Redhat

Enterprise Linux Eus

779 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2014-9322

Exploit
  • EPSS 5.76%
  • Veröffentlicht 17.12.2014 11:59:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

arch/x86/kernel/entry_64.S in the Linux kernel before 3.17.5 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to gain privileges by triggering an IRET instruction that leads to access t...

3.5

CVE-2014-5353

  • EPSS 0.87%
  • Veröffentlicht 16.12.2014 23:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The krb5_ldap_get_password_policy_from_dn function in plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c in MIT Kerberos 5 (aka krb5) before 1.13.1, when the KDC uses LDAP, allows remote authenticated users to cause a denial of service (daemon crash) via...

5

CVE-2014-8964

  • EPSS 2.09%
  • Veröffentlicht 16.12.2014 18:59:10
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Heap-based buffer overflow in PCRE 8.36 and earlier allows remote attackers to cause a denial of service (crash) or have other unspecified impact via a crafted regular expression, related to an assertion that allows zero repeats.

7.5

CVE-2014-7840

  • EPSS 2.46%
  • Veröffentlicht 12.12.2014 15:59:08
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The host_from_stream_offset function in arch_init.c in QEMU, when loading RAM during migration, allows remote attackers to execute arbitrary code via a crafted (1) offset or (2) length value in savevm data.

5

CVE-2014-7815

  • EPSS 5.23%
  • Veröffentlicht 14.11.2014 15:59:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The set_pixel_format function in ui/vnc.c in QEMU allows remote attackers to cause a denial of service (crash) via a small bytes_per_pixel value.

2.1

CVE-2014-3615

  • EPSS 0.09%
  • Veröffentlicht 01.11.2014 23:55:09
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The VGA emulator in QEMU allows local guest users to read host memory by setting the display to a high resolution.

5

CVE-2014-3581

  • EPSS 3.87%
  • Veröffentlicht 10.10.2014 10:55:07
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The cache_merge_headers_out function in modules/cache/cache_util.c in the mod_cache module in the Apache HTTP Server before 2.4.11 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty HTTP...

10

CVE-2014-7169

Warnung Exploit
  • EPSS 89.61%
  • Veröffentlicht 25.09.2014 01:55:04
  • Zuletzt bearbeitet 22.10.2025 01:16:04

GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted enviro...

10

CVE-2014-6271

Warnung Exploit
  • EPSS 94.22%
  • Veröffentlicht 24.09.2014 18:48:04
  • Zuletzt bearbeitet 22.10.2025 01:15:57

GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceComman...

6.2

CVE-2014-5045

Exploit
  • EPSS 0.03%
  • Veröffentlicht 01.08.2014 11:13:09
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The mountpoint_last function in fs/namei.c in the Linux kernel before 3.15.8 does not properly maintain a certain reference count during attempts to use the umount system call in conjunction with a symlink, which allows local users to cause a denial ...