Redhat

Enterprise Linux

1857 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 2.98%
  • Veröffentlicht 16.01.2019 19:30:32
  • Zuletzt bearbeitet 21.11.2024 04:40:53

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). The supported version that is affected is Java SE: 8u192. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protoco...

  • EPSS 3.14%
  • Veröffentlicht 16.01.2019 19:30:31
  • Zuletzt bearbeitet 21.11.2024 04:40:50

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with netwo...

  • EPSS 3.37%
  • Veröffentlicht 16.01.2019 19:30:31
  • Zuletzt bearbeitet 21.11.2024 04:40:50

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u201, 8u192 and 11.0.1; Java SE Embedded: 8u191. Difficult to exploit vulnerability allows unauthenticated attacker...

  • EPSS 3.26%
  • Veröffentlicht 16.01.2019 19:30:31
  • Zuletzt bearbeitet 21.11.2024 04:40:51

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network a...

  • EPSS 0.7%
  • Veröffentlicht 15.01.2019 15:29:00
  • Zuletzt bearbeitet 21.11.2024 04:42:35

A vulnerability was found in sssd. If a user was configured with no home directory set, sssd would return '/' (the root directory) instead of '' (the empty string / no home directory). This could impact services that restrict the user's filesystem ac...

  • EPSS 0.3%
  • Veröffentlicht 14.01.2019 22:29:00
  • Zuletzt bearbeitet 21.11.2024 03:53:32

It was discovered systemd does not correctly check the content of PIDFile files before using it to kill processes. When a service is run from an unprivileged user (e.g. User field set in the service file), a local attacker who is able to write to the...

Exploit
  • EPSS 1.05%
  • Veröffentlicht 11.01.2019 19:29:00
  • Zuletzt bearbeitet 21.11.2024 03:53:28

An out of bounds read was discovered in systemd-journald in the way it parses log messages that terminate with a colon ':'. A local attacker can use this flaw to disclose process memory data. Versions from v221 to v239 are vulnerable.

  • EPSS 3.68%
  • Veröffentlicht 10.01.2019 21:29:00
  • Zuletzt bearbeitet 17.12.2025 22:15:55

In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side.

  • EPSS 2.24%
  • Veröffentlicht 03.01.2019 13:29:00
  • Zuletzt bearbeitet 21.11.2024 04:01:57

In Poppler 0.72.0, PDFDoc::setup in PDFDoc.cc allows attackers to cause a denial-of-service (application crash caused by Object.h SIGABRT, because of a wrong return value from PDFDoc::setup) by crafting a PDF file in which an xref data structure is m...

  • EPSS 2.68%
  • Veröffentlicht 01.01.2019 16:29:00
  • Zuletzt bearbeitet 21.11.2024 04:01:56

A reachable Object::dictLookup assertion in Poppler 0.72.0 allows attackers to cause a denial of service due to the lack of a check for the dict data type, as demonstrated by use of the FileSpec class (in FileSpec.cc) in pdfdetach.