Redhat

Enterprise Linux

1730 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2013-1857

  • EPSS 0.63%
  • Veröffentlicht 19.03.2013 22:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The sanitize helper in lib/action_controller/vendor/html-scanner/html/sanitizer.rb in the Action Pack component in Ruby on Rails before 2.3.18, 3.0.x and 3.1.x before 3.1.12, and 3.2.x before 3.2.13 does not properly handle encoded : (colon) characte...

1.9

CVE-2012-6537

  • EPSS 0.11%
  • Veröffentlicht 15.03.2013 20:55:07
  • Zuletzt bearbeitet 11.04.2025 00:51:21

net/xfrm/xfrm_user.c in the Linux kernel before 3.6 does not initialize certain structures, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability.

1.9

CVE-2012-6538

  • EPSS 0.08%
  • Veröffentlicht 15.03.2013 20:55:07
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The copy_to_user_auth function in net/xfrm/xfrm_user.c in the Linux kernel before 3.6 uses an incorrect C library function for copying a string, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAP_NE...

1.9

CVE-2012-6542

  • EPSS 0.12%
  • Veröffentlicht 15.03.2013 20:55:07
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The llc_ui_getname function in net/llc/af_llc.c in the Linux kernel before 3.6 has an incorrect return value in certain circumstances, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that le...

1.9

CVE-2012-6544

  • EPSS 0.1%
  • Veröffentlicht 15.03.2013 20:55:07
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The Bluetooth protocol stack in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that targets the (1) L2CAP or (2)...

1.9

CVE-2012-6545

  • EPSS 0.1%
  • Veröffentlicht 15.03.2013 20:55:07
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The Bluetooth RFCOMM implementation in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel memory via a crafted application.

1.9

CVE-2012-6546

  • EPSS 0.02%
  • Veröffentlicht 15.03.2013 20:55:07
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The ATM implementation in the Linux kernel before 3.6 does not initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.

1.9

CVE-2012-6548

  • EPSS 0.04%
  • Veröffentlicht 15.03.2013 20:55:07
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The udf_encode_fh function in fs/udf/namei.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory via a crafted application.

1.9

CVE-2013-0200

  • EPSS 0.08%
  • Veröffentlicht 06.03.2013 20:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

HP Linux Imaging and Printing (HPLIP) through 3.12.4 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/hpcupsfilterc_#.bmp, (2) /tmp/hpcupsfilterk_#.bmp, (3) /tmp/hpcups_job#.out, (4) /tmp/hpijs_#####.out, or (5) /t...

3.6

CVE-2011-1182

Exploit
  • EPSS 0.08%
  • Veröffentlicht 01.03.2013 12:37:53
  • Zuletzt bearbeitet 11.04.2025 00:51:21

kernel/signal.c in the Linux kernel before 2.6.39 allows local users to spoof the uid and pid of a signal sender via a sigqueueinfo system call.