Redhat

Enterprise Linux Server Aus

1055 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.6

CVE-2014-4656

  • EPSS 0.08%
  • Veröffentlicht 03.07.2014 04:22:15
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple integer overflows in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 allow local users to cause a denial of service by leveraging /dev/snd/controlCX access, related to (1) index values in the snd_ctl...

7.8

CVE-2014-3153

Warnung Exploit
  • EPSS 71.36%
  • Veröffentlicht 07.06.2014 14:55:27
  • Zuletzt bearbeitet 22.10.2025 01:15:56

The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEX_REQUEUE command that facilitates unsafe wai...

5

CVE-2014-3467

  • EPSS 8.89%
  • Veröffentlicht 05.06.2014 20:55:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple unspecified vulnerabilities in the DER decoder in GNU Libtasn1 before 3.6, as used in GnuTLS, allow remote attackers to cause a denial of service (out-of-bounds read) via crafted ASN.1 data.

7.5

CVE-2014-3468

  • EPSS 10.74%
  • Veröffentlicht 05.06.2014 20:55:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The asn1_get_bit_der function in GNU Libtasn1 before 3.6 does not properly report an error when a negative bit length is identified, which allows context-dependent attackers to cause out-of-bounds access via crafted ASN.1 data.

5

CVE-2014-3469

  • EPSS 8.67%
  • Veröffentlicht 05.06.2014 20:55:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The (1) asn1_read_value_type and (2) asn1_read_value functions in GNU Libtasn1 before 3.6 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via a NULL value in an ivalue argument.

6.1

CVE-2014-1530

  • EPSS 0.87%
  • Veröffentlicht 30.04.2014 10:49:05
  • Zuletzt bearbeitet 25.11.2025 17:50:16

The docshell implementation in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to trigger the loading of a URL with a spoofed baseURI property, and conduct cross-si...

9.3

CVE-2014-1531

Exploit
  • EPSS 5.09%
  • Veröffentlicht 30.04.2014 10:49:05
  • Zuletzt bearbeitet 25.11.2025 17:50:16

Use-after-free vulnerability in the nsGenericHTMLElement::GetWidthHeightForImage function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to execute arbitrary co...

9.8

CVE-2014-1532

Exploit
  • EPSS 4.89%
  • Veröffentlicht 30.04.2014 10:49:05
  • Zuletzt bearbeitet 25.11.2025 17:50:16

Use-after-free vulnerability in the nsHostResolver::ConditionallyRefreshRecord function in libxul.so in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to execute a...

9.3

CVE-2014-1518

Exploit
  • EPSS 2.82%
  • Veröffentlicht 30.04.2014 10:49:04
  • Zuletzt bearbeitet 25.11.2025 17:50:16

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allow remote attackers to cause a denial of service (memory corruption and app...

6.5

CVE-2014-1523

  • EPSS 0.54%
  • Veröffentlicht 30.04.2014 10:49:04
  • Zuletzt bearbeitet 25.11.2025 17:50:16

Heap-based buffer overflow in the read_u32 function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to cause a denial of service (out-of-bounds read and applicat...