Enterprise Linux Hpc Node Eus

enterprise_linux_hpc_node_eus

Vendor: Redhat • 81 CVEs

CVEs (81)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2015-3149 1Redhat 7Enterprise Linux Desktop Enterprise Linux Hpc NodeEnterprise Linux Hpc Node Eus+4 more May 13, 2026 Jul 25, 2017 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 The Hotspot component in OpenJDK8 as packaged in Red Hat Enterprise Linux 6 and 7 allows local users to write to arbitrary files via a symlink attack.
CVE-2015-5300 7Canonical DebianFedoraproject+4 more 20Debian Linux Enterprise Linux DesktopEnterprise Linux Hpc Node+17 more May 13, 2026 Jul 21, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, which allows remote attackers to set NTP to an arbitrary time wh...Show more The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, which allows remote attackers to set NTP to an arbitrary time when started with the -g option, or to alter the time by up to 900 seconds otherwise by responding to an unspecified number of requests from trusted sources, and leveraging a resulting denial of service (abort and restart).Show less
CVE-2016-7166 3Libarchive OracleRedhat 9Enterprise Linux Desktop Enterprise Linux Hpc NodeEnterprise Linux Hpc Node Eus+6 more May 6, 2026 Sep 21, 2016 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 libarchive before 3.2.0 does not limit the number of recursive decompressions, which allows remote attackers to cause a denial of service (memory consumption and application crash) via a crafted gzip file.
CVE-2016-5844 3Libarchive OracleRedhat 10Enterprise Linux Desktop Enterprise Linux Hpc NodeEnterprise Linux Hpc Node Eus+7 more May 6, 2026 Sep 21, 2016 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 Integer overflow in the ISO parser in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a crafted ISO file.
CVE-2016-5418 3Libarchive OracleRedhat 10Enterprise Linux Desktop Enterprise Linux Hpc NodeEnterprise Linux Hpc Node Eus+7 more May 6, 2026 Sep 21, 2016 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The sandboxing code in libarchive 3.2.0 and earlier mishandles hardlink archive entries of non-zero data size, which might allow remote attackers to write to arbitrary files via a crafted archive file.
CVE-2016-4809 3Libarchive OracleRedhat 9Enterprise Linux Desktop Enterprise Linux Hpc NodeEnterprise Linux Hpc Node Eus+6 more May 6, 2026 Sep 21, 2016 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The archive_read_format_cpio_read_header function in archive_read_support_format_cpio.c in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a CPIO archive with a large...Show more The archive_read_format_cpio_read_header function in archive_read_support_format_cpio.c in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a CPIO archive with a large symlink.Show less
CVE-2016-4302 2Libarchive Redhat 8Enterprise Linux Desktop Enterprise Linux Hpc NodeEnterprise Linux Hpc Node Eus+5 more May 6, 2026 Sep 21, 2016 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 Heap-based buffer overflow in the parse_codes function in archive_read_support_format_rar.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a RAR file with a zero-sized dictionary.
CVE-2016-4300 2Libarchive Redhat 8Enterprise Linux Desktop Enterprise Linux Hpc NodeEnterprise Linux Hpc Node Eus+5 more May 6, 2026 Sep 21, 2016 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 Integer overflow in the read_SubStreamsInfo function in archive_read_support_format_7zip.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a 7zip file with a large number of substreams, w...Show more Integer overflow in the read_SubStreamsInfo function in archive_read_support_format_7zip.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a 7zip file with a large number of substreams, which triggers a heap-based buffer overflow.Show less
CVE-2016-5388 4Apache HpOracle+1 more 11Enterprise Linux Desktop Enterprise Linux Hpc NodeEnterprise Linux Hpc Node Eus+8 more May 6, 2026 Jul 19, 2016 N/A· v4 8.1 HIGH· v3 5.1 MEDIUM· v2 Apache Tomcat 7.x through 7.0.70 and 8.x through 8.5.4, when the CGI Servlet is enabled, follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_...Show more Apache Tomcat 7.x through 7.0.70 and 8.x through 8.5.4, when the CGI Servlet is enabled, follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue. NOTE: the vendor states "A mitigation is planned for future releases of Tomcat, tracked as CVE-2016-5388"; in other words, this is not a CVE ID for a vulnerability.Show less
CVE-2016-4470 4Linux NovellOracle+1 more 14Enterprise Linux Enterprise Linux DesktopEnterprise Linux For Real Time+11 more May 6, 2026 Jun 27, 2016 N/A· v4 5.5 MEDIUM· v3 4.9 MEDIUM· v2 The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash)...Show more The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command.Show less
CVE-2016-0758 3Canonical LinuxRedhat 9Enterprise Linux Desktop Enterprise Linux Hpc NodeEnterprise Linux Hpc Node Eus+6 more May 6, 2026 Jun 27, 2016 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 Integer overflow in lib/asn1_decoder.c in the Linux kernel before 4.6 allows local users to gain privileges via crafted ASN.1 data.
CVE-2016-3698 4Canonical DebianLibndp+1 more 10Debian Linux Enterprise Linux DesktopEnterprise Linux Hpc Node+7 more May 6, 2026 Jun 13, 2016 N/A· v4 8.1 HIGH· v3 6.8 MEDIUM· v2 libndp before 1.6, as used in NetworkManager, does not properly validate the origin of Neighbor Discovery Protocol (NDP) messages, which allows remote attackers to conduct man-in-the-middle attacks or cause a denial of s...Show more libndp before 1.6, as used in NetworkManager, does not properly validate the origin of Neighbor Discovery Protocol (NDP) messages, which allows remote attackers to conduct man-in-the-middle attacks or cause a denial of service (network connectivity disruption) by advertising a node as a router from a non-local network.Show less
CVE-2016-2150 4Debian OpensuseRedhat+1 more 11Debian Linux Enterprise LinuxEnterprise Linux Desktop+8 more May 6, 2026 Jun 9, 2016 N/A· v4 7.1 HIGH· v3 3.6 LOW· v2 SPICE allows local guest OS users to read from or write to arbitrary host memory locations via crafted primary surface parameters, a similar issue to CVE-2015-5261.
CVE-2016-0749 4Debian OpensuseRedhat+1 more 11Debian Linux Enterprise LinuxEnterprise Linux Desktop+8 more May 6, 2026 Jun 9, 2016 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 The smartcard interaction in SPICE allows remote attackers to cause a denial of service (QEMU-KVM process crash) or possibly execute arbitrary code via vectors related to connecting to a guest VM, which triggers a heap-b...Show more The smartcard interaction in SPICE allows remote attackers to cause a denial of service (QEMU-KVM process crash) or possibly execute arbitrary code via vectors related to connecting to a guest VM, which triggers a heap-based buffer overflow.Show less
CVE-2015-5261 4Canonical DebianRedhat+1 more 9Debian Linux Enterprise Linux DesktopEnterprise Linux Hpc Node+6 more May 6, 2026 Jun 7, 2016 N/A· v4 7.1 HIGH· v3 3.6 LOW· v2 Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to read and write to arbitrary memory locations on the host via guest QXL commands related to surface creation.
CVE-2015-5260 4Canonical DebianRedhat+1 more 9Debian Linux Enterprise Linux DesktopEnterprise Linux Hpc Node+6 more May 6, 2026 Jun 7, 2016 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possibly execute arbitrary code on the host via QXL commands relat...Show more Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possibly execute arbitrary code on the host via QXL commands related to the surface_id parameter.Show less
CVE-2015-4605 2Php Redhat 8Enterprise Linux Enterprise Linux DesktopEnterprise Linux Hpc Node+5 more May 6, 2026 May 16, 2016 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The mcopy function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly restrict a certain offset value, which allows remote a...Show more The mcopy function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly restrict a certain offset value, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string that is mishandled by a "Python script text executable" rule.Show less
CVE-2015-4604 2Php Redhat 8Enterprise Linux Enterprise Linux DesktopEnterprise Linux Hpc Node+5 more May 6, 2026 May 16, 2016 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The mget function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly maintain a certain pointer relationship, which allows r...Show more The mget function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly maintain a certain pointer relationship, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string that is mishandled by a "Python script text executable" rule.Show less
CVE-2015-4603 2Php Redhat 8Enterprise Linux Enterprise Linux DesktopEnterprise Linux Hpc Node+5 more May 6, 2026 May 16, 2016 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 The exception::getTraceAsString function in Zend/zend_exceptions.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to execute arbitrary code via an unexpected data type, related...Show more The exception::getTraceAsString function in Zend/zend_exceptions.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to execute arbitrary code via an unexpected data type, related to a "type confusion" issue.Show less
CVE-2015-4602 2Php Redhat 8Enterprise Linux Enterprise Linux DesktopEnterprise Linux Hpc Node+5 more May 6, 2026 May 16, 2016 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 The __PHP_Incomplete_Class function in ext/standard/incomplete_class.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (application crash) or possibl...Show more The __PHP_Incomplete_Class function in ext/standard/incomplete_class.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to a "type confusion" issue.Show less

12 3 4 5 Next