Redhat

Enterprise Linux

1709 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.8

CVE-2015-2783

Exploit
  • EPSS 9.68%
  • Published 09.06.2015 18:59:00
  • Last modified 12.04.2025 10:46:40

ext/phar/phar.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read and application crash) via a crafted length v...

7.7

CVE-2015-3456

  • EPSS 33.91%
  • Published 13.05.2015 18:59:00
  • Last modified 12.04.2025 10:46:40

The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and earlier and KVM, allows local guest users to cause a denial of service (out-of-bounds write and guest crash) or possibly execute arbitrary code via the (1) FD_CMD_READ_ID, (2) FD_CMD_...

7.6

CVE-2015-2775

Exploit
  • EPSS 4.6%
  • Published 13.04.2015 14:59:02
  • Last modified 12.04.2025 10:46:40

Directory traversal vulnerability in GNU Mailman before 2.1.20, when not using a static alias, allows remote attackers to execute arbitrary files via a .. (dot dot) in a list name.

6.8

CVE-2015-0831

  • EPSS 2.02%
  • Published 25.02.2015 11:59:11
  • Last modified 12.04.2025 10:46:40

Use-after-free vulnerability in the mozilla::dom::IndexedDB::IDBObjectStore::CreateIndex function in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remote attackers to execute arbitrary code or cause a d...

10

CVE-2015-0240

Exploit
  • EPSS 90.93%
  • Published 24.02.2015 01:59:00
  • Last modified 09.05.2025 20:15:34

The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x before 3.6.25, 4.0.x before 4.0.25, 4.1.x before 4.1.17, and 4.2.x before 4.2.0rc5 performs a free operation on an uninitialized stack pointer, which allows remote attackers to execu...

6.8

CVE-2014-8158

  • EPSS 6.22%
  • Published 26.01.2015 15:59:09
  • Last modified 12.04.2025 10:46:40

Multiple stack-based buffer overflows in jpc_qmfb.c in JasPer 1.900.1 and earlier allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 image.

7.5

CVE-2014-8157

  • EPSS 5.9%
  • Published 26.01.2015 15:59:04
  • Last modified 12.04.2025 10:46:40

Off-by-one error in the jpc_dec_process_sot function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 image, which triggers a heap-based buffer overf...

7.2

CVE-2015-0412

  • EPSS 2.08%
  • Published 21.01.2015 19:59:01
  • Last modified 12.04.2025 10:46:40

Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS.

7.5

CVE-2015-0411

  • EPSS 14.83%
  • Published 21.01.2015 19:59:00
  • Last modified 12.04.2025 10:46:40

Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier, and 5.6.21 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Server : Security : Encryption.

5

CVE-2015-0410

  • EPSS 4.96%
  • Published 21.01.2015 18:59:50
  • Last modified 12.04.2025 10:46:40

Unspecified vulnerability in the Java SE, Java SE Embedded, JRockit component in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows remote attackers to affect availability via unknown ve...