Enterprise Linux Desktop

enterprise_linux_desktop

Vendor: Redhat • 1,928 CVEs

CVEs (1,928)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2014-4342 3Debian MitRedhat 7Debian Linux Enterprise Linux DesktopEnterprise Linux Hpc Node+4 more May 6, 2026 Jul 20, 2014 N/A· v4 N/A· v3 5.0 MEDIUM· v2 MIT Kerberos 5 (aka krb5) 1.7.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (buffer over-read or NULL pointer dereference, and application crash) by injecting invalid tokens into a G...Show more MIT Kerberos 5 (aka krb5) 1.7.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (buffer over-read or NULL pointer dereference, and application crash) by injecting invalid tokens into a GSSAPI application session.Show less
CVE-2014-4341 4Debian FedoraprojectMit+1 more 10Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+7 more May 6, 2026 Jul 20, 2014 N/A· v4 N/A· v3 5.0 MEDIUM· v2 MIT Kerberos 5 (aka krb5) before 1.12.2 allows remote attackers to cause a denial of service (buffer over-read and application crash) by injecting invalid tokens into a GSSAPI application session.
CVE-2014-0247 5Canonical FedoraprojectLibreoffice+2 more 7Enterprise Linux Desktop Enterprise Linux ServerEnterprise Linux Workstation+4 more May 6, 2026 Jul 3, 2014 N/A· v4 N/A· v3 10.0 HIGH· v2 LibreOffice 4.2.4 executes unspecified VBA macros automatically, which has unspecified impact and attack vectors, possibly related to doc/docmacromode.cxx.
CVE-2014-4656 4Canonical LinuxRedhat+1 more 9Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+6 more May 6, 2026 Jul 3, 2014 N/A· v4 N/A· v3 4.6 MEDIUM· v2 Multiple integer overflows in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 allow local users to cause a denial of service by leveraging /dev/snd/controlCX access, related to (...Show more Multiple integer overflows in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 allow local users to cause a denial of service by leveraging /dev/snd/controlCX access, related to (1) index values in the snd_ctl_add function and (2) numid values in the snd_ctl_remove_numid_conflict function.Show less
CVE-2014-4652 4Canonical LinuxRedhat+1 more 6Enterprise Linux Desktop Enterprise Linux ServerEnterprise Linux Workstation+3 more May 6, 2026 Jul 3, 2014 N/A· v4 N/A· v3 1.9 LOW· v2 Race condition in the tlv handler functionality in the snd_ctl_elem_user_tlv function in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 allows local users to obtain sensitive in...Show more Race condition in the tlv handler functionality in the snd_ctl_elem_user_tlv function in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 allows local users to obtain sensitive information from kernel memory by leveraging /dev/snd/controlCX access.Show less
CVE-2014-3469 4Debian GnuRedhat+1 more 14Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+11 more May 6, 2026 Jun 5, 2014 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The (1) asn1_read_value_type and (2) asn1_read_value functions in GNU Libtasn1 before 3.6 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via a NULL value in an ivalue...Show more The (1) asn1_read_value_type and (2) asn1_read_value functions in GNU Libtasn1 before 3.6 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via a NULL value in an ivalue argument.Show less
CVE-2014-3468 5Debian F5Gnu+2 more 15Arx Firmware Debian LinuxEnterprise Linux Desktop+12 more May 6, 2026 Jun 5, 2014 N/A· v4 N/A· v3 7.5 HIGH· v2 The asn1_get_bit_der function in GNU Libtasn1 before 3.6 does not properly report an error when a negative bit length is identified, which allows context-dependent attackers to cause out-of-bounds access via crafted ASN....Show more The asn1_get_bit_der function in GNU Libtasn1 before 3.6 does not properly report an error when a negative bit length is identified, which allows context-dependent attackers to cause out-of-bounds access via crafted ASN.1 data.Show less
CVE-2014-3467 5Debian F5Gnu+2 more 15Arx Firmware Debian LinuxEnterprise Linux Desktop+12 more May 6, 2026 Jun 5, 2014 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Multiple unspecified vulnerabilities in the DER decoder in GNU Libtasn1 before 3.6, as used in GnuTLS, allow remote attackers to cause a denial of service (out-of-bounds read) via crafted ASN.1 data.
CVE-2014-0189 2Redhat Virt Who Project 4Enterprise Linux Desktop Enterprise Linux ServerEnterprise Linux Workstation+1 more May 6, 2026 May 2, 2014 N/A· v4 N/A· v3 2.1 LOW· v2 virt-who uses world-readable permissions for /etc/sysconfig/virt-who, which allows local users to obtain password for hypervisors by reading the file.
CVE-2014-1532 7Canonical DebianFedoraproject+4 more 15Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+12 more May 6, 2026 Apr 30, 2014 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Use-after-free vulnerability in the nsHostResolver::ConditionallyRefreshRecord function in libxul.so in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows...Show more Use-after-free vulnerability in the nsHostResolver::ConditionallyRefreshRecord function in libxul.so in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to host resolution.Show less
CVE-2014-1531 7Canonical DebianFedoraproject+4 more 15Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+12 more May 6, 2026 Apr 30, 2014 N/A· v4 8.8 HIGH· v3 9.3 HIGH· v2 Use-after-free vulnerability in the nsGenericHTMLElement::GetWidthHeightForImage function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote att...Show more Use-after-free vulnerability in the nsGenericHTMLElement::GetWidthHeightForImage function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving an imgLoader object that is not properly handled during an image-resize operation.Show less
CVE-2014-1530 7Canonical DebianFedoraproject+4 more 15Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+12 more May 6, 2026 Apr 30, 2014 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 The docshell implementation in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to trigger the loading of a URL with a spoofed baseURI...Show more The docshell implementation in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to trigger the loading of a URL with a spoofed baseURI property, and conduct cross-site scripting (XSS) attacks, via a crafted web site that performs history navigation.Show less
CVE-2014-1529 7Canonical DebianFedoraproject+4 more 15Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+12 more May 6, 2026 Apr 30, 2014 N/A· v4 8.8 HIGH· v3 9.3 HIGH· v2 The Web Notification API in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to bypass intended source-component restrictions and execu...Show more The Web Notification API in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to bypass intended source-component restrictions and execute arbitrary JavaScript code in a privileged context via a crafted web page for which Notification.permission is granted.Show less
CVE-2014-1524 7Canonical DebianFedoraproject+4 more 15Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+12 more May 6, 2026 Apr 30, 2014 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The nsXBLProtoImpl::InstallImplementation function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 does not properly check whether objects are XBL objects,...Show more The nsXBLProtoImpl::InstallImplementation function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 does not properly check whether objects are XBL objects, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via crafted JavaScript code that accesses a non-XBL object as if it were an XBL object.Show less
CVE-2014-1523 7Canonical DebianFedoraproject+4 more 15Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+12 more May 6, 2026 Apr 30, 2014 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 Heap-based buffer overflow in the read_u32 function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to cause a denial of service (o...Show more Heap-based buffer overflow in the read_u32 function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG image.Show less
CVE-2014-1518 7Canonical DebianFedoraproject+4 more 15Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+12 more May 6, 2026 Apr 30, 2014 N/A· v4 8.8 HIGH· v3 9.3 HIGH· v2 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allow remote attackers to cause a denial of serv...Show more Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.Show less
CVE-2014-0181 4Linux OpensuseRedhat+1 more 7Enterprise Linux Desktop Enterprise Linux ServerEvergreen+4 more May 6, 2026 Apr 27, 2014 N/A· v4 N/A· v3 2.1 LOW· v2 The Netlink implementation in the Linux kernel through 3.14.1 does not provide a mechanism for authorizing socket operations based on the opener of a socket, which allows local users to bypass intended access restriction...Show more The Netlink implementation in the Linux kernel through 3.14.1 does not provide a mechanism for authorizing socket operations based on the opener of a socket, which allows local users to bypass intended access restrictions and modify network configurations by using a Netlink socket for the (1) stdout or (2) stderr of a setuid program.Show less
CVE-2014-2440 3Mariadb OracleRedhat 9Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+6 more May 6, 2026 Apr 16, 2014 N/A· v4 N/A· v3 5.1 MEDIUM· v2 Unspecified vulnerability in the MySQL Client component in Oracle MySQL 5.5.36 and earlier and 5.6.16 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
CVE-2014-2438 3Mariadb OracleRedhat 8Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+5 more May 6, 2026 Apr 16, 2014 N/A· v4 N/A· v3 3.5 LOW· v2 Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Replication.
CVE-2014-2436 3Mariadb OracleRedhat 9Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+6 more May 6, 2026 Apr 16, 2014 N/A· v4 N/A· v3 6.5 MEDIUM· v2 Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to RBR.

Previous 1...767778...97 Next