Redhat

Enterprise Linux Server

1890 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2018-16541

  • EPSS 0.45%
  • Veröffentlicht 05.09.2018 18:29:00
  • Zuletzt bearbeitet 21.11.2024 03:52:56

In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect free logic in pagedevice replacement to crash the interpreter.

5.5

CVE-2018-16542

  • EPSS 0.43%
  • Veröffentlicht 05.09.2018 18:29:00
  • Zuletzt bearbeitet 21.11.2024 03:52:56

In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use insufficient interpreter stack-size checking during error handling to crash the interpreter.

9.3

CVE-2018-16509

Exploit
  • EPSS 91.74%
  • Veröffentlicht 05.09.2018 06:29:00
  • Zuletzt bearbeitet 21.11.2024 03:52:52

An issue was discovered in Artifex Ghostscript before 9.24. Incorrect "restoration of privilege" checking during handling of /invalidaccess exceptions could be used by attackers able to supply crafted PostScript to execute code using the "pipe" instr...

7.8

CVE-2018-16511

  • EPSS 0.37%
  • Veröffentlicht 05.09.2018 06:29:00
  • Zuletzt bearbeitet 21.11.2024 03:52:52

An issue was discovered in Artifex Ghostscript before 9.24. A type confusion in "ztype" could be used by remote attackers able to supply crafted PostScript to crash the interpreter or possibly have unspecified other impact.

8.8

CVE-2018-10929

  • EPSS 0.86%
  • Veröffentlicht 04.09.2018 16:29:00
  • Zuletzt bearbeitet 21.11.2024 03:42:19

A flaw was found in RPC request using gfs2_create_req in glusterfs server. An authenticated attacker could use this flaw to create arbitrary files and execute arbitrary code on glusterfs server nodes.

6.5

CVE-2018-10930

  • EPSS 0.63%
  • Veröffentlicht 04.09.2018 16:29:00
  • Zuletzt bearbeitet 21.11.2024 03:42:19

A flaw was found in RPC request using gfs3_rename_req in glusterfs server. An authenticated attacker could use this flaw to write to a destination outside the gluster volume.

8.8

CVE-2018-10926

  • EPSS 0.79%
  • Veröffentlicht 04.09.2018 15:29:00
  • Zuletzt bearbeitet 21.11.2024 03:42:19

A flaw was found in RPC request using gfs3_mknod_req supported by glusterfs server. An authenticated attacker could use this flaw to write files to an arbitrary location via path traversal and execute arbitrary code on a glusterfs server node.

8.1

CVE-2018-10927

  • EPSS 1.36%
  • Veröffentlicht 04.09.2018 15:29:00
  • Zuletzt bearbeitet 21.11.2024 03:42:19

A flaw was found in RPC request using gfs3_lookup_req in glusterfs server. An authenticated attacker could use this flaw to leak information and execute remote denial of service by crashing gluster brick process.

8.8

CVE-2018-10928

  • EPSS 0.85%
  • Veröffentlicht 04.09.2018 15:29:00
  • Zuletzt bearbeitet 21.11.2024 03:42:19

A flaw was found in RPC request using gfs3_symlink_req in glusterfs server which allows symlink destinations to point to file paths outside of the gluster volume. An authenticated attacker could use this flaw to create arbitrary symlinks pointing any...

7.5

CVE-2018-10911

  • EPSS 4.26%
  • Veröffentlicht 04.09.2018 14:29:00
  • Zuletzt bearbeitet 21.11.2024 03:42:17

A flaw was found in the way dic_unserialize function of glusterfs does not handle negative key length values. An attacker could use this flaw to read memory from other locations into the stored dict value.