Redhat

Enterprise Linux Server

1890 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2019-5544

Warning
  • EPSS 93.04%
  • Published 06.12.2019 16:15:11
  • Last modified 07.02.2025 14:59:31

OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8.

5.3

CVE-2011-2515

  • EPSS 0.17%
  • Published 27.11.2019 21:15:12
  • Last modified 21.11.2024 01:28:26

PackageKit 0.6.17 allows installation of unsigned RPM packages as though they were signed which may allow installation of non-trusted packages and execution of arbitrary code.

7.8

CVE-2019-10216

  • EPSS 0.53%
  • Published 27.11.2019 13:15:10
  • Last modified 21.11.2024 04:18:40

In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that coul...

8.8

CVE-2019-13723

  • EPSS 4.73%
  • Published 25.11.2019 15:15:34
  • Last modified 21.11.2024 04:25:34

Use after free in WebBluetooth in Google Chrome prior to 78.0.3904.108 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.

5.5

CVE-2012-6136

  • EPSS 0.03%
  • Published 20.11.2019 15:15:11
  • Last modified 21.11.2024 01:45:53

tuned 2.10.0 creates its PID file with insecure permissions which allows local users to kill arbitrary processes.

6.5

CVE-2018-12207

  • EPSS 0.26%
  • Published 14.11.2019 20:15:11
  • Last modified 21.11.2024 03:44:45

Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access.

6.5

CVE-2019-11135

  • EPSS 0.24%
  • Published 14.11.2019 19:15:13
  • Last modified 21.11.2024 04:20:35

TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.

7.5

CVE-2019-6470

Exploit
  • EPSS 0.27%
  • Published 01.11.2019 23:15:10
  • Last modified 11.04.2025 14:55:14

There had existed in one of the ISC BIND libraries a bug in a function that was used by dhcpd when operating in DHCPv6 mode. There was also a bug in dhcpd relating to the use of this function per its documentation, but the bug in the library function...

9.8

CVE-2019-11043

Warning Exploit
  • EPSS 94.11%
  • Published 28.10.2019 15:15:13
  • Last modified 14.02.2025 16:43:36

In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the p...

7.5

CVE-2019-17596

Exploit
  • EPSS 2.34%
  • Published 24.10.2019 22:15:10
  • Last modified 21.11.2024 04:32:36

Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public key. There are several attack scenarios, such as traffic from a client to a server that verifies client certificates.