Redhat

Enterprise Linux Desktop

1928 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2019-3838

  • EPSS 1.41%
  • Veröffentlicht 25.03.2019 19:29:01
  • Zuletzt bearbeitet 21.11.2024 04:42:40

It was found that the forceput operator could be extracted from the DefineResource method in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the cons...

8.8

CVE-2019-3856

  • EPSS 3.34%
  • Veröffentlicht 25.03.2019 19:29:01
  • Zuletzt bearbeitet 21.11.2024 04:42:43

An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 before 1.8.1 in the way keyboard prompt requests are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client syst...

8.8

CVE-2019-3857

  • EPSS 3.34%
  • Veröffentlicht 25.03.2019 19:29:01
  • Zuletzt bearbeitet 21.11.2024 04:42:43

An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. A remote attacker who compromises a SSH server may be able to execut...

8.8

CVE-2019-3863

  • EPSS 9.92%
  • Veröffentlicht 25.03.2019 18:29:01
  • Zuletzt bearbeitet 21.11.2024 04:42:44

A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out of bound...

9.1

CVE-2019-9948

Exploit
  • EPSS 0.94%
  • Veröffentlicht 23.03.2019 18:29:02
  • Zuletzt bearbeitet 21.11.2024 04:52:39

urllib in Python 2.x through 2.7.16 supports the local_file: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggering a urllib.urlopen('local_file:///etc/passwd') call...

9.3

CVE-2019-3855

  • EPSS 8.94%
  • Veröffentlicht 21.03.2019 21:29:00
  • Zuletzt bearbeitet 21.11.2024 04:42:43

An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system wh...

5.5

CVE-2019-7222

Exploit
  • EPSS 0.04%
  • Veröffentlicht 21.03.2019 16:01:11
  • Zuletzt bearbeitet 21.11.2024 04:47:47

The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak.

7.8

CVE-2019-7221

Exploit
  • EPSS 0.06%
  • Veröffentlicht 21.03.2019 16:01:10
  • Zuletzt bearbeitet 21.11.2024 04:47:46

The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free.

5.5

CVE-2019-6454

Exploit
  • EPSS 0.11%
  • Veröffentlicht 21.03.2019 16:01:08
  • Zuletzt bearbeitet 21.11.2024 04:46:28

An issue was discovered in sd-bus in systemd 239. bus_process_object() in libsystemd/sd-bus/bus-objects.c allocates a variable-length stack buffer for temporarily storing the object path of incoming D-Bus messages. An unprivileged local user can expl...

7.8

CVE-2019-6116

Exploit
  • EPSS 67.77%
  • Veröffentlicht 21.03.2019 16:01:07
  • Zuletzt bearbeitet 21.11.2024 04:45:58

In Artifex Ghostscript through 9.26, ephemeral or transient procedures can allow access to system operators, leading to remote code execution.