Redhat

Enterprise Linux Server Eus

622 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2018-17183

  • EPSS 0.72%
  • Veröffentlicht 19.09.2018 15:29:19
  • Zuletzt bearbeitet 21.11.2024 03:54:02

Artifex Ghostscript before 9.25 allowed a user-writable error exception table, which could be used by remote attackers able to supply crafted PostScript to potentially overwrite or replace error handlers to inject code.

7.8

CVE-2018-11781

  • EPSS 0.25%
  • Veröffentlicht 17.09.2018 14:29:00
  • Zuletzt bearbeitet 21.11.2024 03:44:01

Apache SpamAssassin 3.4.2 fixes a local user code injection in the meta rule syntax.

7.5

CVE-2018-14638

  • EPSS 0.86%
  • Veröffentlicht 14.09.2018 19:29:00
  • Zuletzt bearbeitet 21.11.2024 03:49:29

A flaw was found in 389-ds-base before version 1.3.8.4-13. The process ns-slapd crashes in delete_passwdPolicy function when persistent search connections are terminated unexpectedly leading to remote denial of service.

7.8

CVE-2016-7035

  • EPSS 0.1%
  • Veröffentlicht 10.09.2018 16:29:00
  • Zuletzt bearbeitet 21.11.2024 02:57:19

An authorization flaw was found in Pacemaker before 1.1.16, where it did not properly guard its IPC interface. An attacker with an unprivileged account on a Pacemaker node could use this flaw to, for example, force the Local Resource Manager daemon t...

7.8

CVE-2018-16802

  • EPSS 0.97%
  • Veröffentlicht 10.09.2018 16:29:00
  • Zuletzt bearbeitet 21.11.2024 03:53:22

An issue was discovered in Artifex Ghostscript before 9.25. Incorrect "restoration of privilege" checking when running out of stack during exception handling could be used by attackers able to supply crafted PostScript to execute code using the "pipe...

7.8

CVE-2018-5391

  • EPSS 3.82%
  • Veröffentlicht 06.09.2018 21:29:00
  • Zuletzt bearbeitet 21.11.2024 04:08:43

The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments...

7.5

CVE-2018-14624

Exploit
  • EPSS 1.48%
  • Veröffentlicht 06.09.2018 14:29:00
  • Zuletzt bearbeitet 21.11.2024 03:49:26

A vulnerability was discovered in 389-ds-base through versions 1.3.7.10, 1.3.8.8 and 1.4.0.16. The lock controlling the error log was not correctly used when re-opening the log file in log__error_emergency(). An attacker could send a flood of modific...

5.5

CVE-2018-16539

  • EPSS 0.35%
  • Veröffentlicht 05.09.2018 18:29:00
  • Zuletzt bearbeitet 21.11.2024 03:52:55

In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect access checking in temp file handling to disclose contents of files on the system otherwise not readable.

7.8

CVE-2018-16540

  • EPSS 0.28%
  • Veröffentlicht 05.09.2018 18:29:00
  • Zuletzt bearbeitet 21.11.2024 03:52:56

In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files to the builtin PDF14 converter could use a use-after-free in copydevice handling to crash the interpreter or possibly have unspecified other impact.

5.5

CVE-2018-16541

  • EPSS 0.45%
  • Veröffentlicht 05.09.2018 18:29:00
  • Zuletzt bearbeitet 21.11.2024 03:52:56

In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect free logic in pagedevice replacement to crash the interpreter.