Redhat

Enterprise Linux Server Aus

1054 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2019-10126

  • EPSS 3.84%
  • Published 14.06.2019 14:29:00
  • Last modified 21.11.2024 04:18:28

A flaw was found in the Linux kernel. A heap based buffer overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c might lead to memory corruption and possibly other consequences.

9.8

CVE-2019-10160

  • EPSS 2.14%
  • Published 07.06.2019 18:29:00
  • Last modified 21.11.2024 04:18:32

A security regression of CVE-2019-9636 was discovered in python since commit d537ab0ff9767ef024f26246899728f0116b1ec3 affecting versions 2.7, 3.5, 3.6, 3.7 and from v3.8.0a4 through v3.8.0b1, which still allows an attacker to exploit CVE-2019-9636 by...

7

CVE-2019-9755

  • EPSS 0.1%
  • Published 05.06.2019 15:29:03
  • Last modified 21.11.2024 04:52:14

An integer underflow issue exists in ntfs-3g 2017.3.23. A local attacker could potentially exploit this by running /bin/ntfs-3g with specially crafted arguments from a specially crafted directory to cause a heap buffer overflow, resulting in a crash ...

9.8

CVE-2019-11356

  • EPSS 28.61%
  • Published 03.06.2019 20:29:00
  • Last modified 21.11.2024 04:20:56

The CalDAV feature in httpd in Cyrus IMAP 2.5.x through 2.5.12 and 3.0.x through 3.0.9 allows remote attackers to execute arbitrary code via a crafted HTTP PUT operation for an event with a long iCalendar property name.

9.8

CVE-2019-12450

  • EPSS 0.9%
  • Published 29.05.2019 17:29:00
  • Last modified 21.11.2024 04:22:52

file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1 does not properly restrict file permissions while a copy operation is in progress. Instead, default permissions are used.

7.5

CVE-2019-0820

  • EPSS 2.25%
  • Published 16.05.2019 19:29:00
  • Last modified 21.11.2024 04:17:20

A denial of service vulnerability exists when .NET Framework and .NET Core improperly process RegEx strings, aka '.NET Framework and .NET Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0980, CVE-2019-0981.

5.5

CVE-2019-11833

  • EPSS 0.03%
  • Published 15.05.2019 13:29:00
  • Last modified 21.11.2024 04:21:51

fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem.

3.3

CVE-2019-11884

  • EPSS 0.05%
  • Published 10.05.2019 22:29:00
  • Last modified 21.11.2024 04:21:57

The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a...

7

CVE-2019-11811

  • EPSS 0.07%
  • Published 07.05.2019 14:29:00
  • Last modified 21.11.2024 04:21:48

An issue was discovered in the Linux kernel before 5.0.4. There is a use-after-free upon attempted read access to /proc/ioports after the ipmi_si module is removed, related to drivers/char/ipmi/ipmi_si_intf.c, drivers/char/ipmi/ipmi_si_mem_io.c, and ...

8.8

CVE-2019-9810

Exploit
  • EPSS 70.88%
  • Published 26.04.2019 17:29:04
  • Last modified 21.11.2024 04:52:21

Incorrect alias information in IonMonkey JIT compiler for Array.prototype.slice method may lead to missing bounds check and a buffer overflow. This vulnerability affects Firefox < 66.0.1, Firefox ESR < 60.6.1, and Thunderbird < 60.6.1.