVSS7.3AI score0.92178EPSS

CVE•added 2018/09/05 6:29 p.m.•134 views

CVE-2018-16541

In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect free logic in pagedevice replacement to crash the interpreter.

5.5CVSS6.2AI score0.00452EPSS

CVE•added 2018/09/05 6:29 a.m.•120 views

CVE-2018-16511

An issue was discovered in Artifex Ghostscript before 9.24. A type confusion in "ztype" could be used by remote attackers able to supply crafted PostScript to crash the interpreter or possibly have unspecified other impact.

7.8CVSS7.1AI score0.00369EPSS

CVE•added 2018/09/05 6:29 p.m.•115 views

CVE-2018-16539

In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect access checking in temp file handling to disclose contents of files on the system otherwise not readable.

5.5CVSS6AI score0.0035EPSS

CVE•added 2018/09/14 7:29 p.m.•100 views

CVE-2018-14638

A flaw was found in 389-ds-base before version 1.3.8.4-13. The process ns-slapd crashes in delete_passwdPolicy function when persistent search connections are terminated unexpectedly leading to remote denial of service.

7.5CVSS6.3AI score0.00897EPSS