Redhat

Enterprise Linux Server

1890 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.8

CVE-2017-13077

  • EPSS 0.77%
  • Veröffentlicht 17.10.2017 02:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.

9.8

CVE-2017-0903

  • EPSS 4.9%
  • Veröffentlicht 11.10.2017 18:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

RubyGems versions between 2.0.0 and 2.6.13 are vulnerable to a possible remote code execution vulnerability. YAML deserialization of gem specifications can bypass class white lists. Specially crafted serialized objects can possibly be used to escalat...

9.8

CVE-2017-15041

  • EPSS 6.02%
  • Veröffentlicht 05.10.2017 21:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Go before 1.8.4 and 1.9.x before 1.9.1 allows "go get" remote command execution. Using custom domains, it is possible to arrange things so that example.com/pkg1 points to a Subversion repository but example.com/pkg1/pkg2 points to a Git repository. I...

7.8

CVE-2017-1000111

  • EPSS 0.1%
  • Veröffentlicht 05.10.2017 01:29:04
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Linux kernel: heap out-of-bounds in AF_PACKET sockets. This new issue is analogous to previously disclosed CVE-2016-8655. In both cases, a socket option that changes socket state may race with safety checks in packet_set_ring. Previously with PACKET_...

7.5

CVE-2017-1000115

  • EPSS 2.14%
  • Veröffentlicht 05.10.2017 01:29:04
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Mercurial prior to version 4.3 is vulnerable to a missing symlink check that can malicious repositories to modify files outside the repository

10

CVE-2017-1000116

  • EPSS 2.4%
  • Veröffentlicht 05.10.2017 01:29:04
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Mercurial prior to 4.3 did not adequately sanitize hostnames passed to ssh, leading to possible shell-injection attacks.

8.1

CVE-2017-12617

Warnung Exploit
  • EPSS 94.37%
  • Veröffentlicht 04.10.2017 01:29:02
  • Zuletzt bearbeitet 20.04.2025 01:37:25

When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload ...

9.8

CVE-2017-14491

Exploit
  • EPSS 60.19%
  • Veröffentlicht 04.10.2017 01:29:02
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.

9.8

CVE-2017-14492

  • EPSS 92.64%
  • Veröffentlicht 03.10.2017 01:29:02
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted IPv6 router advertisement request.

9.8

CVE-2017-14493

Exploit
  • EPSS 5.62%
  • Veröffentlicht 03.10.2017 01:29:02
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Stack-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DHCPv6 request.