Redhat

Enterprise Linux Hpc Node

146 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2016-5410

  • EPSS 0.06%
  • Published 19.04.2017 14:59:00
  • Last modified 20.04.2025 01:37:25

firewalld.py in firewalld before 0.4.3.3 allows local users to bypass authentication and modify firewall configurations via the (1) addPassthrough, (2) removePassthrough, (3) addEntry, (4) removeEntry, or (5) setEntries D-Bus API method.

3.3

CVE-2016-4455

  • EPSS 0.05%
  • Published 14.04.2017 18:59:00
  • Last modified 20.04.2025 01:37:25

The Subscription Manager package (aka subscription-manager) before 1.17.7-1 for Candlepin uses weak permissions (755) for subscription-manager cache directories, which allows local users to obtain sensitive information by reading files in the directo...

7.5

CVE-2016-6489

  • EPSS 1.68%
  • Published 14.04.2017 18:59:00
  • Last modified 20.04.2025 01:37:25

The RSA and DSA decryption code in Nettle makes it easier for attackers to discover private keys via a cache side channel attack.

7

CVE-2016-4444

Exploit
  • EPSS 0.07%
  • Published 11.04.2017 18:59:00
  • Last modified 20.04.2025 01:37:25

The allow_execmod plugin for setroubleshoot before 3.2.23 allows local users to execute arbitrary commands by triggering an execmod SELinux denial with a crafted binary filename, related to the commands.getstatusoutput function.

7

CVE-2016-4445

Exploit
  • EPSS 0.07%
  • Published 11.04.2017 18:59:00
  • Last modified 20.04.2025 01:37:25

The fix_lookup_id function in sealert in setroubleshoot before 3.2.23 allows local users to execute arbitrary commands as root by triggering an SELinux denial with a crafted file name, related to executing external commands with the commands.getstatu...

7

CVE-2016-4446

Exploit
  • EPSS 0.07%
  • Published 11.04.2017 18:59:00
  • Last modified 20.04.2025 01:37:25

The allow_execstack plugin for setroubleshoot allows local users to execute arbitrary commands by triggering an execstack SELinux denial with a crafted filename, related to the commands.getoutput function.

7

CVE-2016-4989

  • EPSS 0.05%
  • Published 11.04.2017 18:59:00
  • Last modified 20.04.2025 01:37:25

setroubleshoot allows local users to bypass an intended container protection mechanism and execute arbitrary commands by (1) triggering an SELinux denial with a crafted file name, which is handled by the _set_tpath function in audit_data.py or via a ...

9.8

CVE-2016-9636

Exploit
  • EPSS 16.64%
  • Published 27.01.2017 22:59:02
  • Last modified 20.04.2025 01:37:25

Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by providing a 'w...

9.8

CVE-2016-9634

Exploit
  • EPSS 16.09%
  • Published 27.01.2017 22:59:01
  • Last modified 20.04.2025 01:37:25

Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via the start_lin...

9.8

CVE-2016-9635

Exploit
  • EPSS 16.09%
  • Published 27.01.2017 22:59:01
  • Last modified 20.04.2025 01:37:25

Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by providing a 's...