Redhat

Enterprise Linux Server

1890 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2017-3167

  • EPSS 9.44%
  • Veröffentlicht 20.06.2017 01:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed.

7.5

CVE-2017-7668

  • EPSS 65.46%
  • Veröffentlicht 20.06.2017 01:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The HTTP strict parsing changes added in Apache httpd 2.2.32 and 2.4.24 introduced a bug in token list parsing, which allows ap_find_token() to search past the end of its input string. By maliciously crafting a sequence of request headers, an attacke...

7.8

CVE-2017-1000366

  • EPSS 7.81%
  • Veröffentlicht 19.06.2017 16:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening changes have been made t...

7.5

CVE-2016-3099

  • EPSS 0.28%
  • Veröffentlicht 08.06.2017 19:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

mod_ns in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux Workstation 7 allows remote attackers to force the use of ciphers that were not intended to be enabled.

7.5

CVE-2016-4992

  • EPSS 0.33%
  • Veröffentlicht 08.06.2017 19:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allows remote attackers to infer th...

9.8

CVE-2016-5405

  • EPSS 0.59%
  • Veröffentlicht 08.06.2017 19:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allows remote attackers to obtain u...

7.5

CVE-2016-5416

  • EPSS 0.3%
  • Veröffentlicht 08.06.2017 19:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allows remote attackers to read the...

9.8

CVE-2016-7050

  • EPSS 1.08%
  • Veröffentlicht 08.06.2017 19:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

SerializableProvider in RESTEasy in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux Workstation 7 allows remote attackers to execute arbitrary code.

6.8

CVE-2017-9461

Exploit
  • EPSS 4.03%
  • Veröffentlicht 06.06.2017 21:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

smbd in Samba before 4.4.10 and 4.5.x before 4.5.6 has a denial of service vulnerability (fd_open_atomic infinite loop with high CPU usage and memory consumption) due to wrongly handling dangling symlinks.

9

CVE-2017-9462

  • EPSS 48.7%
  • Veröffentlicht 06.06.2017 21:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

In Mercurial before 4.1.3, "hg serve --stdio" allows remote authenticated users to launch the Python debugger, and consequently execute arbitrary code, by using --debugger as a repository name.