Enterprise Linux Desktop

enterprise_linux_desktop

Vendor: Redhat • 1,928 CVEs

CVEs (1,928)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2017-13086 7Canonical DebianFreebsd+4 more 12Debian Linux Enterprise Linux DesktopEnterprise Linux Server+9 more May 13, 2026 Oct 17, 2017 N/A· v4 6.8 MEDIUM· v3 5.4 MEDIUM· v2 Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup (TDLS) Peer Key (TPK) during the TDLS handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.
CVE-2017-13084 7Canonical DebianFreebsd+4 more 12Debian Linux Enterprise Linux DesktopEnterprise Linux Server+9 more May 13, 2026 Oct 17, 2017 N/A· v4 6.8 MEDIUM· v3 5.4 MEDIUM· v2 Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Station-To-Station-Link (STSL) Transient Key (STK) during the PeerKey handshake, allowing an attacker within radio range to replay, decrypt, or spoof fra...Show more Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Station-To-Station-Link (STSL) Transient Key (STK) during the PeerKey handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.Show less
CVE-2017-13082 7Canonical DebianFreebsd+4 more 12Debian Linux Enterprise Linux DesktopEnterprise Linux Server+9 more May 13, 2026 Oct 17, 2017 N/A· v4 8.1 HIGH· v3 5.8 MEDIUM· v2 Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within ra...Show more Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.Show less
CVE-2017-13081 7Canonical DebianFreebsd+4 more 12Debian Linux Enterprise Linux DesktopEnterprise Linux Server+9 more May 13, 2026 Oct 17, 2017 N/A· v4 5.3 MEDIUM· v3 2.9 LOW· v2 Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames fr...Show more Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients.Show less
CVE-2017-13080 7Canonical DebianFreebsd+4 more 12Debian Linux Enterprise Linux DesktopEnterprise Linux Server+9 more May 13, 2026 Oct 17, 2017 N/A· v4 5.3 MEDIUM· v3 2.9 LOW· v2 Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.
CVE-2017-13079 7Canonical DebianFreebsd+4 more 12Debian Linux Enterprise Linux DesktopEnterprise Linux Server+9 more May 13, 2026 Oct 17, 2017 N/A· v4 5.3 MEDIUM· v3 2.9 LOW· v2 Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames fro...Show more Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients.Show less
CVE-2017-13078 7Canonical DebianFreebsd+4 more 12Debian Linux Enterprise Linux DesktopEnterprise Linux Server+9 more May 13, 2026 Oct 17, 2017 N/A· v4 5.3 MEDIUM· v3 2.9 LOW· v2 Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients.
CVE-2017-13077 7Canonical DebianFreebsd+4 more 12Debian Linux Enterprise Linux DesktopEnterprise Linux Server+9 more May 13, 2026 Oct 17, 2017 N/A· v4 6.8 MEDIUM· v3 5.4 MEDIUM· v2 Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames...Show more Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.Show less
CVE-2017-0903 4Canonical DebianRedhat+1 more 9Debian Linux Enterprise Linux DesktopEnterprise Linux Server+6 more May 13, 2026 Oct 11, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 RubyGems versions between 2.0.0 and 2.6.13 are vulnerable to a possible remote code execution vulnerability. YAML deserialization of gem specifications can bypass class white lists. Specially crafted serialized objects c...Show more RubyGems versions between 2.0.0 and 2.6.13 are vulnerable to a possible remote code execution vulnerability. YAML deserialization of gem specifications can bypass class white lists. Specially crafted serialized objects can possibly be used to escalate to remote code execution.Show less
CVE-2017-1000116 3Debian MercurialRedhat 8Debian Linux Enterprise Linux DesktopEnterprise Linux Server+5 more May 13, 2026 Oct 5, 2017 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Mercurial prior to 4.3 did not adequately sanitize hostnames passed to ssh, leading to possible shell-injection attacks.
CVE-2017-1000115 3Debian MercurialRedhat 8Debian Linux Enterprise Linux DesktopEnterprise Linux Server+5 more May 13, 2026 Oct 5, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Mercurial prior to version 4.3 is vulnerable to a missing symlink check that can malicious repositories to modify files outside the repository
CVE-2017-1000111 3Debian LinuxRedhat 9Debian Linux Enterprise LinuxEnterprise Linux Desktop+6 more May 13, 2026 Oct 5, 2017 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 Linux kernel: heap out-of-bounds in AF_PACKET sockets. This new issue is analogous to previously disclosed CVE-2016-8655. In both cases, a socket option that changes socket state may race with safety checks in packet_set...Show more Linux kernel: heap out-of-bounds in AF_PACKET sockets. This new issue is analogous to previously disclosed CVE-2016-8655. In both cases, a socket option that changes socket state may race with safety checks in packet_set_ring. Previously with PACKET_VERSION. This time with PACKET_RESERVE. The solution is similar: lock the socket for the update. This issue may be exploitable, we did not investigate further. As this issue affects PF_PACKET sockets, it requires CAP_NET_RAW in the process namespace. But note that with user namespaces enabled, any process can create a namespace in which it has CAP_NET_RAW.Show less
CVE-2017-14491 12Arista ArubanetworksCanonical+9 more 21Arubaos Debian LinuxDiskstation Manager+18 more May 13, 2026 Oct 4, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.
CVE-2017-12617 6Apache CanonicalDebian+3 more 58Active Iq Unified Manager Agile PlmCommunications Instant Messaging Server+55 more Apr 21, 2026 Oct 4, 2017 N/A· v4 8.1 HIGH· v3 6.8 MEDIUM· v2 When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to fal...Show more When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.Show less
CVE-2017-14496 6Canonical DebianGoogle+3 more 8Android Debian LinuxDnsmasq+5 more May 13, 2026 Oct 3, 2017 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS req...Show more Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request.Show less
CVE-2017-14495 4Canonical DebianRedhat+1 more 6Debian Linux DnsmasqEnterprise Linux Desktop+3 more May 13, 2026 Oct 3, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Memory leak in dnsmasq before 2.78, when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service (memory consumption) via vectors involving DNS response creat...Show more Memory leak in dnsmasq before 2.78, when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service (memory consumption) via vectors involving DNS response creation.Show less
CVE-2017-14494 5Canonical DebianNovell+2 more 7Debian Linux DnsmasqEnterprise Linux Desktop+4 more May 13, 2026 Oct 3, 2017 N/A· v4 5.9 MEDIUM· v3 4.3 MEDIUM· v2 dnsmasq before 2.78, when configured as a relay, allows remote attackers to obtain sensitive memory information via vectors involving handling DHCPv6 forwarded requests.
CVE-2017-14493 5Canonical DebianOpensuse+2 more 7Debian Linux DnsmasqEnterprise Linux Desktop+4 more May 13, 2026 Oct 3, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Stack-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DHCPv6 request.
CVE-2017-14492 4Canonical DebianRedhat+1 more 6Debian Linux DnsmasqEnterprise Linux Desktop+3 more May 13, 2026 Oct 3, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted IPv6 router advertisement request.
CVE-2017-13704 6Canonical DebianFedoraproject+3 more 8Debian Linux DnsmasqEnterprise Linux Desktop+5 more May 13, 2026 Oct 3, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero's (0xff...Show more In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero's (0xffffffffffffffff in 64 bit platforms), making dnsmasq crash.Show less

Previous 1...515253...97 Next