Redhat

Enterprise Linux Server Eus

622 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2015-3411

Exploit
  • EPSS 0.26%
  • Veröffentlicht 16.05.2016 10:59:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read or write to arbitrary files via crafted input to an application that calls (1) a DOMDocument ...

5.5

CVE-2016-3712

  • EPSS 0.12%
  • Veröffentlicht 11.05.2016 21:59:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Integer overflow in the VGA module in QEMU allows local guest OS users to cause a denial of service (out-of-bounds read and QEMU process crash) by editing VGA registers in VBE mode.

8.8

CVE-2016-3710

  • EPSS 0.09%
  • Veröffentlicht 11.05.2016 21:59:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The VGA module in QEMU improperly performs bounds checking on banked access to video memory, which allows local guest OS administrators to execute arbitrary code on the host by changing access modes after setting the bank register, aka the "Dark Port...

7.1

CVE-2016-3717

  • EPSS 26.22%
  • Veröffentlicht 05.05.2016 18:59:07
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The LABEL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to read arbitrary files via a crafted image.

4.3

CVE-2016-3716

Exploit
  • EPSS 17.35%
  • Veröffentlicht 05.05.2016 18:59:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The MSL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to move arbitrary files via a crafted image.

7.8

CVE-2016-2109

  • EPSS 57.94%
  • Veröffentlicht 05.05.2016 01:59:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in the ASN.1 BIO implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (memory consumption) via a short invalid encoding.

10

CVE-2016-2108

  • EPSS 56.36%
  • Veröffentlicht 05.05.2016 01:59:04
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The ASN.1 implementation in OpenSSL before 1.0.1o and 1.0.2 before 1.0.2c allows remote attackers to execute arbitrary code or cause a denial of service (buffer underflow and memory corruption) via an ANY field in crafted serialized data, aka the "ne...

5.9

CVE-2016-2107

  • EPSS 79.14%
  • Veröffentlicht 05.05.2016 01:59:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider memory allocation during a certain padding check, which allows remote attackers to obtain sensitive cleartext information via a padding-oracle attack against...

7.5

CVE-2016-2106

  • EPSS 63.02%
  • Veröffentlicht 05.05.2016 01:59:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Integer overflow in the EVP_EncryptUpdate function in crypto/evp/evp_enc.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of data.

7.5

CVE-2016-2105

  • EPSS 50.8%
  • Veröffentlicht 05.05.2016 01:59:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Integer overflow in the EVP_EncodeUpdate function in crypto/evp/encode.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of binary data.