Redhat

Enterprise Linux Server

1890 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.8

CVE-2017-13077

  • EPSS 0.77%
  • Published 17.10.2017 02:29:00
  • Last modified 20.04.2025 01:37:25

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.

9.8

CVE-2017-0903

  • EPSS 4.9%
  • Published 11.10.2017 18:29:00
  • Last modified 20.04.2025 01:37:25

RubyGems versions between 2.0.0 and 2.6.13 are vulnerable to a possible remote code execution vulnerability. YAML deserialization of gem specifications can bypass class white lists. Specially crafted serialized objects can possibly be used to escalat...

9.8

CVE-2017-15041

  • EPSS 6.02%
  • Published 05.10.2017 21:29:00
  • Last modified 20.04.2025 01:37:25

Go before 1.8.4 and 1.9.x before 1.9.1 allows "go get" remote command execution. Using custom domains, it is possible to arrange things so that example.com/pkg1 points to a Subversion repository but example.com/pkg1/pkg2 points to a Git repository. I...

7.8

CVE-2017-1000111

  • EPSS 0.1%
  • Published 05.10.2017 01:29:04
  • Last modified 20.04.2025 01:37:25

Linux kernel: heap out-of-bounds in AF_PACKET sockets. This new issue is analogous to previously disclosed CVE-2016-8655. In both cases, a socket option that changes socket state may race with safety checks in packet_set_ring. Previously with PACKET_...

7.5

CVE-2017-1000115

  • EPSS 2.14%
  • Published 05.10.2017 01:29:04
  • Last modified 20.04.2025 01:37:25

Mercurial prior to version 4.3 is vulnerable to a missing symlink check that can malicious repositories to modify files outside the repository

10

CVE-2017-1000116

  • EPSS 2.4%
  • Published 05.10.2017 01:29:04
  • Last modified 20.04.2025 01:37:25

Mercurial prior to 4.3 did not adequately sanitize hostnames passed to ssh, leading to possible shell-injection attacks.

8.1

CVE-2017-12617

Warning Exploit
  • EPSS 94.37%
  • Published 04.10.2017 01:29:02
  • Last modified 20.04.2025 01:37:25

When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload ...

9.8

CVE-2017-14491

Exploit
  • EPSS 60.19%
  • Published 04.10.2017 01:29:02
  • Last modified 20.04.2025 01:37:25

Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.

9.8

CVE-2017-14492

  • EPSS 92.64%
  • Published 03.10.2017 01:29:02
  • Last modified 20.04.2025 01:37:25

Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted IPv6 router advertisement request.

9.8

CVE-2017-14493

Exploit
  • EPSS 5.62%
  • Published 03.10.2017 01:29:02
  • Last modified 20.04.2025 01:37:25

Stack-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DHCPv6 request.