Redhat

Enterprise Linux Aus

44 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2017-7847

  • EPSS 0.88%
  • Published 11.06.2018 21:29:12
  • Last modified 21.11.2024 03:32:47

Crafted CSS in an RSS feed can leak and reveal local path strings, which may contain user name. This vulnerability affects Thunderbird < 52.5.2.

5.3

CVE-2017-7829

Exploit
  • EPSS 1.6%
  • Published 11.06.2018 21:29:11
  • Last modified 21.11.2024 03:32:45

It is possible to spoof the sender's email address and display an arbitrary sender address to the email recipient. The real sender's address is not displayed if preceded by a null character in the display string. This vulnerability affects Thunderbir...

9.8

CVE-2017-7824

  • EPSS 12.61%
  • Published 11.06.2018 21:29:11
  • Last modified 21.11.2024 03:32:44

A buffer overflow occurs when drawing and validating elements with the ANGLE graphics library, used for WebGL content. This is due to an incorrect value being passed within the library during checks and results in a potentially exploitable crash. Thi...

9.8

CVE-2016-9901

  • EPSS 2.14%
  • Published 11.06.2018 21:29:02
  • Last modified 21.11.2024 03:01:58

HTML tags received from the Pocket server will be processed without sanitization and any JavaScript code executed will be run in the "about:pocket-saved" (unprivileged) page, giving it access to Pocket's messaging API through HTML injection. This vul...

5.9

CVE-2018-1049

  • EPSS 0.76%
  • Published 16.02.2018 21:29:00
  • Last modified 21.11.2024 03:59:04

In systemd prior to 234 a race condition exists between .mount and .automount units such that automount requests from kernel may not be serviced by systemd resulting in kernel holding the mountpoint and any processes that try to use said mount will h...

7.6

CVE-2017-10661

  • EPSS 27.64%
  • Published 19.08.2017 18:29:00
  • Last modified 20.04.2025 01:37:25

Race condition in fs/timerfd.c in the Linux kernel before 4.10.15 allows local users to gain privileges or cause a denial of service (list corruption or use-after-free) via simultaneous file-descriptor operations that leverage improper might_cancel q...

7.2

CVE-2016-5195

Warning Exploit
  • EPSS 94.18%
  • Published 10.11.2016 21:59:00
  • Last modified 12.04.2025 10:46:40

Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in Oc...

2.1

CVE-2014-9585

Exploit
  • EPSS 0.05%
  • Published 09.01.2015 21:59:02
  • Last modified 12.04.2025 10:46:40

The vdso_addr function in arch/x86/vdso/vma.c in the Linux kernel through 3.18.2 does not properly choose memory locations for the vDSO area, which makes it easier for local users to bypass the ASLR protection mechanism by guessing a location at the ...

2.1

CVE-2014-9584

  • EPSS 0.13%
  • Published 09.01.2015 21:59:01
  • Last modified 12.04.2025 10:46:40

The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel before 3.18.2 does not validate a length value in the Extensions Reference (ER) System Use Field, which allows local users to obtain sensitive information from kernel...

3.6

CVE-2011-1182

Exploit
  • EPSS 0.06%
  • Published 01.03.2013 12:37:53
  • Last modified 11.04.2025 00:51:21

kernel/signal.c in the Linux kernel before 2.6.39 allows local users to spoof the uid and pid of a signal sender via a sigqueueinfo system call.