Redhat

Enterprise Linux

1857 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Warnung Exploit
  • EPSS 22.48%
  • Veröffentlicht 07.05.2014 10:55:04
  • Zuletzt bearbeitet 21.04.2026 20:07:27

The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service (memory corruption and system crash) or ...

  • EPSS 0.71%
  • Veröffentlicht 18.04.2014 14:55:25
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Integer overflow in the virtio_net_handle_mac function in hw/net/virtio-net.c in QEMU 2.0 and earlier allows local guest users to execute arbitrary code via a MAC addresses table update request, which triggers a heap-based buffer overflow.

Exploit
  • EPSS 0.49%
  • Veröffentlicht 01.04.2014 06:35:52
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Buffer overflow in hw/scsi-disk.c in the SCSI subsystem in QEMU before 0.15.2, as used by Xen, might allow local guest users with permission to access the CD-ROM to cause a denial of service (guest crash) via a crafted SAI READ CAPACITY SCSI command....

  • EPSS 0.34%
  • Veröffentlicht 31.03.2014 14:58:45
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Luci in Red Hat Conga does not properly enforce the user session timeout, which might allow attackers to gain access to the session by reading the __ac session cookie. NOTE: this issue has been SPLIT due to different vulnerability types. Use CVE-201...

  • EPSS 0.34%
  • Veröffentlicht 31.03.2014 14:58:43
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Luci in Red Hat Conga stores the user's username and password in a Base64 encoded string in the __ac session cookie, which allows attackers to gain privileges by accessing this cookie. NOTE: this issue has been SPLIT due to different vulnerability t...

  • EPSS 0.62%
  • Veröffentlicht 26.03.2014 14:55:04
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The get_rx_bufs function in drivers/vhost/net.c in the vhost-net subsystem in the Linux kernel package before 2.6.32-431.11.2 on Red Hat Enterprise Linux (RHEL) 6 does not properly handle vhost_get_vq_desc errors, which allows guest OS users to cause...

  • EPSS 2.26%
  • Veröffentlicht 26.02.2014 15:55:08
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Buffer overflow in the ccid_card_vscard_handle_message function in hw/ccid-card-passthru.c in QEMU before 0.15.2 and 1.x before 1.0-rc4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted VSC...

  • EPSS 4.03%
  • Veröffentlicht 20.02.2014 15:27:09
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Multiple cross-site scripting (XSS) vulnerabilities in actionview/lib/action_view/helpers/number_helper.rb in Ruby on Rails before 3.2.17, 4.0.x before 4.0.3, and 4.1.x before 4.1.0.beta2 allow remote attackers to inject arbitrary web script or HTML ...

Exploit
  • EPSS 2.23%
  • Veröffentlicht 10.02.2014 18:15:10
  • Zuletzt bearbeitet 29.04.2026 01:13:23

The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.12 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection ...

  • EPSS 2.09%
  • Veröffentlicht 10.02.2014 18:15:10
  • Zuletzt bearbeitet 29.04.2026 01:13:23

The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.14 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection ...