Redhat

Enterprise Linux

1857 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Medienbericht
  • EPSS 95.71%
  • Veröffentlicht 01.09.2016 00:59:00
  • Zuletzt bearbeitet 29.05.2026 21:16:27

The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birth...

Exploit
  • EPSS 7.5%
  • Veröffentlicht 07.08.2016 10:59:13
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Integer overflow in the _gd2GetHeader function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based ...

  • EPSS 3.76%
  • Veröffentlicht 21.07.2016 10:14:57
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related...

  • EPSS 0.36%
  • Veröffentlicht 21.07.2016 10:12:25
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Unspecified vulnerability in Oracle MySQL 5.5.45 and earlier and 5.6.26 and earlier allows local users to affect confidentiality, integrity, and availability via vectors related to Server: Option.

  • EPSS 3.53%
  • Veröffentlicht 21.07.2016 10:12:16
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related...

Exploit
  • EPSS 40.54%
  • Veröffentlicht 06.07.2016 14:59:05
  • Zuletzt bearbeitet 06.05.2026 22:30:45

ISC BIND through 9.9.9-P1, 9.10.x through 9.10.4-P1, and 9.11.x through 9.11.0b1 allows primary DNS servers to cause a denial of service (secondary DNS server crash) via a large AXFR response, and possibly allows IXFR servers to cause a denial of ser...

  • EPSS 5.52%
  • Veröffentlicht 27.06.2016 10:59:11
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which allows remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message.

  • EPSS 0.58%
  • Veröffentlicht 27.06.2016 10:59:08
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash) via vectors involving a craft...

  • EPSS 0.36%
  • Veröffentlicht 09.06.2016 16:59:04
  • Zuletzt bearbeitet 06.05.2026 22:30:45

SPICE allows local guest OS users to read from or write to arbitrary host memory locations via crafted primary surface parameters, a similar issue to CVE-2015-5261.

  • EPSS 8.49%
  • Veröffentlicht 09.06.2016 16:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The smartcard interaction in SPICE allows remote attackers to cause a denial of service (QEMU-KVM process crash) or possibly execute arbitrary code via vectors related to connecting to a guest VM, which triggers a heap-based buffer overflow.