Enterprise Linux Desktop

enterprise_linux_desktop

Vendor: Redhat • 1,928 CVEs

CVEs (1,928)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2015-8241 5Canonical DebianHp+2 more 9Debian Linux Enterprise Linux DesktopEnterprise Linux Hpc Node+6 more May 6, 2026 Dec 15, 2015 N/A· v4 N/A· v3 6.4 MEDIUM· v2 The xmlNextChar function in libxml2 2.9.2 does not properly check the state, which allows context-dependent attackers to cause a denial of service (heap-based buffer over-read and application crash) or obtain sensitive i...Show more The xmlNextChar function in libxml2 2.9.2 does not properly check the state, which allows context-dependent attackers to cause a denial of service (heap-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.Show less
CVE-2015-7500 6Apple CanonicalDebian+3 more 13Debian Linux Enterprise Linux DesktopEnterprise Linux Hpc Node+10 more May 6, 2026 Dec 15, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The xmlParseMisc function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via unspecified vectors related to incorrect entities boundaries and...Show more The xmlParseMisc function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via unspecified vectors related to incorrect entities boundaries and start tags.Show less
CVE-2015-7499 7Apple CanonicalDebian+4 more 15Debian Linux Enterprise Linux DesktopEnterprise Linux Hpc Node+12 more May 6, 2026 Dec 15, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Heap-based buffer overflow in the xmlGROW function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive process memory information via unspecified vectors.
CVE-2015-7498 5Canonical DebianHp+2 more 9Debian Linux Enterprise Linux DesktopEnterprise Linux Hpc Node+6 more May 6, 2026 Dec 15, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Heap-based buffer overflow in the xmlParseXmlDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors related to extracting errors after an...Show more Heap-based buffer overflow in the xmlParseXmlDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors related to extracting errors after an encoding conversion failure.Show less
CVE-2015-7497 5Canonical DebianHp+2 more 9Debian Linux Enterprise Linux DesktopEnterprise Linux Hpc Node+6 more May 6, 2026 Dec 15, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Heap-based buffer overflow in the xmlDictComputeFastQKey function in dict.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors.
CVE-2015-5312 6Apple CanonicalDebian+3 more 13Debian Linux Enterprise Linux DesktopEnterprise Linux Hpc Node+10 more May 6, 2026 Dec 15, 2015 N/A· v4 N/A· v3 7.1 HIGH· v2 The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted...Show more The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data, a different vulnerability than CVE-2014-3660.Show less
CVE-2015-5006 3Ibm RedhatSuse 9Enterprise Linux Desktop Enterprise Linux ServerEnterprise Linux Server Eus+6 more May 6, 2026 Dec 7, 2015 N/A· v4 N/A· v3 2.1 LOW· v2 IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR2, 7 R1 before SR3 FP20, 7 before SR9 FP20, 6 R1 before SR8 FP15, and 6 before SR16 FP15 allow physically proximate attackers to obtain sensitiv...Show more IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR2, 7 R1 before SR3 FP20, 7 before SR9 FP20, 6 R1 before SR8 FP15, and 6 before SR16 FP15 allow physically proximate attackers to obtain sensitive information by reading the Kerberos Credential Cache.Show less
CVE-2015-3276 3Openldap OracleRedhat 9Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Hpc Node+6 more May 6, 2026 Dec 7, 2015 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The nss_parse_ciphers function in libraries/libldap/tls_m.c in OpenLDAP does not properly parse OpenSSL-style multi-keyword mode cipher strings, which might cause a weaker than intended cipher to be used and allow remote...Show more The nss_parse_ciphers function in libraries/libldap/tls_m.c in OpenLDAP does not properly parse OpenSSL-style multi-keyword mode cipher strings, which might cause a weaker than intended cipher to be used and allow remote attackers to have unspecified impact via unknown vectors.Show less
CVE-2015-5287 1Redhat 5Automatic Bug Reporting Tool Enterprise Linux DesktopEnterprise Linux Hpc Node+2 more May 6, 2026 Dec 7, 2015 N/A· v4 N/A· v3 6.9 MEDIUM· v2 The abrt-hook-ccpp help program in Automatic Bug Reporting Tool (ABRT) before 2.7.1 allows local users with certain permissions to gain privileges via a symlink attack on a file with a predictable name, as demonstrated b...Show more The abrt-hook-ccpp help program in Automatic Bug Reporting Tool (ABRT) before 2.7.1 allows local users with certain permissions to gain privileges via a symlink attack on a file with a predictable name, as demonstrated by /var/tmp/abrt/abrt-hax-coredump or /var/spool/abrt/abrt-hax-coredump.Show less
CVE-2015-5273 1Redhat 5Automatic Bug Reporting Tool Enterprise Linux DesktopEnterprise Linux Hpc Node+2 more May 6, 2026 Dec 7, 2015 N/A· v4 N/A· v3 3.6 LOW· v2 The abrt-action-install-debuginfo-to-abrt-cache help program in Automatic Bug Reporting Tool (ABRT) before 2.7.1 allows local users to write to arbitrary files via a symlink attack on unpacked.cpio in a pre-created direc...Show more The abrt-action-install-debuginfo-to-abrt-cache help program in Automatic Bug Reporting Tool (ABRT) before 2.7.1 allows local users to write to arbitrary files via a symlink attack on unpacked.cpio in a pre-created directory with a predictable name in /var/tmp.Show less
CVE-2015-3196 7Canonical DebianFedoraproject+4 more 13Debian Linux Enterprise Linux DesktopEnterprise Linux Server+10 more May 6, 2026 Dec 6, 2015 N/A· v4 N/A· v3 4.3 MEDIUM· v2 ssl/s3_clnt.c in OpenSSL 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1p, and 1.0.2 before 1.0.2d, when used for a multi-threaded client, writes the PSK identity hint to an incorrect data structure, which allows remote servers...Show more ssl/s3_clnt.c in OpenSSL 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1p, and 1.0.2 before 1.0.2d, when used for a multi-threaded client, writes the PSK identity hint to an incorrect data structure, which allows remote servers to cause a denial of service (race condition and double free) via a crafted ServerKeyExchange message.Show less
CVE-2015-3195 9Apple CanonicalDebian+6 more 25Api Gateway Communications Webrtc Session ControllerDebian Linux+22 more May 6, 2026 Dec 6, 2015 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 The ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q, and 1.0.2 before 1.0.2e mishandles errors caused by malformed X509_ATTRIBUTE data, which...Show more The ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q, and 1.0.2 before 1.0.2e mishandles errors caused by malformed X509_ATTRIBUTE data, which allows remote attackers to obtain sensitive information from process memory by triggering a decoding failure in a PKCS#7 or CMS application.Show less
CVE-2015-8391 5Fedoraproject OraclePcre+2 more 10Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+7 more May 6, 2026 Dec 2, 2015 N/A· v4 9.8 CRITICAL· v3 9.0 HIGH· v2 The pcre_compile function in pcre_compile.c in PCRE before 8.38 mishandles certain [: nesting, which allows remote attackers to cause a denial of service (CPU consumption) or possibly have unspecified other impact via a...Show more The pcre_compile function in pcre_compile.c in PCRE before 8.38 mishandles certain [: nesting, which allows remote attackers to cause a denial of service (CPU consumption) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.Show less
CVE-2015-7981 4Canonical DebianLibpng+1 more 10Debian Linux Enterprise Linux DesktopEnterprise Linux Hpc Node+7 more May 6, 2026 Nov 24, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The png_convert_to_rfc1123 function in png.c in libpng 1.0.x before 1.0.64, 1.2.x before 1.2.54, and 1.4.x before 1.4.17 allows remote attackers to obtain sensitive process memory information via crafted tIME chunk data...Show more The png_convert_to_rfc1123 function in png.c in libpng 1.0.x before 1.0.64, 1.2.x before 1.2.54, and 1.4.x before 1.4.17 allows remote attackers to obtain sensitive process memory information via crafted tIME chunk data in an image file, which triggers an out-of-bounds read.Show less
CVE-2015-8126 9Apple CanonicalDebian+6 more 20Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+17 more May 6, 2026 Nov 13, 2015 N/A· v4 N/A· v3 7.5 HIGH· v2 Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow r...Show more Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image.Show less
CVE-2015-4913 7Canonical DebianFedoraproject+4 more 15Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+12 more May 6, 2026 Oct 22, 2015 N/A· v4 N/A· v3 3.5 LOW· v2 Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML, a different vulnerability than CVE-...Show more Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML, a different vulnerability than CVE-2015-4858.Show less
CVE-2015-4902 4Opensuse OracleRedhat+1 more 21Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Eus Compute Node+18 more Apr 22, 2026 Oct 22, 2015 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60 allows remote attackers to affect integrity via unknown vectors related to Deployment.
CVE-2015-4879 6Canonical DebianFedoraproject+3 more 13Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+10 more May 6, 2026 Oct 21, 2015 N/A· v4 N/A· v3 4.6 MEDIUM· v2 Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier, and 5.6.25 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to DML.
CVE-2015-4870 7Canonical DebianFedoraproject+4 more 15Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+12 more May 6, 2026 Oct 21, 2015 N/A· v4 N/A· v3 4.0 MEDIUM· v2 Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Parser.
CVE-2015-4864 4Canonical MariadbOracle+1 more 10Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+7 more May 6, 2026 Oct 21, 2015 N/A· v4 N/A· v3 3.5 LOW· v2 Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.

Previous 1...697071...97 Next