Redhat

Enterprise Linux Server

1890 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2018-14652

  • EPSS 2.78%
  • Published 31.10.2018 19:29:00
  • Last modified 21.11.2024 03:49:30

The Gluster file system through versions 3.12 and 4.1.4 is vulnerable to a buffer overflow in the 'features/index' translator via the code handling the 'GF_XATTR_CLRLK_CMD' xattr in the 'pl_getxattr' function. A remote authenticated attacker could ex...

8.8

CVE-2018-14653

  • EPSS 0.88%
  • Published 31.10.2018 19:29:00
  • Last modified 21.11.2024 03:49:30

The Gluster file system through versions 4.1.4 and 3.12 is vulnerable to a heap-based buffer overflow in the '__server_getspec' function via the 'gf_getspec_req' RPC message. A remote authenticated attacker could exploit this to cause a denial of ser...

8.5

CVE-2018-14654

  • EPSS 2.09%
  • Published 31.10.2018 19:29:00
  • Last modified 21.11.2024 03:49:31

The Gluster file system through version 4.1.4 is vulnerable to abuse of the 'features/index' translator. A remote attacker with access to mount volumes could exploit this via the 'GF_XATTROP_ENTRY_IN_KEY' xattrop to create arbitrary, empty files on t...

6.5

CVE-2018-14659

  • EPSS 2.59%
  • Published 31.10.2018 19:29:00
  • Last modified 21.11.2024 03:49:31

The Gluster file system through versions 4.1.4 and 3.1.2 is vulnerable to a denial of service attack via use of the 'GF_XATTR_IOSTATS_DUMP_KEY' xattr. A remote, authenticated attacker could exploit this by mounting a Gluster volume and repeatedly cal...

8.8

CVE-2018-15688

  • EPSS 0.73%
  • Published 26.10.2018 14:29:00
  • Last modified 09.06.2025 16:15:28

A buffer overflow vulnerability in the dhcp6 client of systemd allows a malicious dhcp6 server to overwrite heap memory in systemd-networkd. Affected releases are systemd: versions up to and including 239.

7.2

CVE-2018-14665

Exploit
  • EPSS 3.8%
  • Published 25.10.2018 20:29:00
  • Last modified 29.08.2025 13:42:30

A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log in to the system via physical console to escalate the...

4.3

CVE-2018-18585

Exploit
  • EPSS 0.48%
  • Published 23.10.2018 02:29:00
  • Last modified 21.11.2024 03:56:12

chmd_read_headers in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character (such as the "/\0" name).

8.1

CVE-2018-18559

Exploit
  • EPSS 1.14%
  • Published 22.10.2018 16:29:00
  • Last modified 21.11.2024 03:56:09

In the Linux kernel through 4.19, a use-after-free can occur due to a race condition between fanout_add from setsockopt and bind on an AF_PACKET socket. This issue exists because of the 15fe076edea787807a7cdc168df832544b58eba6 incomplete fix for a ra...

8.6

CVE-2018-18284

Exploit
  • EPSS 0.22%
  • Published 19.10.2018 22:29:01
  • Last modified 21.11.2024 03:55:38

Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving the 1Policy operator.

6.5

CVE-2018-18520

Exploit
  • EPSS 1.16%
  • Published 19.10.2018 17:29:00
  • Last modified 21.11.2024 03:56:05

An Invalid Memory Address Dereference exists in the function elf_end in libelf in elfutils through v0.174. Although eu-size is intended to support ar files inside ar files, handle_ar in size.c closes the outer ar file before handling all inner entrie...