Redhat

Enterprise Linux

1857 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 3.16%
  • Veröffentlicht 10.02.2014 18:15:10
  • Zuletzt bearbeitet 29.04.2026 01:13:23

The vfprintf function in stdio-common/vfprintf.c in GNU C Library (aka glibc) 2.5, 2.12, and probably other versions does not "properly restrict the use of" the alloca function when allocating the SPECS array, which allows context-dependent attackers...

Exploit
  • EPSS 0.47%
  • Veröffentlicht 08.02.2014 00:55:05
  • Zuletzt bearbeitet 29.04.2026 01:13:23

virt-v2v before 0.8.4 does not preserve the VNC console password when converting a guest, which allows local users to bypass the intended VNC authentication by connecting without a password.

  • EPSS 6.35%
  • Veröffentlicht 31.01.2014 23:55:04
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Buffer overflow in client/mysql.cc in Oracle MySQL and MariaDB before 5.5.35 allows remote database servers to cause a denial of service (crash) and possibly execute arbitrary code via a long server version string.

Exploit
  • EPSS 0.61%
  • Veröffentlicht 14.12.2013 18:08:45
  • Zuletzt bearbeitet 29.04.2026 01:13:23

The KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges or cause a denial of service (system crash) via a VAPIC synchronization operation involving a page-end address.

  • EPSS 4.07%
  • Veröffentlicht 12.12.2013 18:55:10
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Integer overflow in the load_image function in file-xwd.c in the X Window Dump (XWD) plug-in in GIMP 2.6.9 and earlier, when used with glib before 2.24, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code ...

  • EPSS 4.19%
  • Veröffentlicht 12.12.2013 18:55:10
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Heap-based buffer overflow in the read_xwd_cols function in file-xwd.c in the X Window Dump (XWD) plug-in in GIMP 2.6.9 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an X Window Syste...

  • EPSS 2%
  • Veröffentlicht 12.12.2013 18:55:10
  • Zuletzt bearbeitet 29.04.2026 01:13:23

mod_nss 1.0.8 and earlier, when NSSVerifyClient is set to none for the server/vhost context, does not enforce the NSSVerifyClient setting in the directory context, which allows remote attackers to bypass intended access restrictions.

  • EPSS 1.81%
  • Veröffentlicht 06.12.2013 17:55:04
  • Zuletzt bearbeitet 29.04.2026 01:13:23

The EJB invocation handler implementation in Red Hat JBossWS, as used in JBoss Enterprise Application Platform (EAP) before 6.2.0, does not properly enforce the method level restrictions for JAX-WS Service endpoints, which allows remote authenticated...

Exploit
  • EPSS 0.41%
  • Veröffentlicht 23.11.2013 18:55:04
  • Zuletzt bearbeitet 29.04.2026 01:13:23

The clone_file function in transfer.c in Augeas before 1.0.0, when copy_if_rename_fails is set and EXDEV or EBUSY is returned by the rename function, allows local users to overwrite arbitrary files and obtain sensitive information via a bind mount on...

Exploit
  • EPSS 7.24%
  • Veröffentlicht 23.11.2013 18:55:04
  • Zuletzt bearbeitet 29.04.2026 01:13:23

The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string to the sort command, when using the (1) -d or (2) -M switch, which triggers a stack-based...