Redhat

Enterprise Linux Server Aus

1054 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
3.5

CVE-2014-6568

  • EPSS 0.39%
  • Veröffentlicht 21.01.2015 15:28:07
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier, and 5.6.21 and earlier, allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DML.

2.1

CVE-2014-9585

Exploit
  • EPSS 0.05%
  • Veröffentlicht 09.01.2015 21:59:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The vdso_addr function in arch/x86/vdso/vma.c in the Linux kernel through 3.18.2 does not properly choose memory locations for the vDSO area, which makes it easier for local users to bypass the ASLR protection mechanism by guessing a location at the ...

2.1

CVE-2014-9584

  • EPSS 0.13%
  • Veröffentlicht 09.01.2015 21:59:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel before 3.18.2 does not validate a length value in the Extensions Reference (ER) System Use Field, which allows local users to obtain sensitive information from kernel...

6.9

CVE-2014-9529

  • EPSS 0.11%
  • Veröffentlicht 09.01.2015 21:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Race condition in the key_gc_unused_keys function in security/keys/gc.c in the Linux kernel through 3.18.2 allows local users to cause a denial of service (memory corruption or panic) or possibly have unspecified other impact via keyctl commands that...

3.5

CVE-2014-5353

  • EPSS 0.47%
  • Veröffentlicht 16.12.2014 23:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The krb5_ldap_get_password_policy_from_dn function in plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c in MIT Kerberos 5 (aka krb5) before 1.13.1, when the KDC uses LDAP, allows remote authenticated users to cause a denial of service (daemon crash) via...

5

CVE-2014-8964

  • EPSS 2.09%
  • Veröffentlicht 16.12.2014 18:59:10
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Heap-based buffer overflow in PCRE 8.36 and earlier allows remote attackers to cause a denial of service (crash) or have other unspecified impact via a crafted regular expression, related to an assertion that allows zero repeats.

7.5

CVE-2014-7840

  • EPSS 2.46%
  • Veröffentlicht 12.12.2014 15:59:08
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The host_from_stream_offset function in arch_init.c in QEMU, when loading RAM during migration, allows remote attackers to execute arbitrary code via a crafted (1) offset or (2) length value in savevm data.

9.4

CVE-2014-8567

  • EPSS 4.43%
  • Veröffentlicht 14.11.2014 15:59:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The mod_auth_mellon module before 0.8.1 allows remote attackers to cause a denial of service (Apache HTTP server crash) via a crafted logout request that triggers a read of uninitialized data.

5

CVE-2014-7815

  • EPSS 5.23%
  • Veröffentlicht 14.11.2014 15:59:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The set_pixel_format function in ui/vnc.c in QEMU allows remote attackers to cause a denial of service (crash) via a small bytes_per_pixel value.

2.1

CVE-2014-3615

  • EPSS 0.09%
  • Veröffentlicht 01.11.2014 23:55:09
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The VGA emulator in QEMU allows local guest users to read host memory by setting the display to a high resolution.