Enterprise Linux Server

enterprise_linux_server

Vendor: Redhat • 1,891 CVEs

CVEs (1,891)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2015-5235 3Fedoraproject OpensuseRedhat 7Enterprise Linux Desktop Enterprise Linux Hpc NodeEnterprise Linux Server+4 more May 6, 2026 Oct 9, 2015 N/A· v4 N/A· v3 4.3 MEDIUM· v2 IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly determine the origin of unsigned applets, which allows remote attackers to bypass the approval process or trick users into approving applet execution via...Show more IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly determine the origin of unsigned applets, which allows remote attackers to bypass the approval process or trick users into approving applet execution via a crafted web page.Show less
CVE-2015-5234 3Fedoraproject OpensuseRedhat 7Enterprise Linux Desktop Enterprise Linux Hpc NodeEnterprise Linux Server+4 more May 6, 2026 Oct 9, 2015 N/A· v4 N/A· v3 6.8 MEDIUM· v2 IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly sanitize applet URLs, which allows remote attackers to inject applets into the .appletTrustSettings configuration file and bypass user approval to execute...Show more IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly sanitize applet URLs, which allows remote attackers to inject applets into the .appletTrustSettings configuration file and bypass user approval to execute the applet via a crafted web page, possibly related to line breaks.Show less
CVE-2014-9751 4Debian NtpOracle+1 more 6Debian Linux Enterprise Linux DesktopEnterprise Linux Server+3 more May 6, 2026 Oct 6, 2015 N/A· v4 N/A· v3 6.8 MEDIUM· v2 The read_network_packet function in ntp_io.c in ntpd in NTP 4.x before 4.2.8p1 on Linux and OS X does not properly determine whether a source IP address is an IPv6 loopback address, which makes it easier for remote attac...Show more The read_network_packet function in ntp_io.c in ntpd in NTP 4.x before 4.2.8p1 on Linux and OS X does not properly determine whether a source IP address is an IPv6 loopback address, which makes it easier for remote attackers to spoof restricted packets, and read or write to the runtime state, by leveraging the ability to reach the ntpd machine's network interface with a packet from the ::1 address.Show less
CVE-2014-9750 4Debian NtpOracle+1 more 6Debian Linux Enterprise Linux DesktopEnterprise Linux Server+3 more May 6, 2026 Oct 6, 2015 N/A· v4 N/A· v3 5.8 MEDIUM· v2 ntp_crypto.c in ntpd in NTP 4.x before 4.2.8p1, when Autokey Authentication is enabled, allows remote attackers to obtain sensitive information from process memory or cause a denial of service (daemon crash) via a packet...Show more ntp_crypto.c in ntpd in NTP 4.x before 4.2.8p1, when Autokey Authentication is enabled, allows remote attackers to obtain sensitive information from process memory or cause a denial of service (daemon crash) via a packet containing an extension field with an invalid value for the length of its value field.Show less
CVE-2015-3247 2Redhat Spice Project 6Enterprise Linux Enterprise Linux DesktopEnterprise Linux Hpc Node+3 more May 6, 2026 Sep 8, 2015 N/A· v4 N/A· v3 6.9 MEDIUM· v2 Race condition in the worker_update_monitors_config function in SPICE 0.12.4 allows a remote authenticated guest user to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possibly execute arb...Show more Race condition in the worker_update_monitors_config function in SPICE 0.12.4 allows a remote authenticated guest user to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possibly execute arbitrary code on the host via unspecified vectors.Show less
CVE-2015-5157 2Linux Redhat 6Enterprise Linux Desktop Enterprise Linux Hpc NodeEnterprise Linux Server+3 more May 6, 2026 Aug 31, 2015 N/A· v4 N/A· v3 7.2 HIGH· v2 arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the x86_64 platform mishandles IRET faults in processing NMIs that occurred during userspace execution, which might allow local users to gain privileges by tr...Show more arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the x86_64 platform mishandles IRET faults in processing NMIs that occurred during userspace execution, which might allow local users to gain privileges by triggering an NMI.Show less
CVE-2015-3214 6Arista DebianLenovo+3 more 19Debian Linux Emc Px12 400r IvxEmc Px12 450r Ivx+16 more May 6, 2026 Aug 31, 2015 N/A· v4 N/A· v3 6.9 MEDIUM· v2 The pit_ioport_read in i8254.c in the Linux kernel before 2.6.33 and QEMU before 2.3.1 does not distinguish between read lengths and write lengths, which might allow guest OS users to execute arbitrary code on the host O...Show more The pit_ioport_read in i8254.c in the Linux kernel before 2.6.33 and QEMU before 2.3.1 does not distinguish between read lengths and write lengths, which might allow guest OS users to execute arbitrary code on the host OS by triggering use of an invalid index.Show less
CVE-2015-5165 7Arista DebianFedoraproject+4 more 24Debian Linux Enterprise Linux Compute Node EusEnterprise Linux Desktop+21 more May 6, 2026 Aug 12, 2015 N/A· v4 N/A· v3 9.3 HIGH· v2 The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors.
CVE-2015-4495 6Canonical MozillaOpensuse+3 more 15Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+12 more Apr 22, 2026 Aug 8, 2015 N/A· v4 8.8 HIGH· v3 4.3 MEDIUM· v2 The PDF reader in Mozilla Firefox before 39.0.3, Firefox ESR 38.x before 38.1.1, and Firefox OS before 2.2 allows remote attackers to bypass the Same Origin Policy, and read arbitrary files or gain privileges, via vector...Show more The PDF reader in Mozilla Firefox before 39.0.3, Firefox ESR 38.x before 38.1.1, and Firefox OS before 2.2 allows remote attackers to bypass the Same Origin Policy, and read arbitrary files or gain privileges, via vectors involving crafted JavaScript code and a native setter, as exploited in the wild in August 2015.Show less
CVE-2015-4757 6Canonical DebianMariadb+3 more 11Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+8 more May 6, 2026 Jul 16, 2015 N/A· v4 N/A· v3 3.5 LOW· v2 Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier and 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.
CVE-2015-4752 6Canonical DebianMariadb+3 more 12Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+9 more May 6, 2026 Jul 16, 2015 N/A· v4 N/A· v3 4.0 MEDIUM· v2 Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to Server : I_S.
CVE-2015-2648 6Canonical DebianMariadb+3 more 12Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+9 more May 6, 2026 Jul 16, 2015 N/A· v4 N/A· v3 4.0 MEDIUM· v2 Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to DML.
CVE-2015-2643 6Canonical DebianMariadb+3 more 12Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+9 more May 6, 2026 Jul 16, 2015 N/A· v4 N/A· v3 4.0 MEDIUM· v2 Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.
CVE-2015-2590 6Canonical DebianOpensuse+3 more 21Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+18 more Apr 21, 2026 Jul 16, 2015 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries...Show more Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2015-4732.Show less
CVE-2015-2582 5Canonical DebianMariadb+2 more 11Debian Linux Enterprise Linux DesktopEnterprise Linux Server+8 more May 6, 2026 Jul 16, 2015 N/A· v4 N/A· v3 4.0 MEDIUM· v2 Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to GIS.
CVE-2015-5123 4Adobe OpensuseRedhat+1 more 9Enterprise Linux Desktop Enterprise Linux ServerEnterprise Linux Server Eus+6 more Apr 21, 2026 Jul 14, 2015 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Use-after-free vulnerability in the BitmapData class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through...Show more Use-after-free vulnerability in the BitmapData class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installations allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that overrides a valueOf function, as exploited in the wild in July 2015.Show less
CVE-2015-5122 4Adobe OpensuseRedhat+1 more 9Enterprise Linux Desktop Enterprise Linux ServerEnterprise Linux Server Eus+6 more Apr 21, 2026 Jul 14, 2015 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x thro...Show more Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installations allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that leverages improper handling of the opaqueBackground property, as exploited in the wild in July 2015.Show less
CVE-2015-5119 4Adobe OpensuseRedhat+1 more 11Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+8 more Apr 21, 2026 Jul 8, 2015 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Use-after-free vulnerability in the ByteArray class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.296 and 14.x through 18.0.0.194 on Windows and OS X and 11.x through 11.2.202.468 o...Show more Use-after-free vulnerability in the ByteArray class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.296 and 14.x through 18.0.0.194 on Windows and OS X and 11.x through 11.2.202.468 on Linux allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that overrides a valueOf function, as exploited in the wild in July 2015.Show less
CVE-2015-3281 6Canonical DebianHaproxy+3 more 12Debian Linux Enterprise Linux DesktopEnterprise Linux Server+9 more May 6, 2026 Jul 6, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The buffer_slow_realign function in HAProxy 1.5.x before 1.5.14 and 1.6-dev does not properly realign a buffer that is used for pending outgoing data, which allows remote attackers to obtain sensitive information (uninit...Show more The buffer_slow_realign function in HAProxy 1.5.x before 1.5.14 and 1.6-dev does not properly realign a buffer that is used for pending outgoing data, which allows remote attackers to obtain sensitive information (uninitialized memory contents of previous requests) via a crafted request.Show less
CVE-2015-0192 3Ibm RedhatSuse 8Enterprise Linux Desktop Enterprise Linux ServerEnterprise Linux Server Aus+5 more May 27, 2026 Jul 2, 2015 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Unspecified vulnerability in IBM Java 8 before SR1, 7 R1 before SR2 FP11, 7 before SR9, 6 R1 before SR8 FP4, 6 before SR16 FP4, and 5.0 before SR16 FP10 allows remote attackers to gain privileges via unknown vectors rela...Show more Unspecified vulnerability in IBM Java 8 before SR1, 7 R1 before SR2 FP11, 7 before SR9, 6 R1 before SR8 FP4, 6 before SR16 FP4, and 5.0 before SR16 FP10 allows remote attackers to gain privileges via unknown vectors related to the Java Virtual Machine.Show less

Previous 1...737475...95 Next