Redhat

Enterprise Linux

1728 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.6

CVE-2025-5915

  • EPSS 0.04%
  • Veröffentlicht 09.06.2025 19:49:02
  • Zuletzt bearbeitet 08.01.2026 04:15:55

A vulnerability has been identified in the libarchive library. This flaw can lead to a heap buffer over-read due to the size of a filter block potentially exceeding the Lempel-Ziv-Storer-Schieber (LZSS) window. This means the library may attempt to r...

6.5

CVE-2025-47711

  • EPSS 0.1%
  • Veröffentlicht 09.06.2025 06:03:47
  • Zuletzt bearbeitet 08.01.2026 04:15:53

There's a flaw in the nbdkit server when handling responses from its plugins regarding the status of data blocks. If a client makes a specific request for a very large data range, and a plugin responds with an even larger single block, the nbdkit ser...

4.7

CVE-2025-4598

Exploit
  • EPSS 0.04%
  • Veröffentlicht 30.05.2025 13:13:26
  • Zuletzt bearbeitet 02.02.2026 10:16:05

A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, suc...

6.5

CVE-2025-4478

  • EPSS 0.36%
  • Veröffentlicht 16.05.2025 14:22:17
  • Zuletzt bearbeitet 21.01.2026 14:16:05

A flaw was found in the FreeRDP used by Anaconda's remote install feature, where a crafted RDP packet could trigger a segmentation fault. This issue causes the service to crash and remain defunct, resulting in a denial of service. It occurs pre-boot ...

7.5

CVE-2025-3891

  • EPSS 1.33%
  • Veröffentlicht 29.04.2025 11:56:50
  • Zuletzt bearbeitet 28.07.2025 14:15:27

A flaw was found in the mod_auth_openidc module for Apache httpd. This flaw allows a remote, unauthenticated attacker to trigger a denial of service by sending an empty POST request when the OIDCPreservePost directive is enabled. The server crashes c...

5.5

CVE-2025-46400

Exploit
  • EPSS 0.12%
  • Veröffentlicht 23.04.2025 20:55:17
  • Zuletzt bearbeitet 08.01.2026 04:15:53

In xfig diagramming tool, a segmentation fault while running fig2dev allows an attacker to availability via local input manipulation via read_arcobject function.

5.5

CVE-2025-46399

Exploit
  • EPSS 0.12%
  • Veröffentlicht 23.04.2025 20:55:15
  • Zuletzt bearbeitet 08.01.2026 04:15:53

A flaw was found in fig2dev. This vulnerability allows availability via local input manipulation via genge_itp_spline function.

5.5

CVE-2025-46398

Exploit
  • EPSS 0.14%
  • Veröffentlicht 23.04.2025 20:55:13
  • Zuletzt bearbeitet 08.01.2026 04:15:53

In xfig diagramming tool, a stack-overflow while running fig2dev allows memory corruption via local input manipulation via read_objects function.

7.8

CVE-2025-46397

Exploit
  • EPSS 0.06%
  • Veröffentlicht 23.04.2025 20:55:09
  • Zuletzt bearbeitet 19.01.2026 04:15:58

A flaw was found in xfig. This vulnerability allows possible code execution via local input manipulation via bezier_spline function.

3.7

CVE-2025-3416

  • EPSS 0.45%
  • Veröffentlicht 08.04.2025 18:24:22
  • Zuletzt bearbeitet 09.04.2025 20:02:41

A flaw was found in OpenSSL's handling of the properties argument in certain functions. This vulnerability can allow use-after-free exploitation, which may result in undefined behavior or incorrect property parsing, leading to OpenSSL treating the in...