Redhat

Enterprise Linux Server Aus

1059 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
10

CVE-2016-0749

  • EPSS 15.98%
  • Veröffentlicht 09.06.2016 16:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The smartcard interaction in SPICE allows remote attackers to cause a denial of service (QEMU-KVM process crash) or possibly execute arbitrary code via vectors related to connecting to a guest VM, which triggers a heap-based buffer overflow.

7.8

CVE-2016-5126

  • EPSS 0.26%
  • Veröffentlicht 01.06.2016 22:59:08
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Heap-based buffer overflow in the iscsi_aio_ioctl function in block/iscsi.c in QEMU allows local guest OS users to cause a denial of service (QEMU process crash) or possibly execute arbitrary code via a crafted iSCSI asynchronous I/O ioctl call.

6.5

CVE-2016-4020

  • EPSS 0.09%
  • Veröffentlicht 25.05.2016 15:59:04
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The patch_instruction function in hw/i386/kvmvapic.c in QEMU does not initialize the imm32 variable, which allows local guest OS administrators to obtain sensitive information from host stack memory by accessing the Task Priority Register (TPR).

5.5

CVE-2016-4578

Exploit
  • EPSS 0.17%
  • Veröffentlicht 23.05.2016 10:59:09
  • Zuletzt bearbeitet 06.05.2026 22:30:45

sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the (1) snd_t...

7.8

CVE-2016-1840

Exploit
  • EPSS 1.59%
  • Veröffentlicht 20.05.2016 10:59:54
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Heap-based buffer overflow in the xmlFAParsePosCharGroup function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause...

5.5

CVE-2016-1839

Exploit
  • EPSS 4.55%
  • Veröffentlicht 20.05.2016 10:59:53
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The xmlDictAddString function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a craft...

5.5

CVE-2016-1838

Exploit
  • EPSS 3.49%
  • Veröffentlicht 20.05.2016 10:59:52
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The xmlPArserPrintFileContextInternal function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-...

5.5

CVE-2016-1837

Exploit
  • EPSS 0.52%
  • Veröffentlicht 20.05.2016 10:59:51
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Multiple use-after-free vulnerabilities in the (1) htmlPArsePubidLiteral and (2) htmlParseSystemiteral functions in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allow remot...

5.5

CVE-2016-1836

  • EPSS 1.31%
  • Veröffentlicht 20.05.2016 10:59:50
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Use-after-free vulnerability in the xmlDictComputeFastKey function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service via ...

9.3

CVE-2016-1834

Exploit
  • EPSS 2.31%
  • Veröffentlicht 20.05.2016 10:59:48
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Heap-based buffer overflow in the xmlStrncat function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of...