Lucene search

K
RedhatEnterprise Linux

1688 matches found

CVE
CVE
added 2017/04/21 3:59 p.m.82 views

CVE-2016-0720

Cross-site request forgery (CSRF) vulnerability in pcsd web UI in pcs before 0.9.149.

8.8CVSS8.6AI score0.00196EPSS
CVE
CVE
added 2018/07/27 9:29 p.m.82 views

CVE-2017-15118

A stack-based buffer overflow vulnerability was found in NBD server implementation in qemu before 2.11 allowing a client to request an export name of size up to 4096 bytes, which in fact should be limited to 256 bytes, causing an out-of-bounds stack write in the qemu process. If NBD server requires...

9.8CVSS9.3AI score0.02306EPSS
CVE
CVE
added 2018/01/09 9:29 p.m.82 views

CVE-2017-15131

It was found that system umask policy is not being honored when creating XDG user directories, since Xsession sources xdg-user-dirs.sh before setting umask policy. This only affects xdg-user-dirs before 0.15.5 as shipped with Red Hat Enterprise Linux.

7.8CVSS7.5AI score0.0012EPSS
CVE
CVE
added 2021/03/25 7:15 p.m.82 views

CVE-2021-3446

A flaw was found in libtpms in versions before 0.8.2. The commonly used integration of libtpms with OpenSSL contained a vulnerability related to the returned IV (initialization vector) when certain symmetric ciphers were used. Instead of returning the last IV it returned the initial IV to the calle...

5.5CVSS5.3AI score0.00035EPSS
CVE
CVE
added 2005/04/27 4:0 a.m.81 views

CVE-2005-0206

The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.

7.5CVSS6.7AI score0.06529EPSS
CVE
CVE
added 2016/04/15 2:59 p.m.81 views

CVE-2010-5325

Heap-based buffer overflow in the unhtmlify function in foomatic-rip in foomatic-filters before 4.0.6 allows remote attackers to cause a denial of service (memory corruption and crash) or possibly execute arbitrary code via a long job title.

9.8CVSS9AI score0.05909EPSS
CVE
CVE
added 2018/06/11 9:29 p.m.81 views

CVE-2017-5451

A mechanism to spoof the addressbar through the user interaction on the addressbar and the "onblur" event. The event could be used by script to affect text display to make the loaded site appear to be different from the one actually loaded within the addressbar. This vulnerability affects Thunderbi...

4.3CVSS5.7AI score0.00581EPSS
CVE
CVE
added 2018/06/11 9:29 p.m.81 views

CVE-2017-5455

The internal feed reader APIs that crossed the sandbox barrier allowed for a sandbox escape and escalation of privilege if combined with another vulnerability that resulted in remote code execution inside the sandboxed process. This vulnerability affects Firefox ESR < 52.1 and Firefox

7.5CVSS8.3AI score0.02349EPSS
CVE
CVE
added 2022/10/14 6:15 p.m.81 views

CVE-2022-2963

A vulnerability found in jasper. This security vulnerability happens because of a memory leak bug in function cmdopts_parse that can cause a crash or segmentation fault.

7.5CVSS7.3AI score0.00091EPSS
CVE
CVE
added 2024/06/06 6:15 a.m.81 views

CVE-2024-3049

A flaw was found in Booth, a cluster ticket manager. If a specially-crafted hash is passed to gcry_md_get_algo_dlen(), it may allow an invalid HMAC to be accepted by the Booth server.

5.9CVSS5.4AI score0.00685EPSS
CVE
CVE
added 2013/06/08 1:5 p.m.80 views

CVE-2011-3347

A certain Red Hat patch to the be2net implementation in the kernel package before 2.6.32-218.el6 on Red Hat Enterprise Linux (RHEL) 6, when promiscuous mode is enabled, allows remote attackers to cause a denial of service (system crash) via non-member VLAN packets.

4.6CVSS6.3AI score0.00537EPSS
CVE
CVE
added 2013/03/15 8:55 p.m.80 views

CVE-2012-6542

The llc_ui_getname function in net/llc/af_llc.c in the Linux kernel before 3.6 has an incorrect return value in certain circumstances, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that leverages an uninitialized pointer argument.

1.9CVSS5.4AI score0.00088EPSS
CVE
CVE
added 2013/03/15 8:55 p.m.80 views

CVE-2012-6548

The udf_encode_fh function in fs/udf/namei.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory via a crafted application.

1.9CVSS4.7AI score0.00023EPSS
CVE
CVE
added 2013/11/23 6:55 p.m.80 views

CVE-2013-0222

The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string to the uniq command, which triggers a stack-based buffer overflow in the alloca function.

2.1CVSS6.6AI score0.00143EPSS
CVE
CVE
added 2013/10/10 12:55 a.m.80 views

CVE-2013-4342

xinetd does not enforce the user and group configuration directives for TCPMUX services, which causes these services to be run as root and makes it easier for remote attackers to gain privileges by leveraging another vulnerability in a service.

7.6CVSS9.3AI score0.09919EPSS
CVE
CVE
added 2015/07/16 11:0 a.m.80 views

CVE-2015-4756

Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB, a different vulnerability than CVE-2015-0439.

4CVSS4.6AI score0.00909EPSS
CVE
CVE
added 2017/04/21 3:59 p.m.80 views

CVE-2016-0721

Session fixation vulnerability in pcsd in pcs before 0.9.157.

8.1CVSS8.1AI score0.00288EPSS
CVE
CVE
added 2022/04/18 5:15 p.m.80 views

CVE-2021-42781

Heap buffer overflow issues were found in Opensc before version 0.22.0 in pkcs15-oberthur.c that could potentially crash programs using the library.

5.3CVSS5.8AI score0.00074EPSS
CVE
CVE
added 2022/08/29 3:15 p.m.80 views

CVE-2022-0851

There is a flaw in convert2rhel. When the --activationkey option is used with convert2rhel, the activation key is subsequently passed to subscription-manager via the command line, which could allow unauthorized users locally on the machine to view the activation key via the process command line via...

5.5CVSS5.3AI score0.0003EPSS
CVE
CVE
added 2023/07/11 12:15 p.m.80 views

CVE-2023-1672

A race condition exists in the Tang server functionality for key generation and key rotation. This flaw results in a small time window where Tang private keys become readable by other processes on the same host.

5.3CVSS5AI score0.00022EPSS
CVE
CVE
added 2023/07/11 12:15 p.m.80 views

CVE-2023-3269

A vulnerability exists in the memory management subsystem of the Linux kernel. The lock handling for accessing and updating virtual memory areas (VMAs) is incorrect, leading to use-after-free problems. This issue can be successfully exploited to execute arbitrary kernel code, escalate containers, a...

7.8CVSS7.9AI score0.00171EPSS
CVE
CVE
added 2005/11/16 9:17 p.m.79 views

CVE-2002-2185

The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a target's Ethernet address instead of the Multicast group address, which causes the target to stop sending reports to the router and effectively disconnect the group from ...

4.9CVSS4.5AI score0.00377EPSS
CVE
CVE
added 2006/01/06 10:0 p.m.79 views

CVE-2005-3624

The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.

5CVSS6.3AI score0.07223EPSS
CVE
CVE
added 2010/12/30 7:0 p.m.79 views

CVE-2010-4161

The udp_queue_rcv_skb function in net/ipv4/udp.c in a certain Red Hat build of the Linux kernel 2.6.18 in Red Hat Enterprise Linux (RHEL) 5 allows attackers to cause a denial of service (deadlock and system hang) by sending UDP traffic to a socket that has a crafted socket filter, a related issue t...

4.9CVSS6AI score0.00345EPSS
CVE
CVE
added 2013/03/01 5:40 a.m.79 views

CVE-2012-1568

The ExecShield feature in a certain Red Hat patch for the Linux kernel in Red Hat Enterprise Linux (RHEL) 5 and 6 and Fedora 15 and 16 does not properly handle use of many shared libraries by a 32-bit executable file, which makes it easier for context-dependent attackers to bypass the ASLR protecti...

1.9CVSS7.3AI score0.00046EPSS
CVE
CVE
added 2013/02/28 7:55 p.m.79 views

CVE-2013-1773

Buffer overflow in the VFAT filesystem implementation in the Linux kernel before 3.3 allows local users to gain privileges or cause a denial of service (system crash) via a VFAT write operation on a filesystem with the utf8 mount option, which is not properly handled during UTF-8 to UTF-16 conversi...

6.2CVSS5.9AI score0.00185EPSS
CVE
CVE
added 2013/10/03 9:55 p.m.79 views

CVE-2013-4311

libvirt 1.0.5.x before 1.0.5.6, 0.10.2.x before 0.10.2.8, and 0.9.12.x before 0.9.12.2 allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition in pkcheck via a (1) setuid process or (2) pkexec process, a related issue to CVE-2013-4288...

4.6CVSS8.2AI score0.00033EPSS
CVE
CVE
added 2016/01/21 3:2 a.m.79 views

CVE-2016-0610

Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and MariaDB before 10.0.22 and 10.1.x before 10.1.9 allows remote authenticated users to affect availability via unknown vectors related to InnoDB.

3.5CVSS5.5AI score0.00517EPSS
CVE
CVE
added 2006/01/06 10:0 p.m.78 views

CVE-2005-3626

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.

5CVSS6.1AI score0.09167EPSS
CVE
CVE
added 2013/03/15 8:55 p.m.78 views

CVE-2012-6537

net/xfrm/xfrm_user.c in the Linux kernel before 3.6 does not initialize certain structures, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability.

1.9CVSS5.6AI score0.0008EPSS
CVE
CVE
added 2014/08/03 6:55 p.m.78 views

CVE-2014-0179

libvirt 0.7.5 through 1.2.x before 1.2.5 allows local users to cause a denial of service (read block and hang) via a crafted XML document containing an XML external entity declaration in conjunction with an entity reference to the (1) virConnectCompareCPU or (2) virConnectBaselineCPU API method, re...

1.9CVSS7.6AI score0.00114EPSS
CVE
CVE
added 2015/10/21 11:59 p.m.78 views

CVE-2015-4862

Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to DML.

4CVSS5AI score0.00511EPSS
CVE
CVE
added 2017/08/11 7:29 p.m.78 views

CVE-2017-3085

Adobe Flash Player versions 26.0.0.137 and earlier have a security bypass vulnerability that leads to information disclosure when performing URL redirect.

7.4CVSS7.6AI score0.00815EPSS
CVE
CVE
added 2024/01/03 5:15 p.m.78 views

CVE-2024-0217

A use-after-free flaw was found in PackageKitd. In some conditions, the order of cleanup mechanics for a transaction could be impacted. As a result, some memory access could occur on memory regions that were previously freed. Once freed, a memory region can be reused for other allocations and any p...

3.3CVSS3.7AI score0.00024EPSS
CVE
CVE
added 2024/09/03 10:15 p.m.78 views

CVE-2024-45620

A vulnerability was found in the pkcs15-init tool in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer can be incorrectly accessed.

3.9CVSS4AI score0.0005EPSS
CVE
CVE
added 2004/08/18 4:0 a.m.77 views

CVE-2004-0421

The Portable Network Graphics library (libpng) 1.0.15 and earlier allows attackers to cause a denial of service (crash) via a malformed PNG image file that triggers an error that causes an out-of-bounds read when creating the error message.

5CVSS7.1AI score0.02457EPSS
CVE
CVE
added 2005/01/27 5:0 a.m.77 views

CVE-2004-0882

Buffer overflow in the QFILEPATHINFO request handler in Samba 3.0.x through 3.0.7 may allow remote attackers to execute arbitrary code via a TRANSACT2_QFILEPATHINFO request with a small "maximum data bytes" value.

10CVSS7.4AI score0.33008EPSS
CVE
CVE
added 2005/01/10 5:0 a.m.77 views

CVE-2004-1072

The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, may create an interpreter name string that is not NULL terminated, which could cause strings longer than PATH_MAX to be used, leading to buffer overflows that allow local users to cause a denial of servi...

7.2CVSS7.5AI score0.0007EPSS
CVE
CVE
added 2019/11/04 7:15 p.m.77 views

CVE-2005-4890

There is a possible tty hijacking in shadow 4.x before 4.1.5 and sudo 1.x before 1.7.4 via "su - user -c program". The user session can be escaped to the parent session by using the TIOCSTI ioctl to push characters into the input buffer to be read by the next process.

7.8CVSS7.5AI score0.00163EPSS
CVE
CVE
added 2007/04/06 1:19 a.m.77 views

CVE-2007-1351

Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow.

8.5CVSS7.7AI score0.07488EPSS
CVE
CVE
added 2008/05/08 12:20 a.m.77 views

CVE-2007-6282

The IPsec implementation in Linux kernel before 2.6.25 allows remote routers to cause a denial of service (crash) via a fragmented ESP packet in which the first fragment does not contain the entire ESP header and IV.

7.1CVSS7AI score0.02449EPSS
CVE
CVE
added 2013/11/23 6:55 p.m.77 views

CVE-2013-0221

The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string to the sort command, when using the (1) -d or (2) -M switch, which triggers a stack-based buffer overflow in the alloca function.

4.3CVSS6.7AI score0.06006EPSS
CVE
CVE
added 2013/10/03 9:55 p.m.77 views

CVE-2013-4288

Race condition in PolicyKit (aka polkit) allows local users to bypass intended PolicyKit restrictions and gain privileges by starting a setuid or pkexec process before the authorization check is performed, related to (1) the polkit_unix_process_new API function, (2) the dbus API, or (3) the --proce...

7.2CVSS6.4AI score0.00033EPSS
CVE
CVE
added 2016/04/21 10:59 a.m.77 views

CVE-2016-0661

Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.10 and earlier allows local users to affect availability via vectors related to Options.

4.7CVSS4.8AI score0.00229EPSS
CVE
CVE
added 2019/12/06 4:15 p.m.77 views

CVE-2019-19334

In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "identityref". An application that uses libyang to parse untrusted YANG files may be vulnerable to this flaw, which would allow an attacker to cause a deni...

9.8CVSS9.7AI score0.00637EPSS
CVE
CVE
added 2019/12/06 3:15 p.m.77 views

CVE-2019-19624

An out-of-bounds read was discovered in OpenCV before 4.1.1. Specifically, variable coarsest_scale is assumed to be greater than or equal to finest_scale within the calc()/ocl_calc() functions in dis_flow.cpp. However, this is not true when dealing with small images, leading to an out-of-bounds rea...

6.5CVSS6.2AI score0.0023EPSS
CVE
CVE
added 2005/01/10 5:0 a.m.76 views

CVE-2004-0883

Multiple vulnerabilities in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 allow remote samba servers to cause a denial of service (crash) or gain sensitive information from kernel memory via a samba server (1) returning more data than requested to the smb_proc_read function, (2) returnin...

6.4CVSS7.6AI score0.19542EPSS
CVE
CVE
added 2005/02/09 5:0 a.m.76 views

CVE-2004-0977

The make_oidjoins_check script in PostgreSQL 7.4.5 and earlier allows local users to overwrite files via a symlink attack on temporary files.

2.1CVSS5.7AI score0.00088EPSS
CVE
CVE
added 2005/03/08 5:0 a.m.76 views

CVE-2005-0109

Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys,...

5.6CVSS5.4AI score0.00143EPSS
CVE
CVE
added 2013/03/06 8:55 p.m.76 views

CVE-2013-0200

HP Linux Imaging and Printing (HPLIP) through 3.12.4 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/hpcupsfilterc_#.bmp, (2) /tmp/hpcupsfilterk_#.bmp, (3) /tmp/hpcups_job#.out, (4) /tmp/hpijs_#####.out, or (5) /tmp/hpps_job#.out temporary file, a different vuln...

1.9CVSS6AI score0.00055EPSS
Total number of security vulnerabilities1688