Redhat

Enterprise Linux Tus

20 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.6

CVE-2020-14355

  • EPSS 1.63%
  • Veröffentlicht 07.10.2020 15:15:12
  • Zuletzt bearbeitet 21.11.2024 05:03:04

Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system, before spice-0.14.2-1. Both the SPICE client (spice-gtk) and server are affected by these flaws. These flaws allow a malicious ...

5

CVE-2020-1045

  • EPSS 20.52%
  • Veröffentlicht 11.09.2020 17:15:18
  • Zuletzt bearbeitet 21.11.2024 05:09:37

<p>A security feature bypass vulnerability exists in the way Microsoft ASP.NET Core parses encoded cookie names.</p> <p>The ASP.NET Core cookie parser decodes entire cookie strings which could allow a malicious attacker to set a second cookie with th...

4.3

CVE-2020-2590

  • EPSS 0.42%
  • Veröffentlicht 15.01.2020 17:15:19
  • Zuletzt bearbeitet 21.11.2024 05:25:39

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unau...

7.8

CVE-2019-14816

Exploit
  • EPSS 0.23%
  • Veröffentlicht 20.09.2019 19:15:11
  • Zuletzt bearbeitet 21.11.2024 04:27:25

There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.

8.1

CVE-2019-9506

  • EPSS 3.28%
  • Veröffentlicht 14.08.2019 17:15:11
  • Zuletzt bearbeitet 21.11.2024 04:51:45

The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") tha...

5.5

CVE-2018-16878

  • EPSS 0.02%
  • Veröffentlicht 18.04.2019 18:29:00
  • Zuletzt bearbeitet 21.11.2024 03:53:30

A flaw was found in pacemaker up to and including version 2.0.1. An insufficient verification inflicted preference of uncontrolled processes can lead to DoS

9.1

CVE-2019-9948

Exploit
  • EPSS 0.94%
  • Veröffentlicht 23.03.2019 18:29:02
  • Zuletzt bearbeitet 21.11.2024 04:52:39

urllib in Python 2.x through 2.7.16 supports the local_file: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggering a urllib.urlopen('local_file:///etc/passwd') call...

9.8

CVE-2017-15041

  • EPSS 5.41%
  • Veröffentlicht 05.10.2017 21:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Go before 1.8.4 and 1.9.x before 1.9.1 allows "go get" remote command execution. Using custom domains, it is possible to arrange things so that example.com/pkg1 points to a Subversion repository but example.com/pkg1/pkg2 points to a Git repository. I...

7.2

CVE-2016-5195

Warnung Exploit
  • EPSS 94.18%
  • Veröffentlicht 10.11.2016 21:59:00
  • Zuletzt bearbeitet 04.11.2025 16:15:37

Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in Oc...

5

CVE-2014-4341

  • EPSS 14.45%
  • Veröffentlicht 20.07.2014 11:12:50
  • Zuletzt bearbeitet 12.04.2025 10:46:40

MIT Kerberos 5 (aka krb5) before 1.12.2 allows remote attackers to cause a denial of service (buffer over-read and application crash) by injecting invalid tokens into a GSSAPI application session.