Redhat

Enterprise Linux

1780 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5

CVE-2025-5917

  • EPSS 0.12%
  • Veröffentlicht 09.06.2025 19:49:13
  • Zuletzt bearbeitet 12.12.2025 01:15:46

A vulnerability has been identified in the libarchive library. This flaw involves an 'off-by-one' miscalculation when handling prefixes and suffixes for file names. This can lead to a 1-byte write overflow. While seemingly small, such an overflow can...

6.6

CVE-2025-5918

  • EPSS 0.11%
  • Veröffentlicht 09.06.2025 19:49:13
  • Zuletzt bearbeitet 15.08.2025 18:35:04

A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped into bsdtar, potentially allowing for reading past the end of the file. This out-of-bounds read can lead to unintended consequences,...

5.6

CVE-2025-5916

  • EPSS 0.1%
  • Veröffentlicht 09.06.2025 19:49:07
  • Zuletzt bearbeitet 12.12.2025 01:15:46

A vulnerability has been identified in the libarchive library. This flaw involves an integer overflow that can be triggered when processing a Web Archive (WARC) file that claims to have more than INT64_MAX - 4 content bytes. An attacker could craft a...

6.6

CVE-2025-5915

  • EPSS 0.09%
  • Veröffentlicht 09.06.2025 19:49:02
  • Zuletzt bearbeitet 08.01.2026 04:15:55

A vulnerability has been identified in the libarchive library. This flaw can lead to a heap buffer over-read due to the size of a filter block potentially exceeding the Lempel-Ziv-Storer-Schieber (LZSS) window. This means the library may attempt to r...

6.5

CVE-2025-47711

  • EPSS 0.31%
  • Veröffentlicht 09.06.2025 06:03:47
  • Zuletzt bearbeitet 08.01.2026 04:15:53

There's a flaw in the nbdkit server when handling responses from its plugins regarding the status of data blocks. If a client makes a specific request for a very large data range, and a plugin responds with an even larger single block, the nbdkit ser...

4.7

CVE-2025-4598

Exploit
  • EPSS 0.11%
  • Veröffentlicht 30.05.2025 13:13:26
  • Zuletzt bearbeitet 12.05.2026 13:17:21

A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, suc...

6.5

CVE-2025-4478

  • EPSS 0.36%
  • Veröffentlicht 16.05.2025 14:22:17
  • Zuletzt bearbeitet 21.01.2026 14:16:05

A flaw was found in the FreeRDP used by Anaconda's remote install feature, where a crafted RDP packet could trigger a segmentation fault. This issue causes the service to crash and remain defunct, resulting in a denial of service. It occurs pre-boot ...

7.5

CVE-2025-3891

  • EPSS 1.33%
  • Veröffentlicht 29.04.2025 11:56:50
  • Zuletzt bearbeitet 28.07.2025 14:15:27

A flaw was found in the mod_auth_openidc module for Apache httpd. This flaw allows a remote, unauthenticated attacker to trigger a denial of service by sending an empty POST request when the OIDCPreservePost directive is enabled. The server crashes c...

5.5

CVE-2025-46400

Exploit
  • EPSS 0.14%
  • Veröffentlicht 23.04.2025 20:55:17
  • Zuletzt bearbeitet 08.01.2026 04:15:53

In xfig diagramming tool, a segmentation fault while running fig2dev allows an attacker to availability via local input manipulation via read_arcobject function.

5.5

CVE-2025-46399

Exploit
  • EPSS 0.14%
  • Veröffentlicht 23.04.2025 20:55:15
  • Zuletzt bearbeitet 08.01.2026 04:15:53

A flaw was found in fig2dev. This vulnerability allows availability via local input manipulation via genge_itp_spline function.