Enterprise Linux Eus

enterprise_linux_eus

Vendor: Redhat • 779 CVEs

CVEs (779)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2017-3238 4Debian MariadbOracle+1 more 9Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+6 more May 13, 2026 Jan 27, 2017 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vu...Show more Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).Show less
CVE-2016-9446 4Fedoraproject GstreamerGstreamer Project+1 more 9Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+6 more May 13, 2026 Jan 23, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The vmnc decoder in the gstreamer does not initialize the render canvas, which allows remote attackers to obtain sensitive information as demonstrated by thumbnailing a simple 1 frame vmnc movie that does not draw to the...Show more The vmnc decoder in the gstreamer does not initialize the render canvas, which allows remote attackers to obtain sensitive information as demonstrated by thumbnailing a simple 1 frame vmnc movie that does not draw to the allocated render canvas.Show less
CVE-2016-9811 4Debian FedoraprojectGstreamer+1 more 9Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+6 more May 13, 2026 Jan 13, 2017 N/A· v4 4.7 MEDIUM· v3 4.3 MEDIUM· v2 The windows_icon_typefind function in gst-plugins-base in GStreamer before 1.10.2, when G_SLICE is set to always-malloc, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted ico file.
CVE-2016-9131 4Debian IscNetapp+1 more 12Bind Data Ontap EdgeDebian Linux+9 more May 6, 2026 Jan 12, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed response to an RTYPE AN...Show more named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed response to an RTYPE ANY query.Show less
CVE-2016-5195 7Canonical DebianFedoraproject+4 more 18Cloud Backup Debian LinuxEnterprise Linux+15 more Apr 21, 2026 Nov 10, 2016 N/A· v4 7.0 HIGH· v3 7.2 HIGH· v2 Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping,...Show more Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."Show less
CVE-2016-8864 4Debian IscNetapp+1 more 11Bind Data Ontap EdgeDebian Linux+8 more May 6, 2026 Nov 2, 2016 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 named in ISC BIND 9.x before 9.9.9-P4, 9.10.x before 9.10.4-P4, and 9.11.x before 9.11.0-P1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a DNAME record in the answer sectio...Show more named in ISC BIND 9.x before 9.9.9-P4, 9.10.x before 9.10.4-P4, and 9.11.x before 9.11.0-P1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a DNAME record in the answer section of a response to a recursive query, related to db.c and resolver.c.Show less
CVE-2016-5629 3Mariadb OracleRedhat 8Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+5 more May 6, 2026 Oct 25, 2016 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Federated.
CVE-2016-5626 3Mariadb OracleRedhat 6Enterprise Linux Eus Enterprise Linux ServerEnterprise Linux Server Aus+3 more May 6, 2026 Oct 25, 2016 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to GIS.
CVE-2016-5624 3Mariadb OracleRedhat 8Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+5 more May 6, 2026 Oct 25, 2016 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier allows remote authenticated users to affect availability via vectors related to DML.
CVE-2016-5612 3Mariadb OracleRedhat 8Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+5 more May 6, 2026 Oct 25, 2016 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 Unspecified vulnerability in Oracle MySQL 5.5.50 and earlier, 5.6.31 and earlier, and 5.7.13 and earlier allows remote authenticated users to affect availability via vectors related to DML.
CVE-2016-3492 3Mariadb OracleRedhat 8Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+5 more May 6, 2026 Oct 25, 2016 N/A· v4 6.5 MEDIUM· v3 6.8 MEDIUM· v2 Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.
CVE-2016-7163 4Debian FedoraprojectRedhat+1 more 9Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+6 more May 6, 2026 Sep 21, 2016 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 Integer overflow in the opj_pi_create_decode function in pi.c in OpenJPEG allows remote attackers to execute arbitrary code via a crafted JP2 file, which triggers an out-of-bounds read or write.
CVE-2016-2775 4Fedoraproject HpIsc+1 more 9Bind Enterprise Linux DesktopEnterprise Linux Eus+6 more May 6, 2026 Jul 19, 2016 N/A· v4 5.9 MEDIUM· v3 4.3 MEDIUM· v2 ISC BIND 9.x before 9.9.9-P2, 9.10.x before 9.10.4-P2, and 9.11.x before 9.11.0b2, when lwresd or the named lwres option is enabled, allows remote attackers to cause a denial of service (daemon crash) via a long request...Show more ISC BIND 9.x before 9.9.9-P2, 9.10.x before 9.10.4-P2, and 9.11.x before 9.11.0b2, when lwresd or the named lwres option is enabled, allows remote attackers to cause a denial of service (daemon crash) via a long request that uses the lightweight resolver protocol.Show less
CVE-2016-5387 8Apache CanonicalDebian+5 more 20Communications User Data Repository Debian LinuxEnterprise Linux Desktop+17 more May 6, 2026 Jul 19, 2016 N/A· v4 8.1 HIGH· v3 6.8 MEDIUM· v2 The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remot...Show more The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue. NOTE: the vendor states "This mitigation has been assigned the identifier CVE-2016-5387"; in other words, this is not a CVE ID for a vulnerability.Show less
CVE-2016-5126 5Canonical DebianOracle+2 more 12Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+9 more May 6, 2026 Jun 1, 2016 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 Heap-based buffer overflow in the iscsi_aio_ioctl function in block/iscsi.c in QEMU allows local guest OS users to cause a denial of service (QEMU process crash) or possibly execute arbitrary code via a crafted iSCSI asy...Show more Heap-based buffer overflow in the iscsi_aio_ioctl function in block/iscsi.c in QEMU allows local guest OS users to cause a denial of service (QEMU process crash) or possibly execute arbitrary code via a crafted iSCSI asynchronous I/O ioctl call.Show less
CVE-2016-4020 4Canonical DebianQemu+1 more 11Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+8 more May 6, 2026 May 25, 2016 N/A· v4 6.5 MEDIUM· v3 2.1 LOW· v2 The patch_instruction function in hw/i386/kvmvapic.c in QEMU does not initialize the imm32 variable, which allows local guest OS administrators to obtain sensitive information from host stack memory by accessing the Task...Show more The patch_instruction function in hw/i386/kvmvapic.c in QEMU does not initialize the imm32 variable, which allows local guest OS administrators to obtain sensitive information from host stack memory by accessing the Task Priority Register (TPR).Show less
CVE-2016-3627 7Canonical DebianHp+4 more 14Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+11 more May 6, 2026 May 17, 2016 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The xmlStringGetNodeList function in tree.c in libxml2 2.9.3 and earlier, when used in recovery mode, allows context-dependent attackers to cause a denial of service (infinite recursion, stack consumption, and applicatio...Show more The xmlStringGetNodeList function in tree.c in libxml2 2.9.3 and earlier, when used in recovery mode, allows context-dependent attackers to cause a denial of service (infinite recursion, stack consumption, and application crash) via a crafted XML document.Show less
CVE-2015-3152 6Debian FedoraprojectMariadb+3 more 12Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+9 more May 6, 2026 May 16, 2016 N/A· v4 5.9 MEDIUM· v3 4.3 MEDIUM· v2 Oracle MySQL before 5.7.3, Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3, and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional, which allows man-in-the-middle attackers to spoof server...Show more Oracle MySQL before 5.7.3, Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3, and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional, which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack, aka a "BACKRONYM" attack.Show less
CVE-2016-3718 6Canonical ImagemagickOpensuse+3 more 30Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux For Ibm Z Systems+27 more Apr 22, 2026 May 5, 2016 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image.
CVE-2016-3715 6Canonical ImagemagickOpensuse+3 more 30Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux For Ibm Z Systems+27 more Apr 22, 2026 May 5, 2016 N/A· v4 5.5 MEDIUM· v3 5.8 MEDIUM· v2 The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image.

Previous 1...212223...39 Next