Redhat

Enterprise Linux Server

1890 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2018-10913

  • EPSS 0.94%
  • Published 04.09.2018 14:29:00
  • Last modified 21.11.2024 03:42:17

An information disclosure vulnerability was discovered in glusterfs server. An attacker could issue a xattr request via glusterfs FUSE to determine the existence of any file.

6.5

CVE-2018-10914

  • EPSS 3.87%
  • Published 04.09.2018 14:29:00
  • Last modified 21.11.2024 03:42:17

It was found that an attacker could issue a xattr request via glusterfs FUSE to cause gluster brick process to crash which will result in a remote denial of service. If gluster multiplexing is enabled this will result in a crash of multiple bricks an...

8.1

CVE-2018-10923

  • EPSS 0.91%
  • Published 04.09.2018 14:29:00
  • Last modified 21.11.2024 03:42:18

It was found that the "mknod" call derived from mknod(2) can create files pointing to devices on a glusterfs server node. An authenticated attacker could use this to create an arbitrary device and read data from any device attached to the glusterfs s...

8.8

CVE-2018-10907

  • EPSS 2.11%
  • Published 04.09.2018 13:29:11
  • Last modified 21.11.2024 03:42:16

It was found that glusterfs server is vulnerable to multiple stack based buffer overflows due to functions in server-rpc-fopc.c allocating fixed size buffers using 'alloca(3)'. An authenticated attacker could exploit this by mounting a gluster volume...

8.8

CVE-2018-10904

  • EPSS 1.26%
  • Published 04.09.2018 13:29:09
  • Last modified 21.11.2024 03:42:16

It was found that glusterfs server does not properly sanitize file paths in the "trusted.io-stats-dump" extended attribute which is used by the "debug/io-stats" translator. Attacker can use this flaw to create files and execute arbitrary code. To exp...

5.5

CVE-2018-16435

Exploit
  • EPSS 0.43%
  • Published 04.09.2018 00:29:02
  • Last modified 21.11.2024 03:52:44

Little CMS (aka Little Color Management System) 2.9 has an integer overflow in the AllocateDataSet function in cmscgats.c, leading to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile...

9.8

CVE-2018-16402

Exploit
  • EPSS 1.52%
  • Published 03.09.2018 19:29:00
  • Last modified 21.11.2024 03:52:40

libelf/elf_end.c in elfutils 0.173 allows remote attackers to cause a denial of service (double free and application crash) or possibly have unspecified other impact because it tries to decompress twice.

9.8

CVE-2018-12825

  • EPSS 1.35%
  • Published 29.08.2018 13:29:01
  • Last modified 21.11.2024 03:45:53

Adobe Flash Player 30.0.0.134 and earlier have a security bypass vulnerability. Successful exploitation could lead to security mitigation bypass.

7.5

CVE-2018-12826

  • EPSS 2.08%
  • Published 29.08.2018 13:29:01
  • Last modified 21.11.2024 03:45:53

Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

7.5

CVE-2018-12827

Exploit
  • EPSS 8.65%
  • Published 29.08.2018 13:29:01
  • Last modified 21.11.2024 03:45:54

Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.