Enterprise Linux Security Vulnerabilities and Issues — Enterprise Linux CVE List

Lucene search

RedhatEnterprise Linux

4 matches found

CVE•added 2014/12/24 6:59 p.m.•108 views

CVE-2004-2771

The expand function in fio.c in Heirloom mailx 12.5 and earlier and BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in an email address.

7.5CVSS7.8AI score0.01819EPSS

CVE•added 2014/12/24 6:59 p.m.•93 views

CVE-2014-8137

Double free vulnerability in the jas_iccattrval_destroy function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted ICC color profile in a JPEG 2000 image file.

6.8CVSS6.3AI score0.31457EPSS

CVE•added 2014/12/24 6:59 p.m.•90 views

CVE-2014-8138

Heap-based buffer overflow in the jp2_decode function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 file.

7.5CVSS6.5AI score0.05895EPSS

CVE•added 2014/12/01 3:59 p.m.•73 views

CVE-2014-8867

The acceleration support for the "REP MOVS" instruction in Xen 4.4.x, 3.2.x, and earlier lacks properly bounds checking for memory mapped I/O (MMIO) emulated in the hypervisor, which allows local HVM guests to cause a denial of service (host crash) via unspecified vectors.

4.9CVSS5.2AI score0.00126EPSS