Redhat

Enterprise Linux Server

1890 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2019-5544

Warnung
  • EPSS 93.04%
  • Veröffentlicht 06.12.2019 16:15:11
  • Zuletzt bearbeitet 07.02.2025 14:59:31

OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8.

5.3

CVE-2011-2515

  • EPSS 0.17%
  • Veröffentlicht 27.11.2019 21:15:12
  • Zuletzt bearbeitet 21.11.2024 01:28:26

PackageKit 0.6.17 allows installation of unsigned RPM packages as though they were signed which may allow installation of non-trusted packages and execution of arbitrary code.

7.8

CVE-2019-10216

  • EPSS 0.53%
  • Veröffentlicht 27.11.2019 13:15:10
  • Zuletzt bearbeitet 21.11.2024 04:18:40

In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that coul...

8.8

CVE-2019-13723

  • EPSS 4.73%
  • Veröffentlicht 25.11.2019 15:15:34
  • Zuletzt bearbeitet 21.11.2024 04:25:34

Use after free in WebBluetooth in Google Chrome prior to 78.0.3904.108 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.

5.5

CVE-2012-6136

  • EPSS 0.03%
  • Veröffentlicht 20.11.2019 15:15:11
  • Zuletzt bearbeitet 21.11.2024 01:45:53

tuned 2.10.0 creates its PID file with insecure permissions which allows local users to kill arbitrary processes.

6.5

CVE-2018-12207

  • EPSS 0.26%
  • Veröffentlicht 14.11.2019 20:15:11
  • Zuletzt bearbeitet 21.11.2024 03:44:45

Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access.

6.5

CVE-2019-11135

  • EPSS 0.24%
  • Veröffentlicht 14.11.2019 19:15:13
  • Zuletzt bearbeitet 21.11.2024 04:20:35

TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.

7.5

CVE-2019-6470

Exploit
  • EPSS 0.27%
  • Veröffentlicht 01.11.2019 23:15:10
  • Zuletzt bearbeitet 11.04.2025 14:55:14

There had existed in one of the ISC BIND libraries a bug in a function that was used by dhcpd when operating in DHCPv6 mode. There was also a bug in dhcpd relating to the use of this function per its documentation, but the bug in the library function...

9.8

CVE-2019-11043

Warnung Exploit
  • EPSS 94.11%
  • Veröffentlicht 28.10.2019 15:15:13
  • Zuletzt bearbeitet 14.02.2025 16:43:36

In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the p...

7.5

CVE-2019-17596

Exploit
  • EPSS 2.34%
  • Veröffentlicht 24.10.2019 22:15:10
  • Zuletzt bearbeitet 21.11.2024 04:32:36

Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public key. There are several attack scenarios, such as traffic from a client to a server that verifies client certificates.