Redhat

Enterprise Linux Workstation

1845 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2014-4344

  • EPSS 6.99%
  • Veröffentlicht 14.08.2014 05:01:49
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The acc_ctx_cont function in the SPNEGO acceptor in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.5.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) ...

5

CVE-2014-4341

  • EPSS 12.61%
  • Veröffentlicht 20.07.2014 11:12:50
  • Zuletzt bearbeitet 12.04.2025 10:46:40

MIT Kerberos 5 (aka krb5) before 1.12.2 allows remote attackers to cause a denial of service (buffer over-read and application crash) by injecting invalid tokens into a GSSAPI application session.

5

CVE-2014-4342

  • EPSS 7.31%
  • Veröffentlicht 20.07.2014 11:12:50
  • Zuletzt bearbeitet 12.04.2025 10:46:40

MIT Kerberos 5 (aka krb5) 1.7.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (buffer over-read or NULL pointer dereference, and application crash) by injecting invalid tokens into a GSSAPI application session.

10

CVE-2014-0247

  • EPSS 7.12%
  • Veröffentlicht 03.07.2014 17:55:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

LibreOffice 4.2.4 executes unspecified VBA macros automatically, which has unspecified impact and attack vectors, possibly related to doc/docmacromode.cxx.

1.9

CVE-2014-4652

  • EPSS 0.05%
  • Veröffentlicht 03.07.2014 04:22:15
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Race condition in the tlv handler functionality in the snd_ctl_elem_user_tlv function in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 allows local users to obtain sensitive information from kernel memory b...

4.6

CVE-2014-4656

  • EPSS 0.08%
  • Veröffentlicht 03.07.2014 04:22:15
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple integer overflows in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 allow local users to cause a denial of service by leveraging /dev/snd/controlCX access, related to (1) index values in the snd_ctl...

5

CVE-2014-3467

  • EPSS 6.62%
  • Veröffentlicht 05.06.2014 20:55:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple unspecified vulnerabilities in the DER decoder in GNU Libtasn1 before 3.6, as used in GnuTLS, allow remote attackers to cause a denial of service (out-of-bounds read) via crafted ASN.1 data.

7.5

CVE-2014-3468

  • EPSS 6.27%
  • Veröffentlicht 05.06.2014 20:55:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The asn1_get_bit_der function in GNU Libtasn1 before 3.6 does not properly report an error when a negative bit length is identified, which allows context-dependent attackers to cause out-of-bounds access via crafted ASN.1 data.

5

CVE-2014-3469

  • EPSS 4.68%
  • Veröffentlicht 05.06.2014 20:55:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The (1) asn1_read_value_type and (2) asn1_read_value functions in GNU Libtasn1 before 3.6 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via a NULL value in an ivalue argument.

2.1

CVE-2014-0189

  • EPSS 0.07%
  • Veröffentlicht 02.05.2014 14:55:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

virt-who uses world-readable permissions for /etc/sysconfig/virt-who, which allows local users to obtain password for hypervisors by reading the file.