Filtered by vendor Redhat
Subscriptions
Filtered by product Enterprise Linux
Subscriptions
Total
15672 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-3465 | 2 Gnu, Redhat | 2 Gnutls, Enterprise Linux | 2025-04-12 | N/A |
| The gnutls_x509_dn_oid_name function in lib/x509/common.c in GnuTLS 3.0 before 3.1.20 and 3.2.x before 3.2.10 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted X.509 certificate, related to a missing LDAP description for an OID when printing the DN. | ||||
| CVE-2015-4731 | 2 Oracle, Redhat | 6 Jdk, Jre, Enterprise Linux and 3 more | 2025-04-12 | N/A |
| Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; Java SE Embedded 7u75; and Java SE Embedded 8u33 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX. | ||||
| CVE-2014-0189 | 2 Redhat, Virt-who Project | 6 Enterprise Linux, Enterprise Linux Desktop, Enterprise Linux Server and 3 more | 2025-04-12 | N/A |
| virt-who uses world-readable permissions for /etc/sysconfig/virt-who, which allows local users to obtain password for hypervisors by reading the file. | ||||
| CVE-2015-2666 | 3 Fedoraproject, Linux, Redhat | 4 Fedora, Linux Kernel, Enterprise Linux and 1 more | 2025-04-12 | N/A |
| Stack-based buffer overflow in the get_matching_model_microcode function in arch/x86/kernel/cpu/microcode/intel_early.c in the Linux kernel before 4.0 allows context-dependent attackers to gain privileges by constructing a crafted microcode header and leveraging root privileges for write access to the initrd. | ||||
| CVE-2014-0186 | 1 Redhat | 1 Enterprise Linux | 2025-04-12 | N/A |
| A certain tomcat7 package for Apache Tomcat 7 in Red Hat Enterprise Linux (RHEL) 7 allows remote attackers to cause a denial of service (CPU consumption) via a crafted request. NOTE: this vulnerability exists because of an unspecified regression. | ||||
| CVE-2015-3230 | 2 Fedoraproject, Redhat | 2 389 Directory Server, Enterprise Linux | 2025-04-12 | N/A |
| 389 Directory Server (formerly Fedora Directory Server) before 1.3.3.12 does not enforce the nsSSL3Ciphers preference when creating an sslSocket, which allows remote attackers to have unspecified impact by requesting to use a disabled cipher. | ||||
| CVE-2015-1779 | 6 Canonical, Debian, Fedoraproject and 3 more | 12 Ubuntu Linux, Debian Linux, Fedora and 9 more | 2025-04-12 | 8.6 High |
| The VNC websocket frame decoder in QEMU allows remote attackers to cause a denial of service (memory and CPU consumption) via a large (1) websocket payload or (2) HTTP headers section. | ||||
| CVE-2014-0092 | 2 Gnu, Redhat | 5 Gnutls, Enterprise Linux, Rhel Els and 2 more | 2025-04-12 | N/A |
| lib/x509/verify.c in GnuTLS before 3.1.22 and 3.2.x before 3.2.12 does not properly handle unspecified errors when verifying X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers via a crafted certificate. | ||||
| CVE-2014-3184 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Enterprise Mrg | 2025-04-12 | N/A |
| The report_fixup functions in the HID subsystem in the Linux kernel before 3.16.2 might allow physically proximate attackers to cause a denial of service (out-of-bounds write) via a crafted device that provides a small report descriptor, related to (1) drivers/hid/hid-cherry.c, (2) drivers/hid/hid-kye.c, (3) drivers/hid/hid-lg.c, (4) drivers/hid/hid-monterey.c, (5) drivers/hid/hid-petalynx.c, and (6) drivers/hid/hid-sunplus.c. | ||||
| CVE-2014-5472 | 2 Linux, Redhat | 6 Linux Kernel, Enterprise Linux, Enterprise Mrg and 3 more | 2025-04-12 | N/A |
| The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel through 3.16.1 allows local users to cause a denial of service (unkillable mount process) via a crafted iso9660 image with a self-referential CL entry. | ||||
| CVE-2015-1815 | 3 Fedoraproject, Redhat, Selinux | 3 Fedora, Enterprise Linux, Setroubleshoot | 2025-04-12 | N/A |
| The get_rpm_nvr_by_file_path_temporary function in util.py in setroubleshoot before 3.2.22 allows remote attackers to execute arbitrary commands via shell metacharacters in a file name. | ||||
| CVE-2010-5313 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-04-12 | N/A |
| Race condition in arch/x86/kvm/x86.c in the Linux kernel before 2.6.38 allows L2 guest OS users to cause a denial of service (L1 guest OS crash) via a crafted instruction that triggers an L2 emulation failure report, a similar issue to CVE-2014-7842. | ||||
| CVE-2015-1821 | 3 Debian, Redhat, Tuxfamily | 3 Debian Linux, Enterprise Linux, Chrony | 2025-04-12 | N/A |
| Heap-based buffer overflow in chrony before 1.31.1 allows remote authenticated users to cause a denial of service (chronyd crash) or possibly execute arbitrary code by configuring the (1) NTP or (2) cmdmon access with a subnet size that is indivisible by four and an address with a nonzero bit in the subnet remainder. | ||||
| CVE-2015-1822 | 3 Debian, Redhat, Tuxfamily | 3 Debian Linux, Enterprise Linux, Chrony | 2025-04-12 | N/A |
| chrony before 1.31.1 does not initialize the last "next" pointer when saving unacknowledged replies to command requests, which allows remote authenticated users to cause a denial of service (uninitialized pointer dereference and daemon crash) or possibly execute arbitrary code via a large number of command requests. | ||||
| CVE-2015-3622 | 4 Fedoraproject, Gnu, Opensuse and 1 more | 4 Fedora, Libtasn1, Opensuse and 1 more | 2025-04-12 | N/A |
| The _asn1_extract_der_octet function in lib/decoding.c in GNU Libtasn1 before 4.5 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted certificate. | ||||
| CVE-2014-3181 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Enterprise Mrg | 2025-04-12 | N/A |
| Multiple stack-based buffer overflows in the magicmouse_raw_event function in drivers/hid/hid-magicmouse.c in the Magic Mouse HID driver in the Linux kernel through 3.16.3 allow physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a crafted device that provides a large amount of (1) EHCI or (2) XHCI data associated with an event. | ||||
| CVE-2015-1848 | 2 Fedora, Redhat | 6 Pacemaker Configuration System, Enterprise Linux, Enterprise Linux High Availability and 3 more | 2025-04-12 | N/A |
| The pcs daemon (pcsd) in PCS 0.9.137 and earlier does not set the secure flag for a cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session. NOTE: this issue was SPLIT per ADT2 due to different vulnerability types. CVE-2015-3983 is for the issue with not setting the HTTPOnly flag. | ||||
| CVE-2014-3565 | 4 Apple, Canonical, Net-snmp and 1 more | 4 Mac Os X, Ubuntu Linux, Net-snmp and 1 more | 2025-04-12 | N/A |
| snmplib/mib.c in net-snmp 5.7.0 and earlier, when the -OQ option is used, allows remote attackers to cause a denial of service (snmptrapd crash) via a crafted SNMP trap message, which triggers a conversion to the variable type designated in the MIB file, as demonstrated by a NULL type in an ifMtu trap message. | ||||
| CVE-2014-3182 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Enterprise Mrg | 2025-04-12 | N/A |
| Array index error in the logi_dj_raw_event function in drivers/hid/hid-logitech-dj.c in the Linux kernel before 3.16.2 allows physically proximate attackers to execute arbitrary code or cause a denial of service (invalid kfree) via a crafted device that provides a malformed REPORT_TYPE_NOTIF_DEVICE_UNPAIRED value. | ||||
| CVE-2014-3145 | 5 Canonical, Debian, Linux and 2 more | 6 Ubuntu Linux, Debian Linux, Linux Kernel and 3 more | 2025-04-12 | N/A |
| The BPF_S_ANC_NLATTR_NEST extension implementation in the sk_run_filter function in net/core/filter.c in the Linux kernel through 3.14.3 uses the reverse order in a certain subtraction, which allows local users to cause a denial of service (over-read and system crash) via crafted BPF instructions. NOTE: the affected code was moved to the __skb_get_nlattr_nest function before the vulnerability was announced. | ||||