Redhat

Enterprise Linux Hpc Node Eus

81 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2016-0758

  • EPSS 0.2%
  • Veröffentlicht 27.06.2016 10:59:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Integer overflow in lib/asn1_decoder.c in the Linux kernel before 4.6 allows local users to gain privileges via crafted ASN.1 data.

8.1

CVE-2016-3698

  • EPSS 0.77%
  • Veröffentlicht 13.06.2016 19:59:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

libndp before 1.6, as used in NetworkManager, does not properly validate the origin of Neighbor Discovery Protocol (NDP) messages, which allows remote attackers to conduct man-in-the-middle attacks or cause a denial of service (network connectivity d...

7.1

CVE-2016-2150

  • EPSS 0.07%
  • Veröffentlicht 09.06.2016 16:59:04
  • Zuletzt bearbeitet 12.04.2025 10:46:40

SPICE allows local guest OS users to read from or write to arbitrary host memory locations via crafted primary surface parameters, a similar issue to CVE-2015-5261.

10

CVE-2016-0749

  • EPSS 16.15%
  • Veröffentlicht 09.06.2016 16:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The smartcard interaction in SPICE allows remote attackers to cause a denial of service (QEMU-KVM process crash) or possibly execute arbitrary code via vectors related to connecting to a guest VM, which triggers a heap-based buffer overflow.

7.1

CVE-2015-5261

  • EPSS 0.05%
  • Veröffentlicht 07.06.2016 14:06:07
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to read and write to arbitrary memory locations on the host via guest QXL commands related to surface creation.

7.8

CVE-2015-5260

  • EPSS 0.13%
  • Veröffentlicht 07.06.2016 14:06:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possibly execute arbitrary code on the host via QXL commands related to the surface_id parameter...

7.5

CVE-2015-4605

Exploit
  • EPSS 9.11%
  • Veröffentlicht 16.05.2016 10:59:13
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The mcopy function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly restrict a certain offset value, which allows remote attackers to cause a denial of ...

7.5

CVE-2015-4604

Exploit
  • EPSS 9.11%
  • Veröffentlicht 16.05.2016 10:59:12
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The mget function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly maintain a certain pointer relationship, which allows remote attackers to cause a den...

10

CVE-2015-4603

Exploit
  • EPSS 8.13%
  • Veröffentlicht 16.05.2016 10:59:11
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The exception::getTraceAsString function in Zend/zend_exceptions.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to execute arbitrary code via an unexpected data type, related to a "type confusion" issue.

10

CVE-2015-4602

Exploit
  • EPSS 12.86%
  • Veröffentlicht 16.05.2016 10:59:10
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The __PHP_Incomplete_Class function in ext/standard/incomplete_class.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a...