Redhat

Enterprise Linux

1857 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 2.68%
  • Veröffentlicht 30.09.2013 21:55:09
  • Zuletzt bearbeitet 29.04.2026 01:13:23

The remoteDispatchDomainMemoryStats function in daemon/remote.c in libvirt 0.9.1 through 0.10.1.x, 0.10.2.x before 0.10.2.8, 1.0.x before 1.0.5.6, and 1.1.x before 1.1.2 allows remote authenticated users to cause a denial of service (uninitialized po...

  • EPSS 0.56%
  • Veröffentlicht 23.09.2013 20:55:07
  • Zuletzt bearbeitet 29.04.2026 01:13:23

cache.py in Suds 0.4, when tempdir is set to None, allows local users to redirect SOAP queries and possibly have other unspecified impact via a symlink attack on a cache file with a predictable name in /tmp/suds/.

  • EPSS 4.31%
  • Veröffentlicht 16.09.2013 13:02:34
  • Zuletzt bearbeitet 29.04.2026 01:13:23

The SOAP parser in PHP before 5.3.22 and 5.4.x before 5.4.12 allows remote attackers to read arbitrary files via a SOAP WSDL file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity...

  • EPSS 2.61%
  • Veröffentlicht 19.08.2013 23:55:08
  • Zuletzt bearbeitet 29.04.2026 01:13:23

The Intel drivers in Mesa 8.0.x and 9.0.x allow context-dependent attackers to cause a denial of service (reachable assertion and crash) and possibly execute arbitrary code via vectors involving 3d graphics that trigger an out-of-bounds array access,...

  • EPSS 3.59%
  • Veröffentlicht 18.08.2013 02:52:23
  • Zuletzt bearbeitet 29.04.2026 01:13:23

The openssl_x509_parse function in openssl.c in the OpenSSL module in PHP before 5.4.18 and 5.5.x before 5.5.2 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-...

  • EPSS 69.01%
  • Veröffentlicht 06.08.2013 02:56:00
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Integer overflow in the read_nttrans_ea_list function in nttrans.c in smbd in Samba 3.x before 3.5.22, 3.6.x before 3.6.17, and 4.x before 4.0.8 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet.

Exploit
  • EPSS 11.12%
  • Veröffentlicht 31.07.2013 13:20:25
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Heap-based buffer overflow in the curl_easy_unescape function in lib/escape.c in cURL and libcurl 7.7 through 7.30.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string endi...

  • EPSS 34.15%
  • Veröffentlicht 29.07.2013 13:59:37
  • Zuletzt bearbeitet 29.04.2026 01:13:23

The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertio...

  • EPSS 0.45%
  • Veröffentlicht 16.07.2013 14:08:50
  • Zuletzt bearbeitet 29.04.2026 01:13:23

The KVM subsystem in the Linux kernel before 3.0 does not check whether kernel addresses are specified during allocation of memory slots for use in a guest's physical address space, which allows local users to gain privileges or obtain sensitive info...

  • EPSS 0.32%
  • Veröffentlicht 16.07.2013 14:08:50
  • Zuletzt bearbeitet 29.04.2026 01:13:23

A certain Red Hat patch to the do_filp_open function in fs/namei.c in the kernel package before 2.6.32-358.11.1.el6 on Red Hat Enterprise Linux (RHEL) 6 does not properly handle failure to obtain write permissions, which allows local users to cause a...