Redhat

Enterprise Linux

1715 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
10

CVE-2014-6601

  • EPSS 13.26%
  • Veröffentlicht 21.01.2015 18:59:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.

7.5

CVE-2014-8138

  • EPSS 5.9%
  • Veröffentlicht 24.12.2014 18:59:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Heap-based buffer overflow in the jp2_decode function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 file.

6.8

CVE-2014-8137

  • EPSS 31.46%
  • Veröffentlicht 24.12.2014 18:59:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Double free vulnerability in the jas_iccattrval_destroy function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted ICC color profile in a JPEG 2000 image file.

7.5

CVE-2004-2771

Exploit
  • EPSS 2.01%
  • Veröffentlicht 24.12.2014 18:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The expand function in fio.c in Heirloom mailx 12.5 and earlier and BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in an email address.

4.9

CVE-2014-8867

  • EPSS 0.13%
  • Veröffentlicht 01.12.2014 15:59:09
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The acceleration support for the "REP MOVS" instruction in Xen 4.4.x, 3.2.x, and earlier lacks properly bounds checking for memory mapped I/O (MMIO) emulated in the hypervisor, which allows local HVM guests to cause a denial of service (host crash) v...

5.5

CVE-2014-3690

  • EPSS 0.01%
  • Veröffentlicht 10.11.2014 11:55:07
  • Zuletzt bearbeitet 12.04.2025 10:46:40

arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 3.17.2 on Intel processors does not ensure that the value in the CR4 control register remains the same after a VM entry, which allows host OS users to kill arbitrary processes or caus...

4.7

CVE-2014-3611

  • EPSS 0.04%
  • Veröffentlicht 10.11.2014 11:55:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Race condition in the __kvm_migrate_pit_timer function in arch/x86/kvm/i8254.c in the KVM subsystem in the Linux kernel through 3.17.2 allows guest OS users to cause a denial of service (host OS crash) by leveraging incorrect PIT emulation.

5.5

CVE-2014-3646

  • EPSS 0.1%
  • Veröffentlicht 10.11.2014 11:55:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel through 3.17.2 does not have an exit handler for the INVVPID instruction, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application.

5.5

CVE-2014-3647

  • EPSS 0.06%
  • Veröffentlicht 10.11.2014 11:55:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel through 3.17.2 does not properly perform RIP changes, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application.

7.8

CVE-2014-3673

Exploit
  • EPSS 9.8%
  • Veröffentlicht 10.11.2014 11:55:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (system crash) via a malformed ASCONF chunk, related to net/sctp/sm_make_chunk.c and net/sctp/sm_statefuns.c.