Redhat

Enterprise Linux Server Tus

765 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2019-17017

  • EPSS 2.63%
  • Veröffentlicht 08.01.2020 22:15:12
  • Zuletzt bearbeitet 21.11.2024 04:31:33

Due to a missing case handling object types, a type confusion vulnerability could occur, resulting in a crash. We presume that with enough effort that it could be exploited to run arbitrary code. This vulnerability affects Firefox ESR < 68.4 and Fire...

6.1

CVE-2019-17022

  • EPSS 4.63%
  • Veröffentlicht 08.01.2020 22:15:12
  • Zuletzt bearbeitet 21.11.2024 04:31:33

When pasting a <style> tag from the clipboard into a rich text editor, the CSS sanitizer does not escape < and > characters. Because the resulting string is pasted directly into the text node of the element this does not result in a direc...

8.8

CVE-2019-17024

Exploit
  • EPSS 3.28%
  • Veröffentlicht 08.01.2020 22:15:12
  • Zuletzt bearbeitet 21.11.2024 04:31:34

Mozilla developers reported memory safety bugs present in Firefox 71 and Firefox ESR 68.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. T...

7.5

CVE-2019-19906

Exploit
  • EPSS 0.4%
  • Veröffentlicht 19.12.2019 18:15:12
  • Zuletzt bearbeitet 21.11.2024 04:35:37

cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet. The OpenLDAP crash is ultimately caused by an off-by-one error in _sasl_add_string in common.c ...

8.1

CVE-2018-1311

  • EPSS 3.86%
  • Veröffentlicht 18.12.2019 20:15:15
  • Zuletzt bearbeitet 21.11.2024 03:59:36

The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-free error triggered during the scanning of external DTDs. This flaw has not been addressed in the maintained version of the library and has no current mitigation other than to disabl...

8.8

CVE-2019-13734

  • EPSS 5.9%
  • Veröffentlicht 10.12.2019 22:15:13
  • Zuletzt bearbeitet 21.11.2024 04:25:36

Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

9.8

CVE-2019-5544

Warnung
  • EPSS 93.04%
  • Veröffentlicht 06.12.2019 16:15:11
  • Zuletzt bearbeitet 07.02.2025 14:59:31

OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8.

7.8

CVE-2019-10216

  • EPSS 0.53%
  • Veröffentlicht 27.11.2019 13:15:10
  • Zuletzt bearbeitet 21.11.2024 04:18:40

In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that coul...

7.8

CVE-2019-14815

  • EPSS 0.18%
  • Veröffentlicht 25.11.2019 11:15:11
  • Zuletzt bearbeitet 21.11.2024 04:27:25

A vulnerability was found in Linux Kernel, where a Heap Overflow was found in mwifiex_set_wmm_params() function of Marvell Wifi Driver.

6.5

CVE-2018-12207

  • EPSS 0.26%
  • Veröffentlicht 14.11.2019 20:15:11
  • Zuletzt bearbeitet 21.11.2024 03:44:45

Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access.