Redhat

Enterprise Linux Eus

778 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.6

CVE-2017-10090

  • EPSS 0.49%
  • Published 08.08.2017 15:29:02
  • Last modified 20.04.2025 01:37:25

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated ...

5.3

CVE-2017-10053

  • EPSS 1.28%
  • Published 08.08.2017 15:29:01
  • Last modified 20.04.2025 01:37:25

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerabi...

7.5

CVE-2017-10664

  • EPSS 5.03%
  • Published 02.08.2017 19:29:00
  • Last modified 20.04.2025 01:37:25

qemu-nbd in QEMU (aka Quick Emulator) does not ignore SIGPIPE, which allows remote attackers to cause a denial of service (daemon crash) by disconnecting during a server-to-client reply attempt.

7.5

CVE-2016-8743

  • EPSS 8.41%
  • Published 27.07.2017 21:29:00
  • Last modified 20.04.2025 01:37:25

Apache HTTP Server, in all releases prior to 2.2.32 and 2.4.25, was liberal in the whitespace accepted from requests and sent in response lines and headers. Accepting these different behaviors represented a security concern when httpd participates in...

9.8

CVE-2017-3167

  • EPSS 9.44%
  • Published 20.06.2017 01:29:00
  • Last modified 20.04.2025 01:37:25

In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed.

7.5

CVE-2017-7668

  • EPSS 65.46%
  • Published 20.06.2017 01:29:00
  • Last modified 20.04.2025 01:37:25

The HTTP strict parsing changes added in Apache httpd 2.2.32 and 2.4.24 introduced a bug in token list parsing, which allows ap_find_token() to search past the end of its input string. By maliciously crafting a sequence of request headers, an attacke...

6.5

CVE-2017-9287

Exploit
  • EPSS 38.97%
  • Published 29.05.2017 16:29:00
  • Last modified 20.04.2025 01:37:25

servers/slapd/back-mdb/search.c in OpenLDAP through 2.4.44 is prone to a double free vulnerability. A user with access to search the directory can crash slapd by issuing a search including the Paged Results control with a page size of 0.

8.8

CVE-2016-9840

  • EPSS 13%
  • Published 23.05.2017 04:29:01
  • Last modified 20.04.2025 01:37:25

inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.

9.8

CVE-2016-9841

  • EPSS 20.28%
  • Published 23.05.2017 04:29:01
  • Last modified 20.04.2025 01:37:25

inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.

8.8

CVE-2016-9842

  • EPSS 10.91%
  • Published 23.05.2017 04:29:01
  • Last modified 20.04.2025 01:37:25

The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers.