Enterprise Linux Desktop

enterprise_linux_desktop

Vendor: Redhat • 1,928 CVEs

CVEs (1,928)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2012-1938 4Mozilla OpensuseRedhat+1 more 13Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+10 more Apr 29, 2026 Jun 5, 2012 N/A· v4 N/A· v3 9.3 HIGH· v2 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 13.0, Thunderbird before 13.0, and SeaMonkey before 2.10 allow remote attackers to cause a denial of service (memory corruption and app...Show more Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 13.0, Thunderbird before 13.0, and SeaMonkey before 2.10 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) methodjit/ImmutableSync.cpp, (2) the JSObject::makeDenseArraySlow function in js/src/jsarray.cpp, and unknown other components.Show less
CVE-2012-1798 4Debian ImagemagickOpensuse+1 more 10Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+7 more Apr 29, 2026 Jun 5, 2012 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 The TIFFGetEXIFProperties function in coders/tiff.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted EXIF IFD in a TIFF image.
CVE-2012-0260 5Canonical DebianImagemagick+2 more 11Debian Linux Enterprise Linux AusEnterprise Linux Desktop+8 more Apr 29, 2026 Jun 5, 2012 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 The JPEGWarningHandler function in coders/jpeg.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (memory consumption) via a JPEG image with a crafted sequence of restart markers.
CVE-2012-0248 4Canonical DebianImagemagick+1 more 10Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+7 more Apr 29, 2026 Jun 5, 2012 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted image whose IFD contains IOP tags that all reference the beginning of the IDF.
CVE-2012-0247 4Canonical DebianImagemagick+1 more 10Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+7 more Apr 29, 2026 Jun 5, 2012 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset and count values in the ResolutionUnit tag in the EXIF IFD0...Show more ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset and count values in the ResolutionUnit tag in the EXIF IFD0 of an image.Show less
CVE-2011-2517 2Linux Redhat 5Enterprise Linux Enterprise Linux DesktopEnterprise Linux Server+2 more Apr 29, 2026 May 24, 2012 N/A· v4 N/A· v3 7.2 HIGH· v2 Multiple buffer overflows in net/wireless/nl80211.c in the Linux kernel before 2.6.39.2 allow local users to gain privileges by leveraging the CAP_NET_ADMIN capability during scan operations with a long SSID value.
CVE-2012-1823 8Apple DebianFedoraproject+5 more 17Application Stack Debian LinuxEnterprise Linux Desktop+14 more Apr 21, 2026 May 11, 2012 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers...Show more sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'd' case.Show less
CVE-2012-1703 3Mariadb OracleRedhat 7Enterprise Linux Desktop Enterprise Linux Hpc NodeEnterprise Linux Server+4 more Apr 29, 2026 May 3, 2012 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer...Show more Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer, a different vulnerability than CVE-2012-1690.Show less
CVE-2012-1690 3Mariadb OracleRedhat 6Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+3 more Apr 29, 2026 May 3, 2012 N/A· v4 N/A· v3 4.0 MEDIUM· v2 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer...Show more Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer, a different vulnerability than CVE-2012-1703.Show less
CVE-2012-1688 3Mariadb OracleRedhat 6Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+3 more Apr 29, 2026 May 3, 2012 N/A· v4 N/A· v3 4.0 MEDIUM· v2 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability, related to Server DML.
CVE-2011-3045 6Debian FedoraprojectGoogle+3 more 13Chrome Debian LinuxEnterprise Linux+10 more Apr 29, 2026 Mar 22, 2012 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (appl...Show more Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file, a different vulnerability than CVE-2011-3026.Show less
CVE-2012-0053 5Apache DebianOpensuse+2 more 11Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+8 more Apr 29, 2026 Jan 28, 2012 N/A· v4 N/A· v3 4.3 MEDIUM· v2 protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote attackers to obtain the values of...Show more protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote attackers to obtain the values of HTTPOnly cookies via vectors involving a (1) long or (2) malformed header in conjunction with crafted web script.Show less
CVE-2012-0031 5Apache DebianOpensuse+2 more 12Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+9 more Apr 29, 2026 Jan 18, 2012 N/A· v4 N/A· v3 4.6 MEDIUM· v2 scoreboard.c in the Apache HTTP Server 2.2.21 and earlier might allow local users to cause a denial of service (daemon crash during shutdown) or possibly have unspecified other impact by modifying a certain type field wi...Show more scoreboard.c in the Apache HTTP Server 2.2.21 and earlier might allow local users to cause a denial of service (daemon crash during shutdown) or possibly have unspecified other impact by modifying a certain type field within a scoreboard shared memory segment, leading to an invalid call to the free function.Show less
CVE-2011-3919 5Apple DebianGoogle+2 more 9Chrome Debian LinuxEnterprise Linux Desktop+6 more Apr 29, 2026 Jan 7, 2012 N/A· v4 N/A· v3 7.5 HIGH· v2 Heap-based buffer overflow in libxml2, as used in Google Chrome before 16.0.912.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
CVE-2011-4517 7Canonical DebianFedoraproject+4 more 9Debian Linux Enterprise Linux DesktopFedora+6 more Apr 29, 2026 Dec 15, 2011 N/A· v4 N/A· v3 6.8 MEDIUM· v2 The jpc_crg_getparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 uses an incorrect data type during a certain size calculation, which allows remote attackers to trigger a heap-based buffer overflow and execute a...Show more The jpc_crg_getparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 uses an incorrect data type during a certain size calculation, which allows remote attackers to trigger a heap-based buffer overflow and execute arbitrary code, or cause a denial of service (heap memory corruption), via a crafted component registration (CRG) marker segment in a JPEG2000 file.Show less
CVE-2011-3905 3Debian GoogleRedhat 6Chrome Debian LinuxEnterprise Linux Desktop+3 more Apr 29, 2026 Dec 13, 2011 N/A· v4 N/A· v3 5.0 MEDIUM· v2 libxml2, as used in Google Chrome before 16.0.912.63, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
CVE-2011-2834 4Apple DebianGoogle+1 more 8Chrome Debian LinuxEnterprise Linux Desktop+5 more Apr 29, 2026 Sep 19, 2011 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Double free vulnerability in libxml2, as used in Google Chrome before 14.0.835.163, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling.
CVE-2011-3389 9Canonical DebianGoogle+6 more 15Chrome CurlDebian Linux+12 more Apr 29, 2026 Sep 6, 2011 N/A· v4 N/A· v3 4.3 MEDIUM· v2 The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initializa...Show more The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack.Show less
CVE-2011-1776 2Linux Redhat 6Enterprise Linux Desktop Enterprise Linux ServerEnterprise Linux Server Aus+3 more Apr 29, 2026 Sep 6, 2011 N/A· v4 6.1 MEDIUM· v3 5.6 MEDIUM· v2 The is_gpt_valid function in fs/partitions/efi.c in the Linux kernel before 2.6.39 does not check the size of an Extensible Firmware Interface (EFI) GUID Partition Table (GPT) entry, which allows physically proximate att...Show more The is_gpt_valid function in fs/partitions/efi.c in the Linux kernel before 2.6.39 does not check the size of an Extensible Firmware Interface (EFI) GUID Partition Table (GPT) entry, which allows physically proximate attackers to cause a denial of service (heap-based buffer overflow and OOPS) or obtain sensitive information from kernel heap memory by connecting a crafted GPT storage device, a different vulnerability than CVE-2011-1577.Show less
CVE-2011-2213 2Linux Redhat 6Enterprise Linux Aus Enterprise Linux DesktopEnterprise Linux Eus+3 more Apr 29, 2026 Aug 29, 2011 N/A· v4 N/A· v3 4.9 MEDIUM· v2 The inet_diag_bc_audit function in net/ipv4/inet_diag.c in the Linux kernel before 2.6.39.3 does not properly audit INET_DIAG bytecode, which allows local users to cause a denial of service (kernel infinite loop) via cra...Show more The inet_diag_bc_audit function in net/ipv4/inet_diag.c in the Linux kernel before 2.6.39.3 does not properly audit INET_DIAG bytecode, which allows local users to cause a denial of service (kernel infinite loop) via crafted INET_DIAG_REQ_BYTECODE instructions in a netlink message, as demonstrated by an INET_DIAG_BC_JMP instruction with a zero yes value, a different vulnerability than CVE-2010-3880.Show less

Previous 1...888990...97 Next