Redhat

Enterprise Linux

1857 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 89.04%
  • Veröffentlicht 17.04.2017 21:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.

  • EPSS 2.67%
  • Veröffentlicht 12.04.2017 20:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Stack-based buffer overflow in native/mod_manager/node.c in mod_cluster 1.2.9.

  • EPSS 0.94%
  • Veröffentlicht 03.03.2017 11:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Kernel Samepage Merging (KSM) in the Linux kernel 2.6.32 through 4.x does not prevent use of a write-timing side channel, which allows guest OS users to defeat the ASLR protection mechanism on other guest OS instances via a Cross-VM ASL INtrospection...

  • EPSS 0.35%
  • Veröffentlicht 13.02.2017 18:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

pkexec, when used with --user nonpriv, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.

  • EPSS 4.39%
  • Veröffentlicht 13.02.2017 18:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

The cjpeg utility in libjpeg allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or execute arbitrary code via a crafted file.

  • EPSS 0.4%
  • Veröffentlicht 22.12.2016 21:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

sudo: It was discovered that the default sudo configuration on Red Hat Enterprise Linux and possibly other Linux implementations preserves the value of INPUTRC which could lead to information disclosure. A local user with sudo access to a restricted ...

  • EPSS 1.9%
  • Veröffentlicht 22.12.2016 21:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

openjpeg: A heap-based buffer overflow flaw was found in the patch for CVE-2013-6045. A crafted j2k image could cause the application to crash, or potentially execute arbitrary code.

Warnung Exploit
  • EPSS 83.52%
  • Veröffentlicht 10.11.2016 21:59:00
  • Zuletzt bearbeitet 21.04.2026 17:43:46

Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in Oc...

  • EPSS 0.85%
  • Veröffentlicht 25.10.2016 14:29:03
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Shotwell version 0.22.0 (and possibly other versions) is vulnerable to a TLS/SSL certification validation flaw resulting in a potential for man in the middle attacks.

Exploit
  • EPSS 67.73%
  • Veröffentlicht 20.09.2016 18:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1, 5.6.x before 5.6.32-78.0, and 5.7.x before 5.7.14-7 allow loc...