Redhat

Enterprise Linux Server

1891 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2019-3863

  • EPSS 8.76%
  • Veröffentlicht 25.03.2019 18:29:01
  • Zuletzt bearbeitet 21.11.2024 04:42:44

A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out of bound...

9.1

CVE-2019-9948

Exploit
  • EPSS 0.94%
  • Veröffentlicht 23.03.2019 18:29:02
  • Zuletzt bearbeitet 21.11.2024 04:52:39

urllib in Python 2.x through 2.7.16 supports the local_file: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggering a urllib.urlopen('local_file:///etc/passwd') call...

9.3

CVE-2019-3855

  • EPSS 10.18%
  • Veröffentlicht 21.03.2019 21:29:00
  • Zuletzt bearbeitet 21.11.2024 04:42:43

An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system wh...

5.5

CVE-2019-7222

Exploit
  • EPSS 0.04%
  • Veröffentlicht 21.03.2019 16:01:11
  • Zuletzt bearbeitet 21.11.2024 04:47:47

The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak.

7.8

CVE-2019-7221

Exploit
  • EPSS 0.06%
  • Veröffentlicht 21.03.2019 16:01:10
  • Zuletzt bearbeitet 21.11.2024 04:47:46

The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free.

5.5

CVE-2019-6454

Exploit
  • EPSS 0.11%
  • Veröffentlicht 21.03.2019 16:01:08
  • Zuletzt bearbeitet 21.11.2024 04:46:28

An issue was discovered in sd-bus in systemd 239. bus_process_object() in libsystemd/sd-bus/bus-objects.c allocates a variable-length stack buffer for temporarily storing the object path of incoming D-Bus messages. An unprivileged local user can expl...

7.8

CVE-2019-6116

Exploit
  • EPSS 69.3%
  • Veröffentlicht 21.03.2019 16:01:07
  • Zuletzt bearbeitet 21.11.2024 04:45:58

In Artifex Ghostscript through 9.26, ephemeral or transient procedures can allow access to system operators, leading to remote code execution.

7.5

CVE-2019-3816

  • EPSS 0.98%
  • Veröffentlicht 14.03.2019 22:29:01
  • Zuletzt bearbeitet 21.11.2024 04:42:36

Openwsman, versions up to and including 2.6.9, are vulnerable to arbitrary file disclosure because the working directory of openwsmand daemon was set to root directory. A remote, unauthenticated attacker can exploit this vulnerability by sending a sp...

9.8

CVE-2019-9636

  • EPSS 5.63%
  • Veröffentlicht 08.03.2019 21:29:00
  • Zuletzt bearbeitet 21.11.2024 04:52:01

Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: Improper Handling of Unicode Encoding (with an incorrect netloc) during NFKC normalization. The impact is: Information disclosure (credentials, cookies, etc. that are cached against a ...

9.8

CVE-2018-12405

  • EPSS 10.62%
  • Veröffentlicht 28.02.2019 18:29:01
  • Zuletzt bearbeitet 25.11.2025 17:50:16

Mozilla developers and community members reported memory safety bugs present in Firefox 63 and Firefox ESR 60.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to r...