Redhat

Enterprise Linux Eus

779 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2018-16877

  • EPSS 0.04%
  • Veröffentlicht 18.04.2019 18:29:00
  • Zuletzt bearbeitet 21.11.2024 03:53:30

A flaw was found in the way pacemaker's client-server authentication was implemented in versions up to and including 2.0.0. A local attacker could use this flaw, and combine it with other IPC weaknesses, to achieve local privilege escalation.

5.5

CVE-2018-16878

  • EPSS 0.02%
  • Veröffentlicht 18.04.2019 18:29:00
  • Zuletzt bearbeitet 21.11.2024 03:53:30

A flaw was found in pacemaker up to and including version 2.0.1. An insufficient verification inflicted preference of uncontrolled processes can lead to DoS

6.5

CVE-2019-3459

Exploit
  • EPSS 0.48%
  • Veröffentlicht 11.04.2019 16:29:02
  • Zuletzt bearbeitet 21.11.2024 04:42:05

A heap address information leak while using L2CAP_GET_CONF_OPT was discovered in the Linux kernel before 5.1-rc1.

6.5

CVE-2019-3460

Exploit
  • EPSS 0.48%
  • Veröffentlicht 11.04.2019 16:29:02
  • Zuletzt bearbeitet 21.11.2024 04:42:05

A heap data infoleak in multiple locations including L2CAP_PARSE_CONF_RSP was found in the Linux kernel before 5.1-rc1.

5.6

CVE-2019-3887

  • EPSS 0.05%
  • Veröffentlicht 09.04.2019 16:29:01
  • Zuletzt bearbeitet 21.11.2024 04:42:48

A flaw was found in the way KVM hypervisor handled x2APIC Machine Specific Rregister (MSR) access with nested(=1) virtualization enabled. In that, L1 guest could access L0's APIC register values via L2 guest, when 'virtualize x2APIC mode' is enabled....

6.5

CVE-2019-0757

  • EPSS 7.14%
  • Veröffentlicht 09.04.2019 02:29:00
  • Zuletzt bearbeitet 21.11.2024 04:17:13

A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated attacker to modify a NuGet package's folder structure, aka 'NuGet Package Manager Tampering Vulnerability'.

7.8

CVE-2019-0211

Warnung Exploit
  • EPSS 89.01%
  • Veröffentlicht 08.04.2019 22:29:00
  • Zuletzt bearbeitet 27.10.2025 17:37:51

In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with...

9.8

CVE-2019-0160

  • EPSS 0.28%
  • Veröffentlicht 27.03.2019 20:29:03
  • Zuletzt bearbeitet 21.11.2024 04:16:22

Buffer overflow in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege and/or denial of service via network access.

9.1

CVE-2019-9948

Exploit
  • EPSS 0.94%
  • Veröffentlicht 23.03.2019 18:29:02
  • Zuletzt bearbeitet 21.11.2024 04:52:39

urllib in Python 2.x through 2.7.16 supports the local_file: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggering a urllib.urlopen('local_file:///etc/passwd') call...

6.5

CVE-2019-9903

Exploit
  • EPSS 0.78%
  • Veröffentlicht 21.03.2019 18:29:00
  • Zuletzt bearbeitet 21.11.2024 04:52:32

PDFDoc::markObject in PDFDoc.cc in Poppler 0.74.0 mishandles dict marking, leading to stack consumption in the function Dict::find() located at Dict.cc, which can (for example) be triggered by passing a crafted pdf file to the pdfunite binary.