Redhat

Enterprise Linux Eus

784 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 20.23%
  • Veröffentlicht 20.06.2017 01:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed.

  • EPSS 57.47%
  • Veröffentlicht 20.06.2017 01:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

The HTTP strict parsing changes added in Apache httpd 2.2.32 and 2.4.24 introduced a bug in token list parsing, which allows ap_find_token() to search past the end of its input string. By maliciously crafting a sequence of request headers, an attacke...

Exploit
  • EPSS 7.14%
  • Veröffentlicht 29.05.2017 16:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

servers/slapd/back-mdb/search.c in OpenLDAP through 2.4.44 is prone to a double free vulnerability. A user with access to search the directory can crash slapd by issuing a search including the Paged Results control with a page size of 0.

  • EPSS 4.79%
  • Veröffentlicht 23.05.2017 04:29:01
  • Zuletzt bearbeitet 13.05.2026 00:24:29

inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.

  • EPSS 7.49%
  • Veröffentlicht 23.05.2017 04:29:01
  • Zuletzt bearbeitet 13.05.2026 00:24:29

inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.

  • EPSS 5.16%
  • Veröffentlicht 23.05.2017 04:29:01
  • Zuletzt bearbeitet 13.05.2026 00:24:29

The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers.

  • EPSS 5.95%
  • Veröffentlicht 23.05.2017 04:29:01
  • Zuletzt bearbeitet 13.05.2026 00:24:29

The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.

Warnung Exploit
  • EPSS 96.97%
  • Veröffentlicht 27.04.2017 01:59:02
  • Zuletzt bearbeitet 21.04.2026 18:02:58

Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a "/OutputFile (%pipe%" substring in a crafted .eps document that is an input to the gs program, as exploited in the wild in ...

  • EPSS 3.08%
  • Veröffentlicht 24.04.2017 19:59:01
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privi...

  • EPSS 2.96%
  • Veröffentlicht 24.04.2017 19:59:01
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows high privileged...