Redhat

Enterprise Linux Workstation

1845 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.1

CVE-2016-3717

  • EPSS 26.22%
  • Veröffentlicht 05.05.2016 18:59:07
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The LABEL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to read arbitrary files via a crafted image.

4.3

CVE-2016-3716

Exploit
  • EPSS 17.35%
  • Veröffentlicht 05.05.2016 18:59:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The MSL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to move arbitrary files via a crafted image.

5.8

CVE-2016-3715

Warnung Exploit
  • EPSS 79.8%
  • Veröffentlicht 05.05.2016 18:59:04
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image.

7.8

CVE-2016-2109

  • EPSS 57.94%
  • Veröffentlicht 05.05.2016 01:59:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in the ASN.1 BIO implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (memory consumption) via a short invalid encoding.

10

CVE-2016-2108

  • EPSS 56.36%
  • Veröffentlicht 05.05.2016 01:59:04
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The ASN.1 implementation in OpenSSL before 1.0.1o and 1.0.2 before 1.0.2c allows remote attackers to execute arbitrary code or cause a denial of service (buffer underflow and memory corruption) via an ANY field in crafted serialized data, aka the "ne...

5.9

CVE-2016-2107

  • EPSS 79.14%
  • Veröffentlicht 05.05.2016 01:59:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider memory allocation during a certain padding check, which allows remote attackers to obtain sensitive cleartext information via a padding-oracle attack against...

7.5

CVE-2016-2106

  • EPSS 63.02%
  • Veröffentlicht 05.05.2016 01:59:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Integer overflow in the EVP_EncryptUpdate function in crypto/evp/evp_enc.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of data.

7.5

CVE-2016-2105

  • EPSS 50.8%
  • Veröffentlicht 05.05.2016 01:59:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Integer overflow in the EVP_EncodeUpdate function in crypto/evp/encode.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of binary data.

10

CVE-2016-3427

Warnung
  • EPSS 93.75%
  • Veröffentlicht 21.04.2016 11:00:21
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.

5.9

CVE-2016-0695

  • EPSS 2.92%
  • Veröffentlicht 21.04.2016 10:59:55
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality via vectors related to Security.