Redhat

Enterprise Linux Eus

784 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 2.7%
  • Veröffentlicht 09.04.2019 02:29:00
  • Zuletzt bearbeitet 21.11.2024 04:17:13

A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated attacker to modify a NuGet package's folder structure, aka 'NuGet Package Manager Tampering Vulnerability'.

Warnung Exploit
  • EPSS 65.01%
  • Veröffentlicht 08.04.2019 22:29:00
  • Zuletzt bearbeitet 27.10.2025 17:37:51

In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with...

  • EPSS 1.34%
  • Veröffentlicht 27.03.2019 20:29:03
  • Zuletzt bearbeitet 21.11.2024 04:16:22

Buffer overflow in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege and/or denial of service via network access.

Exploit
  • EPSS 11.84%
  • Veröffentlicht 23.03.2019 18:29:02
  • Zuletzt bearbeitet 21.11.2024 04:52:39

urllib in Python 2.x through 2.7.16 supports the local_file: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggering a urllib.urlopen('local_file:///etc/passwd') call...

Exploit
  • EPSS 2.25%
  • Veröffentlicht 21.03.2019 18:29:00
  • Zuletzt bearbeitet 21.11.2024 04:52:32

PDFDoc::markObject in PDFDoc.cc in Poppler 0.74.0 mishandles dict marking, leading to stack consumption in the function Dict::find() located at Dict.cc, which can (for example) be triggered by passing a crafted pdf file to the pdfunite binary.

Exploit
  • EPSS 0.68%
  • Veröffentlicht 21.03.2019 16:01:11
  • Zuletzt bearbeitet 21.11.2024 04:47:47

The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak.

Exploit
  • EPSS 2.04%
  • Veröffentlicht 21.03.2019 16:01:08
  • Zuletzt bearbeitet 21.11.2024 04:46:28

An issue was discovered in sd-bus in systemd 239. bus_process_object() in libsystemd/sd-bus/bus-objects.c allocates a variable-length stack buffer for temporarily storing the object path of incoming D-Bus messages. An unprivileged local user can expl...

  • EPSS 14.74%
  • Veröffentlicht 14.03.2019 22:29:01
  • Zuletzt bearbeitet 21.11.2024 04:42:36

Openwsman, versions up to and including 2.6.9, are vulnerable to arbitrary file disclosure because the working directory of openwsmand daemon was set to root directory. A remote, unauthenticated attacker can exploit this vulnerability by sending a sp...

  • EPSS 8.81%
  • Veröffentlicht 08.03.2019 21:29:00
  • Zuletzt bearbeitet 21.11.2024 04:52:01

Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: Improper Handling of Unicode Encoding (with an incorrect netloc) during NFKC normalization. The impact is: Information disclosure (credentials, cookies, etc. that are cached against a ...

Exploit
  • EPSS 3.53%
  • Veröffentlicht 20.02.2019 00:29:00
  • Zuletzt bearbeitet 21.11.2024 04:47:41

SQLAlchemy through 1.2.17 and 1.3.x through 1.3.0b2 allows SQL Injection via the order_by parameter.