Redhat

Enterprise Linux Server

1890 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2015-5194

  • EPSS 15.51%
  • Published 21.07.2017 14:29:00
  • Last modified 20.04.2025 01:37:25

The log_config_command function in ntp_parser.y in ntpd in NTP before 4.2.7p42 allows remote attackers to cause a denial of service (ntpd crash) via crafted logconfig commands.

7.5

CVE-2015-5195

  • EPSS 13.72%
  • Published 21.07.2017 14:29:00
  • Last modified 20.04.2025 01:37:25

ntp_openssl.m4 in ntpd in NTP before 4.2.7p112 allows remote attackers to cause a denial of service (segmentation fault) via a crafted statistics or filegen configuration command that is not enabled during compilation.

7.5

CVE-2015-5219

  • EPSS 4.21%
  • Published 21.07.2017 14:29:00
  • Last modified 20.04.2025 01:37:25

The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a crafted NTP packet.

7.5

CVE-2015-5300

  • EPSS 34.23%
  • Published 21.07.2017 14:29:00
  • Last modified 20.04.2025 01:37:25

The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, which allows remote attackers to set NTP to an arbitrary time when started with the -g option,...

7.5

CVE-2017-11468

  • EPSS 0.25%
  • Published 20.07.2017 23:29:00
  • Last modified 20.04.2025 01:37:25

Docker Registry before 2.6.2 in Docker Distribution does not properly restrict the amount of content accepted from a user, which allows remote attackers to cause a denial of service (memory consumption) via the manifest endpoint.

7.5

CVE-2017-10978

  • EPSS 3.31%
  • Published 17.07.2017 17:29:00
  • Last modified 20.04.2025 01:37:25

An FR-GV-201 issue in FreeRADIUS 2.x before 2.2.10 and 3.x before 3.0.15 allows "Read / write overflow in make_secret()" and a denial of service.

7.5

CVE-2017-1000050

  • EPSS 1.61%
  • Published 17.07.2017 13:18:17
  • Last modified 20.04.2025 01:37:25

JasPer 2.0.12 is vulnerable to a NULL pointer exception in the function jp2_encode which failed to check to see if the image contained at least one component resulting in a denial-of-service.

9.1

CVE-2017-9788

  • EPSS 50.38%
  • Published 13.07.2017 16:29:00
  • Last modified 20.04.2025 01:37:25

In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by mod_auth_digest. Providing an initial ke...

6.5

CVE-2017-9775

  • EPSS 0.78%
  • Published 22.06.2017 21:29:00
  • Last modified 20.04.2025 01:37:25

Stack buffer overflow in GfxState.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service (application crash) via a crafted PDF document.

7.8

CVE-2017-9776

  • EPSS 1.25%
  • Published 22.06.2017 21:29:00
  • Last modified 20.04.2025 01:37:25

Integer overflow leading to Heap buffer overflow in JBIG2Stream.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document.