Lucene search

K
RedhatEnterprise Linux5.0

139 matches found

CVE
CVE
added 2014/09/24 6:48 p.m.2727 views

CVE-2014-6271

GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cg...

10CVSS9.9AI score0.9422EPSS
CVE
CVE
added 2011/02/22 7:0 p.m.1811 views

CVE-2011-1002

avahi-core/socket.c in avahi-daemon in Avahi before 0.6.29 allows remote attackers to cause a denial of service (infinite loop) via an empty mDNS (1) IPv4 or (2) IPv6 UDP packet to port 5353. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-2244.

5CVSS7.8AI score0.75281EPSS
CVE
CVE
added 2016/09/01 12:59 a.m.1534 views

CVE-2016-2183

The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted sess...

7.5CVSS6.5AI score0.38333EPSS
CVE
CVE
added 2014/09/25 1:55 a.m.1236 views

CVE-2014-7169

GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the F...

10CVSS8.4AI score0.9422EPSS
CVE
CVE
added 2019/09/20 7:15 p.m.744 views

CVE-2019-14816

There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.

7.8CVSS9.1AI score0.00289EPSS
CVE
CVE
added 2019/06/19 12:15 a.m.712 views

CVE-2019-11477

Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182...

7.8CVSS7.5AI score0.76442EPSS
CVE
CVE
added 2019/09/20 7:15 p.m.688 views

CVE-2019-14814

There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.

7.8CVSS9AI score0.00254EPSS
CVE
CVE
added 2010/12/06 8:13 p.m.564 views

CVE-2010-3904

The rds_page_copy_user function in net/rds/page.c in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel before 2.6.36 does not properly validate addresses obtained from user space, which allows local users to gain privileges via crafted use of the sendmsg and recvmsg sy...

7.8CVSS6.4AI score0.02116EPSS
CVE
CVE
added 2019/06/19 12:15 a.m.558 views

CVE-2019-11478

Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. This has been fixed in stable kerne...

7.5CVSS6.4AI score0.27962EPSS
CVE
CVE
added 2018/06/11 9:29 p.m.546 views

CVE-2016-9079

A use-after-free vulnerability in SVG Animation has been discovered. An exploit built on this vulnerability has been discovered in the wild targeting Firefox and Tor Browser users on Windows. This vulnerability affects Firefox < 50.0.2, Firefox ESR < 45.5.1, and Thunderbird < 45.5.1.

7.5CVSS7.2AI score0.84964EPSS
CVE
CVE
added 2016/07/06 2:59 p.m.418 views

CVE-2016-6170

ISC BIND through 9.9.9-P1, 9.10.x through 9.10.4-P1, and 9.11.x through 9.11.0b1 allows primary DNS servers to cause a denial of service (secondary DNS server crash) via a large AXFR response, and possibly allows IXFR servers to cause a denial of service (IXFR client crash) via a large IXFR respons...

6.5CVSS6.2AI score0.01907EPSS
CVE
CVE
added 2020/12/15 5:15 p.m.400 views

CVE-2020-27777

A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication. On a locked down (usually due to Secure Boot) guest system running on top of PowerVM or KVM hypervisors (pseries platform) a root like local user could use this flaw to further increase their privileges t...

7.2CVSS6.8AI score0.00025EPSS
CVE
CVE
added 2020/02/20 5:15 p.m.356 views

CVE-2014-4650

The CGIHTTPServer module in Python 2.7.5 and 3.3.4 does not properly handle URLs in which URL encoding is used for path separators, which allows remote attackers to read script source code or conduct directory traversal attacks and execute unintended code via a crafted character sequence, as demons...

9.8CVSS7.5AI score0.10304EPSS
CVE
CVE
added 2018/11/06 10:29 p.m.356 views

CVE-2018-14667

The RichFaces Framework 3.X through 3.3.4 is vulnerable to Expression Language (EL) injection via the UserResource resource. A remote, unauthenticated attacker could exploit this to execute arbitrary code using a chain of java serialized objects via org.ajax4jsf.resource.UserResource$UriData.

9.8CVSS9.7AI score0.88931EPSS
CVE
CVE
added 2010/11/05 5:0 p.m.355 views

CVE-2010-2941

ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request.

9.8CVSS9.6AI score0.27685EPSS
CVE
CVE
added 2019/11/27 1:15 p.m.352 views

CVE-2019-10216

In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges and access files outside of r...

7.8CVSS7.6AI score0.00526EPSS
CVE
CVE
added 2020/05/12 7:15 p.m.334 views

CVE-2020-12826

A signal access-control issue was discovered in the Linux kernel before 5.6.5, aka CID-7395ea4e65c2. Because exec_id in include/linux/sched.h is only 32 bits, an integer overflow can interfere with a do_notify_parent protection mechanism. A child process can send an arbitrary signal to a parent pro...

5.3CVSS6AI score0.00026EPSS
CVE
CVE
added 2019/04/11 4:29 p.m.317 views

CVE-2019-3459

A heap address information leak while using L2CAP_GET_CONF_OPT was discovered in the Linux kernel before 5.1-rc1.

6.5CVSS6.8AI score0.00199EPSS
CVE
CVE
added 2019/12/19 6:15 p.m.305 views

CVE-2019-19906

cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet. The OpenLDAP crash is ultimately caused by an off-by-one error in _sasl_add_string in common.c in cyrus-sasl.

7.5CVSS7.5AI score0.00228EPSS
CVE
CVE
added 2021/05/28 11:15 a.m.300 views

CVE-2020-25710

A flaw was found in OpenLDAP in versions before 2.4.56. This flaw allows an attacker who sends a malicious packet processed by OpenLDAP to force a failed assertion in csnNormalize23(). The highest threat from this vulnerability is to system availability.

7.5CVSS7.2AI score0.02005EPSS
CVE
CVE
added 2020/12/08 1:15 a.m.289 views

CVE-2020-25692

A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. An unauthenticated attacker could remotely crash the slapd process by sending a specially crafted request, causing a Denial of Service.

7.5CVSS7.5AI score0.00652EPSS
CVE
CVE
added 2019/05/16 7:29 p.m.258 views

CVE-2019-3839

It was found that in ghostscript some privileged operators remained accessible from various places after the CVE-2019-6116 fix. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER. Ghostscript ...

7.8CVSS7.7AI score0.62738EPSS
CVE
CVE
added 2020/12/04 3:15 p.m.257 views

CVE-2020-27771

In RestoreMSCWarning() of /coders/pdf.c there are several areas where calls to GetPixelIndex() could result in values outside the range of representable for the unsigned char type. The patch casts the return value of GetPixelIndex() to ssize_t type to avoid this bug. This undefined behavior could b...

4.3CVSS4.8AI score0.00072EPSS
CVE
CVE
added 2020/12/04 10:15 p.m.255 views

CVE-2020-27773

A flaw was found in ImageMagick in MagickCore/gem-private.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned char or division by zero. This would most likely lead to an impact to applic...

4.3CVSS4.7AI score0.00059EPSS
CVE
CVE
added 2020/12/04 9:15 p.m.253 views

CVE-2020-27774

A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of a too large shift for 64-bit type ssize_t. This would most likely lead to an impact to application availability, but cou...

4.3CVSS4.7AI score0.00059EPSS
CVE
CVE
added 2020/12/04 9:15 p.m.253 views

CVE-2020-27775

A flaw was found in ImageMagick in MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned char. This would most likely lead to an impact to application availability, but ...

4.3CVSS4.6AI score0.00059EPSS
CVE
CVE
added 2020/12/04 9:15 p.m.249 views

CVE-2020-27776

A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned long. This would most likely lead to an impact to application availability, bu...

4.3CVSS4.6AI score0.00045EPSS
CVE
CVE
added 2020/12/04 10:15 p.m.242 views

CVE-2020-27772

A flaw was found in ImageMagick in coders/bmp.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned int. This would most likely lead to an impact to application availability, but could pot...

4.3CVSS4.6AI score0.00059EPSS
CVE
CVE
added 2017/10/05 1:29 a.m.241 views

CVE-2017-1000111

Linux kernel: heap out-of-bounds in AF_PACKET sockets. This new issue is analogous to previously disclosed CVE-2016-8655. In both cases, a socket option that changes socket state may race with safety checks in packet_set_ring. Previously with PACKET_VERSION. This time with PACKET_RESERVE. The solut...

7.8CVSS7.8AI score0.39139EPSS
CVE
CVE
added 2016/05/02 10:59 a.m.236 views

CVE-2015-1350

The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attributes, which allows local users to cause a denial of service (capability stripping) via a failed invocation of a system call, as demonstra...

5.5CVSS6.3AI score0.00033EPSS
CVE
CVE
added 2020/01/31 10:15 p.m.236 views

CVE-2015-6815

The process_tx_desc function in hw/net/e1000.c in QEMU before 2.4.0.1 does not properly process transmit descriptor data when sending a network packet, which allows attackers to cause a denial of service (infinite loop and guest crash) via unspecified vectors.

3.5CVSS5AI score0.01897EPSS
CVE
CVE
added 2021/03/04 10:15 p.m.234 views

CVE-2020-25639

A NULL pointer dereference flaw was found in the Linux kernel's GPU Nouveau driver functionality in versions prior to 5.12-rc1 in the way the user calls ioctl DRM_IOCTL_NOUVEAU_CHANNEL_ALLOC. This flaw allows a local user to crash the system.

4.9CVSS5.5AI score0.00119EPSS
CVE
CVE
added 2019/03/25 7:29 p.m.225 views

CVE-2019-3838

It was found that the forceput operator could be extracted from the DefineResource method in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER.

7.3CVSS5.6AI score0.01038EPSS
CVE
CVE
added 2014/11/04 4:55 p.m.186 views

CVE-2014-3660

parser.c in libxml2 before 2.9.2 does not properly prevent entity expansion even when entity substitution has been disabled, which allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted XML document containing a large number of nested entity references, a va...

5CVSS5.9AI score0.04812EPSS
CVE
CVE
added 2015/01/21 6:59 p.m.184 views

CVE-2015-0408

Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI.

10CVSS3.8AI score0.09938EPSS
CVE
CVE
added 2012/03/22 4:55 p.m.179 views

CVE-2011-3045

Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file, a dif...

8.8CVSS9AI score0.34687EPSS
CVE
CVE
added 2019/11/13 9:15 p.m.168 views

CVE-2010-4657

PHP5 before 5.4.4 allows passing invalid utf-8 strings via the xmlTextWriterWriteAttribute, which are then misparsed by libxml2. This results in memory leak into the resulting output.

7.5CVSS7.4AI score0.0157EPSS
CVE
CVE
added 2018/06/11 9:29 p.m.167 views

CVE-2017-5390

The JSON viewer in the Developer Tools uses insecure methods to create a communication channel for copying and viewing JSON or HTTP headers data, allowing for potential privilege escalation. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51.

9.8CVSS8.9AI score0.02708EPSS
CVE
CVE
added 2020/12/04 3:15 p.m.163 views

CVE-2020-27765

A flaw was found in ImageMagick in MagickCore/segment.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. This would most likely lead to an impact to application availability, but could potentially cause o...

4.3CVSS4.6AI score0.00064EPSS
CVE
CVE
added 2021/05/28 11:15 a.m.160 views

CVE-2021-20239

A flaw was found in the Linux kernel in versions before 5.4.92 in the BPF protocol. This flaw allows an attacker with a local account to leak information about kernel internal addresses. The highest threat from this vulnerability is to confidentiality.

3.3CVSS4.4AI score0.00092EPSS
CVE
CVE
added 2020/12/04 3:15 p.m.159 views

CVE-2020-27767

A flaw was found in ImageMagick in MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of types float and unsigned char. This would most likely lead to an impact to application availab...

4.3CVSS4.7AI score0.00059EPSS
CVE
CVE
added 2015/01/21 6:59 p.m.158 views

CVE-2015-0410

Unspecified vulnerability in the Java SE, Java SE Embedded, JRockit component in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows remote attackers to affect availability via unknown vectors related to Security.

5CVSS3.9AI score0.02489EPSS
CVE
CVE
added 2018/11/12 7:29 p.m.153 views

CVE-2018-19214

Netwide Assembler (NASM) 2.14rc15 has a heap-based buffer over-read in expand_mmac_params in asm/preproc.c for insufficient input.

7.8CVSS6.2AI score0.00223EPSS
CVE
CVE
added 2018/06/11 9:29 p.m.152 views

CVE-2017-5380

A potential use-after-free found through fuzzing during DOM manipulation of SVG content. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51.

9.8CVSS9.1AI score0.02031EPSS
CVE
CVE
added 2015/01/21 6:59 p.m.148 views

CVE-2014-6601

Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.

10CVSS3.6AI score0.141EPSS
CVE
CVE
added 2018/06/11 9:29 p.m.148 views

CVE-2016-9899

Use-after-free while manipulating DOM events and removing audio elements due to errors in the handling of node adoption. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.

9.8CVSS8.8AI score0.39485EPSS
CVE
CVE
added 2018/11/12 7:29 p.m.144 views

CVE-2018-19215

Netwide Assembler (NASM) 2.14rc16 has a heap-based buffer over-read in expand_mmac_params in asm/preproc.c for the special cases of the % and $ and ! characters.

7.8CVSS6.2AI score0.00223EPSS
CVE
CVE
added 2018/06/11 9:29 p.m.143 views

CVE-2017-5386

WebExtension scripts can use the "data:" protocol to affect pages loaded by other web extensions using this protocol, leading to potential data disclosure or privilege escalation in affected extensions. This vulnerability affects Firefox ESR < 45.7 and Firefox < 51.

7.5CVSS7.6AI score0.01186EPSS
CVE
CVE
added 2018/06/11 9:29 p.m.142 views

CVE-2016-9893

Memory safety bugs were reported in Thunderbird 45.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird <...

9.8CVSS9.7AI score0.03554EPSS
CVE
CVE
added 2020/01/27 4:15 p.m.140 views

CVE-2015-0294

GnuTLS before 3.3.13 does not validate that the signature algorithms match when importing a certificate.

7.5CVSS7.3AI score0.00584EPSS
Total number of security vulnerabilities139