Redhat

Enterprise Linux Desktop

1928 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2018-19108

  • EPSS 0.41%
  • Veröffentlicht 08.11.2018 08:29:00
  • Zuletzt bearbeitet 21.11.2024 03:57:20

In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in the PSD image reader may suffer from a denial of service (infinite loop) caused by an integer overflow via a crafted PSD image file.

6.5

CVE-2018-19058

Exploit
  • EPSS 0.28%
  • Veröffentlicht 07.11.2018 16:29:00
  • Zuletzt bearbeitet 21.11.2024 03:57:14

An issue was discovered in Poppler 0.71.0. There is a reachable abort in Object.h, will lead to denial of service because EmbFile::save2 in FileSpec.cc lacks a stream check before saving an embedded file.

6.5

CVE-2018-18897

Exploit
  • EPSS 0.2%
  • Veröffentlicht 02.11.2018 07:29:00
  • Zuletzt bearbeitet 21.11.2024 03:56:50

An issue was discovered in Poppler 0.71.0. There is a memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc, as demonstrated by pdftocairo.

6.5

CVE-2016-2125

  • EPSS 12.78%
  • Veröffentlicht 31.10.2018 20:29:00
  • Zuletzt bearbeitet 21.11.2024 02:47:52

It was found that Samba before versions 4.5.3, 4.4.8, 4.3.13 always requested forwardable tickets when using Kerberos authentication. A service to which Samba authenticated using Kerberos could subsequently use the ticket to impersonate Samba to othe...

8.8

CVE-2018-15688

  • EPSS 0.73%
  • Veröffentlicht 26.10.2018 14:29:00
  • Zuletzt bearbeitet 09.06.2025 16:15:28

A buffer overflow vulnerability in the dhcp6 client of systemd allows a malicious dhcp6 server to overwrite heap memory in systemd-networkd. Affected releases are systemd: versions up to and including 239.

7.2

CVE-2018-14665

Exploit
  • EPSS 3.8%
  • Veröffentlicht 25.10.2018 20:29:00
  • Zuletzt bearbeitet 29.08.2025 13:42:30

A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log in to the system via physical console to escalate the...

4.3

CVE-2018-18585

Exploit
  • EPSS 0.48%
  • Veröffentlicht 23.10.2018 02:29:00
  • Zuletzt bearbeitet 21.11.2024 03:56:12

chmd_read_headers in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character (such as the "/\0" name).

8.1

CVE-2018-18559

Exploit
  • EPSS 1.14%
  • Veröffentlicht 22.10.2018 16:29:00
  • Zuletzt bearbeitet 21.11.2024 03:56:09

In the Linux kernel through 4.19, a use-after-free can occur due to a race condition between fanout_add from setsockopt and bind on an AF_PACKET socket. This issue exists because of the 15fe076edea787807a7cdc168df832544b58eba6 incomplete fix for a ra...

8.6

CVE-2018-18284

Exploit
  • EPSS 0.22%
  • Veröffentlicht 19.10.2018 22:29:01
  • Zuletzt bearbeitet 21.11.2024 03:55:38

Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving the 1Policy operator.

6.5

CVE-2018-18520

Exploit
  • EPSS 1.16%
  • Veröffentlicht 19.10.2018 17:29:00
  • Zuletzt bearbeitet 21.11.2024 03:56:05

An Invalid Memory Address Dereference exists in the function elf_end in libelf in elfutils through v0.174. Although eu-size is intended to support ar files inside ar files, handle_ar in size.c closes the outer ar file before handling all inner entrie...