Enterprise Linux Desktop

enterprise_linux_desktop

Vendor: Redhat • 1,928 CVEs

CVEs (1,928)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2018-1087 4Canonical DebianLinux+1 more 11Debian Linux Enterprise LinuxEnterprise Linux Desktop+8 more Nov 21, 2024 May 15, 2018 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 kernel KVM before versions kernel 4.16, kernel 4.16-rc7, kernel 4.17-rc1, kernel 4.17-rc2 and kernel 4.17-rc3 is vulnerable to a flaw in the way the Linux kernel's KVM hypervisor handled exceptions delivered after a stac...Show more kernel KVM before versions kernel 4.16, kernel 4.16-rc7, kernel 4.17-rc1, kernel 4.17-rc2 and kernel 4.17-rc3 is vulnerable to a flaw in the way the Linux kernel's KVM hypervisor handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch operation, the processor did not deliver interrupts and exceptions, rather they are delivered once the first instruction after the stack switch is executed. An unprivileged KVM guest user could use this flaw to crash the guest or, potentially, escalate their privileges in the guest.Show less
CVE-2018-10998 4Canonical DebianExiv2+1 more 6Debian Linux Enterprise Linux DesktopEnterprise Linux Server+3 more Nov 21, 2024 May 12, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 An issue was discovered in Exiv2 0.26. readMetadata in jp2image.cpp allows remote attackers to cause a denial of service (SIGABRT) by triggering an incorrect Safe::add call.
CVE-2018-1118 4Canonical DebianLinux+1 more 7Debian Linux Enterprise Linux DesktopEnterprise Linux Server+4 more Nov 21, 2024 May 10, 2018 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 Linux kernel vhost since version 4.8 does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function. This can allow local privile...Show more Linux kernel vhost since version 4.8 does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function. This can allow local privileged users to read some kernel memory contents when reading from the /dev/vhost-net device file.Show less
CVE-2017-18267 4Canonical DebianFreedesktop+1 more 7Ansible Tower Debian LinuxEnterprise Linux Desktop+4 more Nov 21, 2024 May 10, 2018 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 The FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc in Poppler through 0.64.0 allows remote attackers to cause a denial of service (infinite recursion) via a crafted PDF file, as demonstrated by pdftops.
CVE-2018-1130 4Canonical DebianLinux+1 more 6Debian Linux Enterprise Linux DesktopEnterprise Linux Server+3 more Nov 21, 2024 May 10, 2018 N/A· v4 5.5 MEDIUM· v3 4.9 MEDIUM· v2 Linux kernel before version 4.16-rc7 is vulnerable to a null pointer dereference in dccp_write_xmit() function in net/dccp/output.c in that allows a local user to cause a denial of service by a number of certain crafted...Show more Linux kernel before version 4.16-rc7 is vulnerable to a null pointer dereference in dccp_write_xmit() function in net/dccp/output.c in that allows a local user to cause a denial of service by a number of certain crafted system calls.Show less
CVE-2018-1089 3Debian FedoraprojectRedhat 5389 Directory Server Debian LinuxEnterprise Linux Desktop+2 more Nov 21, 2024 May 9, 2018 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 389-ds-base before versions 1.4.0.9, 1.3.8.1, 1.3.6.15 did not properly handle long search filters with characters needing escapes, possibly leading to buffer overflows. A remote, unauthenticated attacker could potential...Show more 389-ds-base before versions 1.4.0.9, 1.3.8.1, 1.3.6.15 did not properly handle long search filters with characters needing escapes, possibly leading to buffer overflows. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus resulting in denial of service.Show less
CVE-2018-10768 4Canonical DebianFreedesktop+1 more 7Ansible Tower Debian LinuxEnterprise Linux Desktop+4 more Nov 21, 2024 May 6, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 There is a NULL pointer dereference in the AnnotPath::getCoordsLength function in Annot.h in an Ubuntu package for Poppler 0.24.5. A crafted input will lead to a remote denial of service attack. Later Ubuntu packages suc...Show more There is a NULL pointer dereference in the AnnotPath::getCoordsLength function in Annot.h in an Ubuntu package for Poppler 0.24.5. A crafted input will lead to a remote denial of service attack. Later Ubuntu packages such as for Poppler 0.41.0 are not affected.Show less
CVE-2018-10767 2Gnome Redhat 5Ansible Tower Enterprise Linux DesktopEnterprise Linux Server+2 more Nov 21, 2024 May 6, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 There is a stack-based buffer over-read in calling GLib in the function gxps_images_guess_content_type of gxps-images.c in libgxps through 0.3.0 because it does not reject negative return values from a g_input_stream_rea...Show more There is a stack-based buffer over-read in calling GLib in the function gxps_images_guess_content_type of gxps-images.c in libgxps through 0.3.0 because it does not reject negative return values from a g_input_stream_read call. A crafted input will lead to a remote denial of service attack.Show less
CVE-2018-0494 4Canonical DebianGnu+1 more 6Debian Linux Enterprise Linux DesktopEnterprise Linux Server+3 more Nov 21, 2024 May 6, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 GNU Wget before 1.19.5 is prone to a cookie injection vulnerability in the resp_new function in http.c via a \r\n sequence in a continuation line.
CVE-2018-10733 3Gnome OpensuseRedhat 6Ansible Tower Enterprise Linux DesktopEnterprise Linux Server+3 more Nov 21, 2024 May 4, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 There is a heap-based buffer over-read in the function ft_font_face_hash of gxps-fonts.c in libgxps through 0.3.0. A crafted input will lead to a remote denial of service attack.
CVE-2018-10675 3Canonical LinuxRedhat 9Enterprise Linux Desktop Enterprise Linux ServerEnterprise Linux Server Aus+6 more Nov 21, 2024 May 2, 2018 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 The do_get_mempolicy function in mm/mempolicy.c in the Linux kernel before 4.12.9 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted system calls.
CVE-2018-10583 5Apache CanonicalDebian+2 more 7Debian Linux Enterprise Linux DesktopEnterprise Linux Server+4 more Nov 21, 2024 May 1, 2018 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 An information disclosure vulnerability occurs when LibreOffice 6.0.3 and Apache OpenOffice Writer 4.1.5 automatically process and initiate an SMB connection embedded in a malicious file, as demonstrated by xlink:href=fi...Show more An information disclosure vulnerability occurs when LibreOffice 6.0.3 and Apache OpenOffice Writer 4.1.5 automatically process and initiate an SMB connection embedded in a malicious file, as demonstrated by xlink:href=file://192.168.0.2/test.jpg within an office:document-content element in a .odt XML document.Show less
CVE-2018-10535 2Gnu Redhat 4Binutils Enterprise Linux DesktopEnterprise Linux Server+1 more Nov 21, 2024 Apr 29, 2018 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 The ignore_section_sym function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, does not validate the output_section pointer in the case of a symtab entry with a "S...Show more The ignore_section_sym function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, does not validate the output_section pointer in the case of a symtab entry with a "SECTION" type that has a "0" value, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file, as demonstrated by objcopy.Show less
CVE-2018-10534 2Gnu Redhat 4Binutils Enterprise Linux DesktopEnterprise Linux Server+1 more Nov 21, 2024 Apr 29, 2018 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 The _bfd_XX_bfd_copy_private_bfd_data_common function in peXXigen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, processes a negative Data Directory size with an unbounde...Show more The _bfd_XX_bfd_copy_private_bfd_data_common function in peXXigen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, processes a negative Data Directory size with an unbounded loop that increases the value of (external_IMAGE_DEBUG_DIRECTORY) *edd so that the address exceeds its own memory region, resulting in an out-of-bounds memory write, as demonstrated by objcopy copying private info with _bfd_pex64_bfd_copy_private_bfd_data_common in pex64igen.c.Show less
CVE-2018-10373 2Gnu Redhat 4Binutils Enterprise Linux DesktopEnterprise Linux Server+1 more Nov 21, 2024 Apr 25, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 concat_filename in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (NULL pointer dereference and application cr...Show more concat_filename in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted binary file, as demonstrated by nm-new.Show less
CVE-2018-10372 2Gnu Redhat 4Binutils Enterprise Linux DesktopEnterprise Linux Server+1 more Nov 21, 2024 Apr 25, 2018 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 process_cu_tu_index in dwarf.c in GNU Binutils 2.30 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted binary file, as demonstrated by readelf.
CVE-2017-2885 3Debian GnomeRedhat 8Debian Linux Enterprise Linux DesktopEnterprise Linux Server+5 more Nov 21, 2024 Apr 24, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An exploitable stack based buffer overflow vulnerability exists in the GNOME libsoup 2.58. A specially crafted HTTP request can cause a stack overflow resulting in remote code execution. An attacker can send a special HT...Show more An exploitable stack based buffer overflow vulnerability exists in the GNOME libsoup 2.58. A specially crafted HTTP request can cause a stack overflow resulting in remote code execution. An attacker can send a special HTTP request to the vulnerable server to trigger this vulnerability.Show less
CVE-2018-10322 2Linux Redhat 5Enterprise Linux Desktop Enterprise Linux ServerEnterprise Linux Workstation+2 more Nov 21, 2024 Apr 24, 2018 N/A· v4 5.5 MEDIUM· v3 4.9 MEDIUM· v2 The xfs_dinode_verify function in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service (xfs_ilock_attr_map_shared invalid pointer dereference) via a crafted xfs...Show more The xfs_dinode_verify function in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service (xfs_ilock_attr_map_shared invalid pointer dereference) via a crafted xfs image.Show less
CVE-2018-1106 4Canonical DebianPackagekit Project+1 more 9Debian Linux Enterprise Linux DesktopEnterprise Linux Server+6 more Nov 21, 2024 Apr 23, 2018 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 An authentication bypass flaw has been found in PackageKit before 1.1.10 that allows users without administrator privileges to install signed packages. A local attacker can use this vulnerability to install vulnerable pa...Show more An authentication bypass flaw has been found in PackageKit before 1.1.10 that allows users without administrator privileges to install signed packages. A local attacker can use this vulnerability to install vulnerable packages to further compromise a system.Show less
CVE-2018-8781 4Canonical DebianLinux+1 more 6Debian Linux Enterprise Linux DesktopEnterprise Linux Server+3 more Nov 21, 2024 Apr 23, 2018 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c at the Linux kernel version 3.4 and up to and including 4.15 has an integer-overflow vulnerability allowing local users with access to the udldrmfb driver to obtai...Show more The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c at the Linux kernel version 3.4 and up to and including 4.15 has an integer-overflow vulnerability allowing local users with access to the udldrmfb driver to obtain full read and write permissions on kernel physical pages, resulting in a code execution in kernel space.Show less

Previous 1...404142...97 Next