Enterprise Linux Server

enterprise_linux_server

Vendor: Redhat • 1,891 CVEs

CVEs (1,891)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2017-9775 3Debian FreedesktopRedhat 8Debian Linux Enterprise Linux DesktopEnterprise Linux Server+5 more May 13, 2026 Jun 22, 2017 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 Stack buffer overflow in GfxState.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service (application crash) via a crafted PDF document.
CVE-2017-7668 6Apache AppleDebian+3 more 13Clustered Data Ontap Debian LinuxEnterprise Linux Desktop+10 more May 13, 2026 Jun 20, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The HTTP strict parsing changes added in Apache httpd 2.2.32 and 2.4.24 introduced a bug in token list parsing, which allows ap_find_token() to search past the end of its input string. By maliciously crafting a sequence...Show more The HTTP strict parsing changes added in Apache httpd 2.2.32 and 2.4.24 introduced a bug in token list parsing, which allows ap_find_token() to search past the end of its input string. By maliciously crafting a sequence of request headers, an attacker may be able to cause a segmentation fault, or to force ap_find_token() to return an incorrect value.Show less
CVE-2017-3167 6Apache AppleDebian+3 more 14Clustered Data Ontap Debian LinuxEnterprise Linux Desktop+11 more May 13, 2026 Jun 20, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed.
CVE-2017-1000366 8Debian GnuMcafee+5 more 20Cloud Magnum Orchestration Debian LinuxEnterprise Linux+17 more May 13, 2026 Jun 19, 2017 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hard...Show more glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening changes have been made to glibc to prevent manipulation of stack and heap memory but these issues are not directly exploitable, as such they have not been given a CVE. This affects glibc 2.25 and earlier.Show less
CVE-2016-7050 1Redhat 4Enterprise Linux Desktop Enterprise Linux Hpc NodeEnterprise Linux Server+1 more May 13, 2026 Jun 8, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 SerializableProvider in RESTEasy in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux Workstation 7 allows remote attackers to execut...Show more SerializableProvider in RESTEasy in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux Workstation 7 allows remote attackers to execute arbitrary code.Show less
CVE-2016-5416 1Redhat 4Enterprise Linux Desktop Enterprise Linux Hpc NodeEnterprise Linux Server+1 more May 13, 2026 Jun 8, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allow...Show more 389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allows remote attackers to read the default Access Control Instructions.Show less
CVE-2016-5405 1Redhat 4Enterprise Linux Desktop Enterprise Linux Hpc NodeEnterprise Linux Server+1 more May 13, 2026 Jun 8, 2017 N/A· v4 9.8 CRITICAL· v3 5.0 MEDIUM· v2 389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allow...Show more 389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allows remote attackers to obtain user passwords.Show less
CVE-2016-4992 1Redhat 4Enterprise Linux Desktop Enterprise Linux Hpc NodeEnterprise Linux Server+1 more May 13, 2026 Jun 8, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allow...Show more 389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allows remote attackers to infer the existence of RDN component objects.Show less
CVE-2016-3099 1Redhat 4Enterprise Linux Desktop Enterprise Linux Hpc NodeEnterprise Linux Server+1 more May 13, 2026 Jun 8, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 mod_ns in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux Workstation 7 allows remote attackers to force the use of ciphers that we...Show more mod_ns in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux Workstation 7 allows remote attackers to force the use of ciphers that were not intended to be enabled.Show less
CVE-2017-9462 3Debian MercurialRedhat 8Debian Linux Enterprise Linux DesktopEnterprise Linux Server+5 more May 13, 2026 Jun 6, 2017 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 In Mercurial before 4.1.3, "hg serve --stdio" allows remote authenticated users to launch the Python debugger, and consequently execute arbitrary code, by using --debugger as a repository name.
CVE-2017-9461 3Debian RedhatSamba 8Debian Linux Enterprise Linux DesktopEnterprise Linux Server+5 more May 13, 2026 Jun 6, 2017 N/A· v4 6.5 MEDIUM· v3 6.8 MEDIUM· v2 smbd in Samba before 4.4.10 and 4.5.x before 4.5.6 has a denial of service vulnerability (fd_open_atomic infinite loop with high CPU usage and memory consumption) due to wrongly handling dangling symlinks.
CVE-2017-9287 5Debian McafeeOpenldap+2 more 10Blockchain Platform Debian LinuxEnterprise Linux Desktop+7 more May 13, 2026 May 29, 2017 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 servers/slapd/back-mdb/search.c in OpenLDAP through 2.4.44 is prone to a double free vulnerability. A user with access to search the directory can crash slapd by issuing a search including the Paged Results control with...Show more servers/slapd/back-mdb/search.c in OpenLDAP through 2.4.44 is prone to a double free vulnerability. A user with access to search the directory can crash slapd by issuing a search including the Paged Results control with a page size of 0.Show less
CVE-2016-9843 10Apple CanonicalDebian+7 more 24Active Iq Unified Manager Database ServerDebian Linux+21 more May 13, 2026 May 23, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.
CVE-2016-9842 8Apple CanonicalDebian+5 more 19Database Server Debian LinuxEnterprise Linux Desktop+16 more May 13, 2026 May 23, 2017 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers.
CVE-2016-9841 9Apple CanonicalDebian+6 more 39Active Iq Unified Manager Cloud BackupDatabase Server+36 more May 13, 2026 May 23, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
CVE-2016-9840 9Apple BoostCanonical+6 more 20Boost Database ServerDebian Linux+17 more May 13, 2026 May 23, 2017 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
CVE-2017-8291 3Artifex DebianRedhat 8Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+5 more Apr 21, 2026 Apr 27, 2017 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a "/OutputFile (%pipe%" substring in a crafted .eps document that is an input to the gs program...Show more Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a "/OutputFile (%pipe%" substring in a crafted .eps document that is an input to the gs program, as exploited in the wild in April 2017.Show less
CVE-2017-5046 3Debian GoogleRedhat 5Chrome Debian LinuxEnterprise Linux Desktop+2 more May 13, 2026 Apr 24, 2017 N/A· v4 4.3 MEDIUM· v3 4.3 MEDIUM· v2 V8 in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android had insufficient policy enforcement, which allowed a remote attacker to spoof the location object via a crafted HTML pag...Show more V8 in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android had insufficient policy enforcement, which allowed a remote attacker to spoof the location object via a crafted HTML page, related to Blink information disclosure.Show less
CVE-2017-5045 3Debian GoogleRedhat 5Chrome Debian LinuxEnterprise Linux Desktop+2 more May 13, 2026 Apr 24, 2017 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 XSS Auditor in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed detection of a blocked iframe load, which allowed a remote attacker to brute force JavaScript variables...Show more XSS Auditor in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed detection of a blocked iframe load, which allowed a remote attacker to brute force JavaScript variables via a crafted HTML page.Show less
CVE-2017-5044 3Debian GoogleRedhat 5Chrome Debian LinuxEnterprise Linux Desktop+2 more May 13, 2026 Apr 24, 2017 N/A· v4 6.3 MEDIUM· v3 6.8 MEDIUM· v2 Heap buffer overflow in filter processing in Skia in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory read via a c...Show more Heap buffer overflow in filter processing in Skia in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.Show less

Previous 1...585960...95 Next