Redhat

Enterprise Linux Server Aus

1054 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2016-0758

  • EPSS 0.2%
  • Published 27.06.2016 10:59:02
  • Last modified 12.04.2025 10:46:40

Integer overflow in lib/asn1_decoder.c in the Linux kernel before 4.6 allows local users to gain privileges via crafted ASN.1 data.

8.1

CVE-2016-3698

  • EPSS 0.77%
  • Published 13.06.2016 19:59:02
  • Last modified 12.04.2025 10:46:40

libndp before 1.6, as used in NetworkManager, does not properly validate the origin of Neighbor Discovery Protocol (NDP) messages, which allows remote attackers to conduct man-in-the-middle attacks or cause a denial of service (network connectivity d...

8.8

CVE-2016-2818

  • EPSS 0.59%
  • Published 13.06.2016 10:59:01
  • Last modified 12.04.2025 10:46:40

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary cod...

10

CVE-2016-4448

  • EPSS 1.2%
  • Published 09.06.2016 16:59:06
  • Last modified 12.04.2025 10:46:40

Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in unknown vectors.

7.1

CVE-2016-2150

  • EPSS 0.07%
  • Published 09.06.2016 16:59:04
  • Last modified 12.04.2025 10:46:40

SPICE allows local guest OS users to read from or write to arbitrary host memory locations via crafted primary surface parameters, a similar issue to CVE-2015-5261.

10

CVE-2016-0749

  • EPSS 16.15%
  • Published 09.06.2016 16:59:00
  • Last modified 12.04.2025 10:46:40

The smartcard interaction in SPICE allows remote attackers to cause a denial of service (QEMU-KVM process crash) or possibly execute arbitrary code via vectors related to connecting to a guest VM, which triggers a heap-based buffer overflow.

7.8

CVE-2016-5126

  • EPSS 0.2%
  • Published 01.06.2016 22:59:08
  • Last modified 12.04.2025 10:46:40

Heap-based buffer overflow in the iscsi_aio_ioctl function in block/iscsi.c in QEMU allows local guest OS users to cause a denial of service (QEMU process crash) or possibly execute arbitrary code via a crafted iSCSI asynchronous I/O ioctl call.

6.5

CVE-2016-4020

  • EPSS 0.06%
  • Published 25.05.2016 15:59:04
  • Last modified 12.04.2025 10:46:40

The patch_instruction function in hw/i386/kvmvapic.c in QEMU does not initialize the imm32 variable, which allows local guest OS administrators to obtain sensitive information from host stack memory by accessing the Task Priority Register (TPR).

5.5

CVE-2016-4578

Exploit
  • EPSS 0.2%
  • Published 23.05.2016 10:59:09
  • Last modified 12.04.2025 10:46:40

sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the (1) snd_t...

7.8

CVE-2016-1840

Exploit
  • EPSS 2.14%
  • Published 20.05.2016 10:59:54
  • Last modified 12.04.2025 10:46:40

Heap-based buffer overflow in the xmlFAParsePosCharGroup function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause...