Filtered by vendor Redhat
Subscriptions
Filtered by product Enterprise Linux
Subscriptions
Total
15528 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-7500 | 6 Apple, Canonical, Debian and 3 more | 15 Iphone Os, Mac Os X, Tvos and 12 more | 2025-04-12 | N/A |
| The xmlParseMisc function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via unspecified vectors related to incorrect entities boundaries and start tags. | ||||
| CVE-2014-6468 | 2 Oracle, Redhat | 3 Jdk, Jre, Enterprise Linux | 2025-04-12 | N/A |
| Unspecified vulnerability in Oracle Java SE 8u20 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. | ||||
| CVE-2015-7499 | 7 Apple, Canonical, Debian and 4 more | 17 Iphone Os, Mac Os X, Tvos and 14 more | 2025-04-12 | N/A |
| Heap-based buffer overflow in the xmlGROW function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive process memory information via unspecified vectors. | ||||
| CVE-2014-3185 | 2 Linux, Redhat | 4 Linux Kernel, Enterprise Linux, Enterprise Mrg and 1 more | 2025-04-12 | N/A |
| Multiple buffer overflows in the command_port_read_callback function in drivers/usb/serial/whiteheat.c in the Whiteheat USB Serial Driver in the Linux kernel before 3.16.2 allow physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption and system crash) via a crafted device that provides a large amount of (1) EHCI or (2) XHCI data associated with a bulk response. | ||||
| CVE-2015-4819 | 6 Canonical, Debian, Fedoraproject and 3 more | 16 Ubuntu Linux, Debian Linux, Fedora and 13 more | 2025-04-12 | N/A |
| Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier, and 5.6.25 and earlier, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Client programs. | ||||
| CVE-2015-5214 | 5 Apache, Canonical, Debian and 2 more | 5 Openoffice, Ubuntu Linux, Debian Linux and 2 more | 2025-04-12 | N/A |
| LibreOffice before 4.4.6 and 5.x before 5.0.1 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via an index to a non-existent bookmark in a DOC file. | ||||
| CVE-2014-3618 | 3 Canonical, Procmail, Redhat | 3 Ubuntu Linux, Procmail, Enterprise Linux | 2025-04-12 | N/A |
| Heap-based buffer overflow in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted email header, related to "unbalanced quotes." | ||||
| CVE-2015-5174 | 4 Apache, Canonical, Debian and 1 more | 6 Tomcat, Ubuntu Linux, Debian Linux and 3 more | 2025-04-12 | N/A |
| Directory traversal vulnerability in RequestUtil.java in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.65, and 8.x before 8.0.27 allows remote authenticated users to bypass intended SecurityManager restrictions and list a parent directory via a /.. (slash dot dot) in a pathname used by a web application in a getResource, getResourceAsStream, or getResourcePaths call, as demonstrated by the $CATALINA_BASE/webapps directory. | ||||
| CVE-2014-9660 | 7 Canonical, Debian, Fedoraproject and 4 more | 13 Ubuntu Linux, Debian Linux, Fedora and 10 more | 2025-04-12 | N/A |
| The _bdf_parse_glyphs function in bdf/bdflib.c in FreeType before 2.5.4 does not properly handle a missing ENDCHAR record, which allows remote attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a crafted BDF font. | ||||
| CVE-2016-1577 | 3 Canonical, Jasper Project, Redhat | 3 Ubuntu Linux, Jasper, Enterprise Linux | 2025-04-12 | N/A |
| Double free vulnerability in the jas_iccattrval_destroy function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted ICC color profile in a JPEG 2000 image file, a different vulnerability than CVE-2014-8137. | ||||
| CVE-2016-5699 | 2 Python, Redhat | 3 Python, Enterprise Linux, Rhel Software Collections | 2025-04-12 | N/A |
| CRLF injection vulnerability in the HTTPConnection.putheader function in urllib2 and urllib in CPython (aka Python) before 2.7.10 and 3.x before 3.4.4 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in a URL. | ||||
| CVE-2015-7182 | 3 Mozilla, Oracle, Redhat | 11 Firefox, Network Security Services, Glassfish Server and 8 more | 2025-04-12 | N/A |
| Heap-based buffer overflow in the ASN.1 decoder in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted OCTET STRING data. | ||||
| CVE-2014-3690 | 7 Canonical, Debian, Linux and 4 more | 11 Ubuntu Linux, Debian Linux, Linux Kernel and 8 more | 2025-04-12 | 5.5 Medium |
| arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 3.17.2 on Intel processors does not ensure that the value in the CR4 control register remains the same after a VM entry, which allows host OS users to kill arbitrary processes or cause a denial of service (system disruption) by leveraging /dev/kvm access, as demonstrated by PR_SET_TSC prctl calls within a modified copy of QEMU. | ||||
| CVE-2014-3467 | 5 Debian, F5, Gnu and 2 more | 17 Debian Linux, Arx, Arx Firmware and 14 more | 2025-04-12 | N/A |
| Multiple unspecified vulnerabilities in the DER decoder in GNU Libtasn1 before 3.6, as used in GnuTLS, allow remote attackers to cause a denial of service (out-of-bounds read) via crafted ASN.1 data. | ||||
| CVE-2014-0069 | 3 Linux, Redhat, Suse | 11 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 8 more | 2025-04-12 | N/A |
| The cifs_iovec_write function in fs/cifs/file.c in the Linux kernel through 3.13.5 does not properly handle uncached write operations that copy fewer than the requested number of bytes, which allows local users to obtain sensitive information from kernel memory, cause a denial of service (memory corruption and system crash), or possibly gain privileges via a writev system call with a crafted pointer. | ||||
| CVE-2013-7424 | 2 Gnu, Redhat | 2 Glibc, Enterprise Linux | 2025-04-12 | N/A |
| The getaddrinfo function in glibc before 2.15, when compiled with libidn and the AI_IDN flag is used, allows context-dependent attackers to cause a denial of service (invalid free) and possibly execute arbitrary code via unspecified vectors, as demonstrated by an internationalized domain name to ping6. | ||||
| CVE-2014-8500 | 2 Isc, Redhat | 3 Bind, Enterprise Linux, Rhel Aus | 2025-04-12 | N/A |
| ISC BIND 9.0.x through 9.8.x, 9.9.0 through 9.9.6, and 9.10.0 through 9.10.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service (memory consumption and named crash) via a large or infinite number of referrals. | ||||
| CVE-2012-2150 | 2 Redhat, Sgi | 2 Enterprise Linux, Xfsprogs | 2025-04-12 | N/A |
| xfs_metadump in xfsprogs before 3.2.4 does not properly obfuscate file data, which allows remote attackers to obtain sensitive information by reading a generated image. | ||||
| CVE-2014-3505 | 2 Openssl, Redhat | 5 Openssl, Enterprise Linux, Jboss Enterprise Application Platform and 2 more | 2025-04-12 | N/A |
| Double free vulnerability in d1_both.c in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote attackers to cause a denial of service (application crash) via crafted DTLS packets that trigger an error condition. | ||||
| CVE-2014-3693 | 4 Canonical, Libreoffice, Opensuse and 1 more | 7 Ubuntu Linux, Libreoffice, Opensuse and 4 more | 2025-04-12 | N/A |
| Use-after-free vulnerability in the socket manager of Impress Remote in LibreOffice 4.x before 4.2.7 and 4.3.x before 4.3.3 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request to TCP port 1599. | ||||