Redhat

Enterprise Linux Server

1891 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2014-3468

  • EPSS 6.27%
  • Veröffentlicht 05.06.2014 20:55:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The asn1_get_bit_der function in GNU Libtasn1 before 3.6 does not properly report an error when a negative bit length is identified, which allows context-dependent attackers to cause out-of-bounds access via crafted ASN.1 data.

5

CVE-2014-3469

  • EPSS 4.68%
  • Veröffentlicht 05.06.2014 20:55:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The (1) asn1_read_value_type and (2) asn1_read_value functions in GNU Libtasn1 before 3.6 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via a NULL value in an ivalue argument.

7.5

CVE-2014-0130

Warnung
  • EPSS 43.67%
  • Veröffentlicht 07.05.2014 10:55:04
  • Zuletzt bearbeitet 22.10.2025 01:15:53

Directory traversal vulnerability in actionpack/lib/abstract_controller/base.rb in the implicit-render implementation in Ruby on Rails before 3.2.18, 4.0.x before 4.0.5, and 4.1.x before 4.1.1, when certain route globbing configurations are enabled, ...

2.1

CVE-2014-0189

  • EPSS 0.07%
  • Veröffentlicht 02.05.2014 14:55:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

virt-who uses world-readable permissions for /etc/sysconfig/virt-who, which allows local users to obtain password for hypervisors by reading the file.

6.1

CVE-2014-1530

  • EPSS 0.87%
  • Veröffentlicht 30.04.2014 10:49:05
  • Zuletzt bearbeitet 25.11.2025 17:50:16

The docshell implementation in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to trigger the loading of a URL with a spoofed baseURI property, and conduct cross-si...

9.3

CVE-2014-1531

Exploit
  • EPSS 5.09%
  • Veröffentlicht 30.04.2014 10:49:05
  • Zuletzt bearbeitet 25.11.2025 17:50:16

Use-after-free vulnerability in the nsGenericHTMLElement::GetWidthHeightForImage function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to execute arbitrary co...

9.8

CVE-2014-1532

Exploit
  • EPSS 4.89%
  • Veröffentlicht 30.04.2014 10:49:05
  • Zuletzt bearbeitet 25.11.2025 17:50:16

Use-after-free vulnerability in the nsHostResolver::ConditionallyRefreshRecord function in libxul.so in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to execute a...

9.3

CVE-2014-1518

Exploit
  • EPSS 2.82%
  • Veröffentlicht 30.04.2014 10:49:04
  • Zuletzt bearbeitet 25.11.2025 17:50:16

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allow remote attackers to cause a denial of service (memory corruption and app...

6.5

CVE-2014-1523

  • EPSS 0.54%
  • Veröffentlicht 30.04.2014 10:49:04
  • Zuletzt bearbeitet 25.11.2025 17:50:16

Heap-based buffer overflow in the read_u32 function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to cause a denial of service (out-of-bounds read and applicat...

9.8

CVE-2014-1524

Exploit
  • EPSS 6.41%
  • Veröffentlicht 30.04.2014 10:49:04
  • Zuletzt bearbeitet 25.11.2025 17:50:16

The nsXBLProtoImpl::InstallImplementation function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 does not properly check whether objects are XBL objects, which allows remote attackers...