Filtered by vendor Redhat
Subscriptions
Filtered by product Enterprise Linux
Subscriptions
Total
15532 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-1998 | 2 Redhat, X.org | 2 Enterprise Linux, Libxi | 2025-04-11 | N/A |
| Multiple buffer overflows in X.org libXi 1.7.1 and earlier allow X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the (1) XGetDeviceButtonMapping, (2) XIPassiveGrabDevice, and (3) XQueryDeviceState functions. | ||||
| CVE-2013-2002 | 2 Redhat, X | 2 Enterprise Linux, Libxt | 2025-04-11 | N/A |
| Buffer overflow in X.org libXt 1.1.3 and earlier allows X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the _XtResourceConfigurationEH function. | ||||
| CVE-2013-2005 | 2 Redhat, X | 2 Enterprise Linux, Libxt | 2025-04-11 | N/A |
| X.org libXt 1.1.3 and earlier does not check the return value of the XGetWindowProperty function, which allows X servers to trigger use of an uninitialized pointer and memory corruption via vectors related to the (1) ReqCleanup, (2) HandleSelectionEvents, (3) ReqTimedOut, (4) HandleNormal, and (5) HandleSelectionReplies functions. | ||||
| CVE-2013-2062 | 2 Redhat, X | 2 Enterprise Linux, Libxp | 2025-04-11 | N/A |
| Multiple integer overflows in X.org libXp 1.0.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XpGetAttributes, (2) XpGetOneAttribute, (3) XpGetPrinterList, and (4) XpQueryScreens functions. | ||||
| CVE-2013-2066 | 3 Redhat, X, X.org | 3 Enterprise Linux, Libxv, Libxv | 2025-04-11 | N/A |
| Buffer overflow in X.org libXv 1.0.7 and earlier allows X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the XvQueryPortAttributes function. | ||||
| CVE-2013-0871 | 2 Linux, Redhat | 4 Linux Kernel, Enterprise Linux, Enterprise Mrg and 1 more | 2025-04-11 | N/A |
| Race condition in the ptrace functionality in the Linux kernel before 3.7.5 allows local users to gain privileges via a PTRACE_SETREGS ptrace system call in a crafted application, as demonstrated by ptrace_death. | ||||
| CVE-2012-1015 | 2 Mit, Redhat | 2 Kerberos 5, Enterprise Linux | 2025-04-11 | N/A |
| The kdc_handle_protected_negotiation function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8.x, 1.9.x before 1.9.5, and 1.10.x before 1.10.3 attempts to calculate a checksum before verifying that the key type is appropriate for a checksum, which allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized pointer free, heap memory corruption, and daemon crash) via a crafted AS-REQ request. | ||||
| CVE-2011-1530 | 2 Mit, Redhat | 2 Mit Kerberos, Enterprise Linux | 2025-04-11 | N/A |
| The process_tgs_req function in do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.9 through 1.9.2 allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted TGS request that triggers an error other than the KRB5_KDB_NOENTRY error. | ||||
| CVE-2012-0066 | 2 Redhat, Wireshark | 2 Enterprise Linux, Wireshark | 2025-04-11 | N/A |
| Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service (application crash) via a long packet in a (1) Accellent 5Views (aka .5vw) file, (2) I4B trace file, or (3) NETMON 2 capture file. | ||||
| CVE-2011-1529 | 2 Mit, Redhat | 2 Kerberos 5, Enterprise Linux | 2025-04-11 | N/A |
| The lookup_lockout_policy function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8 through 1.8.4 and 1.9 through 1.9.1, when the db2 (aka Berkeley DB) or LDAP back end is used, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger certain process_as_req errors. | ||||
| CVE-2011-1528 | 2 Mit, Redhat | 2 Kerberos 5, Enterprise Linux | 2025-04-11 | N/A |
| The krb5_ldap_lockout_audit function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8 through 1.8.4 and 1.9 through 1.9.1, when the LDAP back end is used, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via unspecified vectors, related to the locked_check_p function. NOTE: the Berkeley DB vector is covered by CVE-2011-4151. | ||||
| CVE-2011-0284 | 2 Mit, Redhat | 2 Kerberos 5, Enterprise Linux | 2025-04-11 | N/A |
| Double free vulnerability in the prepare_error_as function in do_as_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7 through 1.9, when the PKINIT feature is enabled, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via an e_data field containing typed data. | ||||
| CVE-2010-0307 | 4 Canonical, Debian, Linux and 1 more | 5 Ubuntu Linux, Debian Linux, Linux Kernel and 2 more | 2025-04-11 | N/A |
| The load_elf_binary function in fs/binfmt_elf.c in the Linux kernel before 2.6.32.8 on the x86_64 platform does not ensure that the ELF interpreter is available before a call to the SET_PERSONALITY macro, which allows local users to cause a denial of service (system crash) via a 32-bit application that attempts to execute a 64-bit application and then triggers a segmentation fault, as demonstrated by amd64_killer, related to the flush_old_exec function. | ||||
| CVE-2011-0282 | 2 Mit, Redhat | 3 Kerberos, Kerberos 5, Enterprise Linux | 2025-04-11 | N/A |
| The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (NULL pointer dereference or buffer over-read, and daemon crash) via a crafted principal name. | ||||
| CVE-2010-4022 | 2 Mit, Redhat | 2 Kerberos 5, Enterprise Linux | 2025-04-11 | N/A |
| The do_standalone function in the MIT krb5 KDC database propagation daemon (kpropd) in Kerberos 1.7, 1.8, and 1.9, when running in standalone mode, does not properly handle when a worker child process "exits abnormally," which allows remote attackers to cause a denial of service (listening process termination, no new connections, and lack of updates in slave KVC) via unspecified vectors. | ||||
| CVE-2010-1322 | 2 Mit, Redhat | 2 Kerberos 5, Enterprise Linux | 2025-04-11 | N/A |
| The merge_authdata function in kdc_authdata.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8.x before 1.8.4 does not properly manage an index into an authorization-data list, which allows remote attackers to cause a denial of service (daemon crash), or possibly obtain sensitive information, spoof authorization, or execute arbitrary code, via a TGS request that triggers an uninitialized pointer dereference, as demonstrated by a request from a Windows Active Directory client. | ||||
| CVE-2010-1321 | 8 Canonical, Debian, Fedoraproject and 5 more | 10 Ubuntu Linux, Debian Linux, Fedora and 7 more | 2025-04-11 | N/A |
| The kg_accept_krb5 function in krb5/accept_sec_context.c in the GSS-API library in MIT Kerberos 5 (aka krb5) through 1.7.1 and 1.8 before 1.8.2, as used in kadmind and other applications, does not properly check for invalid GSS-API tokens, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via an AP-REQ message in which the authenticator's checksum field is missing. | ||||
| CVE-2013-0389 | 4 Canonical, Mariadb, Oracle and 1 more | 4 Ubuntu Linux, Mariadb, Mysql and 1 more | 2025-04-11 | N/A |
| Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer. | ||||
| CVE-2013-5891 | 5 Canonical, Debian, Mariadb and 2 more | 9 Ubuntu Linux, Debian Linux, Mariadb and 6 more | 2025-04-11 | N/A |
| Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.33 and earlier and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition. | ||||
| CVE-2012-1705 | 4 Canonical, Mariadb, Oracle and 1 more | 8 Ubuntu Linux, Mariadb, Mysql and 5 more | 2025-04-11 | N/A |
| Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer. | ||||