Redhat

Enterprise Linux Server Aus

1054 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2019-2434

  • EPSS 0.23%
  • Published 16.01.2019 19:30:31
  • Last modified 21.11.2024 04:40:51

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network a...

7.8

CVE-2018-16865

Exploit
  • EPSS 2.07%
  • Published 11.01.2019 21:29:00
  • Last modified 21.11.2024 03:53:28

An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when many entries are sent to the journal socket. A local attacker, or a remote one if systemd-journal-remo...

7.8

CVE-2018-16864

Exploit
  • EPSS 0.15%
  • Published 11.01.2019 20:29:00
  • Last modified 21.11.2024 03:53:28

An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when a program with long command line arguments calls syslog. A local attacker may use this flaw to crash s...

3.3

CVE-2018-16866

Exploit
  • EPSS 0.11%
  • Published 11.01.2019 19:29:00
  • Last modified 21.11.2024 03:53:28

An out of bounds read was discovered in systemd-journald in the way it parses log messages that terminate with a colon ':'. A local attacker can use this flaw to disclose process memory data. Versions from v221 to v239 are vulnerable.

6.7

CVE-2019-6133

  • EPSS 0.01%
  • Published 11.01.2019 14:29:00
  • Last modified 21.11.2024 04:46:00

In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be bypassed because fork() is not atomic, and therefore authorization decisions are improperly cached. This is related to lack of uid checking in polkitbackend/polkitbackendin...

5.3

CVE-2018-20685

  • EPSS 3.74%
  • Published 10.01.2019 21:29:00
  • Last modified 21.11.2024 04:01:59

In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side.

6.5

CVE-2018-20662

  • EPSS 0.46%
  • Published 03.01.2019 13:29:00
  • Last modified 21.11.2024 04:01:57

In Poppler 0.72.0, PDFDoc::setup in PDFDoc.cc allows attackers to cause a denial-of-service (application crash caused by Object.h SIGABRT, because of a wrong return value from PDFDoc::setup) by crafting a PDF file in which an xref data structure is m...

6.5

CVE-2018-20650

  • EPSS 0.36%
  • Published 01.01.2019 16:29:00
  • Last modified 21.11.2024 04:01:56

A reachable Object::dictLookup assertion in Poppler 0.72.0 allows attackers to cause a denial of service due to the lack of a check for the dict data type, as demonstrated by use of the FileSpec class (in FileSpec.cc) in pdfdetach.

7.8

CVE-2018-19134

Exploit
  • EPSS 1.36%
  • Published 20.12.2018 23:29:00
  • Last modified 21.11.2024 03:57:23

In Artifex Ghostscript through 9.25, the setpattern operator did not properly validate certain types. A specially crafted PostScript document could exploit this to crash Ghostscript or, possibly, execute arbitrary code in the context of the Ghostscri...

9.8

CVE-2018-15127

  • EPSS 15.62%
  • Published 19.12.2018 16:29:00
  • Last modified 21.11.2024 03:50:21

LibVNC before commit 502821828ed00b4a2c4bef90683d0fd88ce495de contains heap out-of-bound write vulnerability in server code of file transfer extension that can result remote code execution