Redhat

Enterprise Linux

1857 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 1.83%
  • Veröffentlicht 23.05.2018 13:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:13

procps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in file2strvec function. This allows a privilege escalation for a local attacker who can create entries in procfs by starting processes, which co...

Exploit
  • EPSS 1.99%
  • Veröffentlicht 23.05.2018 13:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:14

procps-ng before version 3.3.15 is vulnerable to an incorrect integer size in proc/alloc.* leading to truncation/integer overflow issues. This flaw is related to CVE-2018-1124.

Exploit
  • EPSS 94.46%
  • Veröffentlicht 17.05.2018 16:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:12

DHCP packages in Red Hat Enterprise Linux 6 and 7, Fedora 28, and earlier are vulnerable to a command injection flaw in the NetworkManager integration script included in the DHCP client. A malicious DHCP server, or an attacker on the local network ab...

  • EPSS 0.77%
  • Veröffentlicht 15.05.2018 16:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:09

kernel KVM before versions kernel 4.16, kernel 4.16-rc7, kernel 4.17-rc1, kernel 4.17-rc2 and kernel 4.17-rc3 is vulnerable to a flaw in the way the Linux kernel's KVM hypervisor handled exceptions delivered after a stack switch operation via Mov SS ...

  • EPSS 8.43%
  • Veröffentlicht 09.05.2018 07:29:00
  • Zuletzt bearbeitet 21.11.2024 03:40:58

An issue was discovered in HAProxy before 1.8.8. The incoming H2 frame length was checked against the max_frame_size setting instead of being checked against the bufsize. The max_frame_size only applies to outgoing traffic and not to incoming, so if ...

  • EPSS 2.97%
  • Veröffentlicht 30.04.2018 12:29:00
  • Zuletzt bearbeitet 21.11.2024 03:23:47

389-ds-base before version 1.3.6 is vulnerable to an improperly NULL terminated array in the uniqueness_entry_to_config() function in the "attribute uniqueness" plugin of 389 Directory Server. An authenticated, or possibly unauthenticated, attacker c...

Exploit
  • EPSS 3.34%
  • Veröffentlicht 26.04.2018 05:29:00
  • Zuletzt bearbeitet 21.11.2024 03:41:19

mapping0_forward in mapping0.c in Xiph.Org libvorbis 1.3.6 does not validate the number of channels, which allows remote attackers to cause a denial of service (heap-based buffer overflow or over-read) or possibly have unspecified other impact via a ...

  • EPSS 2.4%
  • Veröffentlicht 26.04.2018 05:29:00
  • Zuletzt bearbeitet 21.11.2024 03:41:19

bark_noise_hybridmp in psy.c in Xiph.Org libvorbis 1.3.6 has a stack-based buffer over-read.

  • EPSS 0.88%
  • Veröffentlicht 24.04.2018 18:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:05

The DPDK vhost-user interface does not check to verify that all the requested guest physical range is mapped and contiguous when performing Guest Physical Addresses to Host Virtual Addresses translations. This may lead to a malicious guest exposing v...

  • EPSS 1.1%
  • Veröffentlicht 12.04.2018 17:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:08

pcs before version 0.9.164 and 0.10 is vulnerable to a privilege escalation via authorized user malicious REST call. The REST interface of the pcsd service did not properly sanitize the file name from the /remote/put_file query. If the /etc/booth dir...