Enterprise Linux Server

enterprise_linux_server

Vendor: Redhat • 1,891 CVEs

CVEs (1,891)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2012-4202 5Canonical MozillaOpensuse+2 more 13Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+10 more Apr 29, 2026 Nov 21, 2012 N/A· v4 N/A· v3 9.3 HIGH· v2 Heap-based buffer overflow in the image::RasterImage::DrawFrameTo function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey befo...Show more Heap-based buffer overflow in the image::RasterImage::DrawFrameTo function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code via a crafted GIF image.Show less
CVE-2012-4201 6Canonical DebianMozilla+3 more 14Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+11 more Apr 29, 2026 Nov 21, 2012 N/A· v4 N/A· v3 4.3 MEDIUM· v2 The evalInSandbox implementation in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 uses an incorrect context during t...Show more The evalInSandbox implementation in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 uses an incorrect context during the handling of JavaScript code that sets the location.href property, which allows remote attackers to conduct cross-site scripting (XSS) attacks or read arbitrary files by leveraging a sandboxed add-on.Show less
CVE-2012-4564 5Canonical DebianLibtiff+2 more 8Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+5 more Apr 29, 2026 Nov 11, 2012 N/A· v4 N/A· v3 6.8 MEDIUM· v2 ppm2tiff does not check the return value of the TIFFScanlineSize function, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PPM image that triggers an i...Show more ppm2tiff does not check the return value of the TIFFScanlineSize function, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PPM image that triggers an integer overflow, a zero-memory allocation, and a heap-based buffer overflow.Show less
CVE-2012-4196 5Canonical MozillaOpensuse+2 more 13Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+10 more Apr 29, 2026 Oct 29, 2012 N/A· v4 N/A· v3 6.4 MEDIUM· v2 Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 allow remote attackers to bypass the Same Origin Policy and read...Show more Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 allow remote attackers to bypass the Same Origin Policy and read the Location object via a prototype property-injection attack that defeats certain protection mechanisms for this object.Show less
CVE-2012-4195 5Canonical MozillaOpensuse+2 more 13Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+10 more Apr 29, 2026 Oct 29, 2012 N/A· v4 N/A· v3 4.3 MEDIUM· v2 The nsLocation::CheckURL function in Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 does not properly determine...Show more The nsLocation::CheckURL function in Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 does not properly determine the calling document and principal in its return value, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site, and makes it easier for remote attackers to execute arbitrary JavaScript code by leveraging certain add-on behavior.Show less
CVE-2012-4194 5Canonical MozillaOpensuse+2 more 13Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+10 more Apr 29, 2026 Oct 29, 2012 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 do not prevent use of the valueOf method to shadow the location...Show more Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 do not prevent use of the valueOf method to shadow the location object (aka window.location), which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via vectors involving a plugin.Show less
CVE-2012-4406 3Fedoraproject OpenstackRedhat 7Enterprise Linux Server FedoraGluster Storage Management Console+4 more Apr 29, 2026 Oct 22, 2012 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 OpenStack Object Storage (swift) before 1.7.0 uses the loads function in the pickle Python module unsafely when storing and loading metadata in memcached, which allows remote attackers to execute arbitrary code via a cra...Show more OpenStack Object Storage (swift) before 1.7.0 uses the loads function in the pickle Python module unsafely when storing and loading metadata in memcached, which allows remote attackers to execute arbitrary code via a crafted pickle object.Show less
CVE-2012-3197 5Canonical DebianMariadb+2 more 8Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+5 more Apr 29, 2026 Oct 17, 2012 N/A· v4 N/A· v3 3.5 LOW· v2 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Replicati...Show more Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Replication.Show less
CVE-2012-3180 5Canonical DebianMariadb+2 more 8Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+5 more Apr 29, 2026 Oct 17, 2012 N/A· v4 N/A· v3 4.0 MEDIUM· v2 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer...Show more Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.Show less
CVE-2012-3177 5Canonical DebianMariadb+2 more 9Debian Linux Enterprise LinuxEnterprise Linux Desktop+6 more Apr 29, 2026 Oct 17, 2012 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server.
CVE-2012-3173 5Canonical DebianMariadb+2 more 8Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+5 more Apr 29, 2026 Oct 17, 2012 N/A· v4 N/A· v3 4.0 MEDIUM· v2 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to InnoDB Plugin.
CVE-2012-3167 5Canonical DebianMariadb+2 more 8Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+5 more Apr 29, 2026 Oct 17, 2012 N/A· v4 N/A· v3 3.5 LOW· v2 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Full Text...Show more Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Full Text Search.Show less
CVE-2012-3166 5Canonical DebianMariadb+2 more 9Debian Linux Enterprise LinuxEnterprise Linux Desktop+6 more Apr 29, 2026 Oct 17, 2012 N/A· v4 N/A· v3 4.0 MEDIUM· v2 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
CVE-2012-3163 6Canonical DebianF5+3 more 21Big Ip Access Policy Manager Big Ip Advanced Firewall ManagerBig Ip Analytics+18 more Apr 29, 2026 Oct 17, 2012 N/A· v4 N/A· v3 9.0 HIGH· v2 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vec...Show more Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Information Schema.Show less
CVE-2012-3160 5Canonical DebianMariadb+2 more 8Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+5 more Apr 29, 2026 Oct 16, 2012 N/A· v4 N/A· v3 2.1 LOW· v2 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows local users to affect confidentiality via unknown vectors related to Server Installation.
CVE-2012-3158 5Canonical DebianMariadb+2 more 8Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+5 more Apr 29, 2026 Oct 16, 2012 N/A· v4 N/A· v3 7.5 HIGH· v2 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors relat...Show more Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Protocol.Show less
CVE-2012-3150 5Canonical DebianMariadb+2 more 8Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+5 more Apr 29, 2026 Oct 16, 2012 N/A· v4 N/A· v3 4.0 MEDIUM· v2 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer...Show more Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.Show less
CVE-2012-4193 4Canonical MozillaRedhat+1 more 12Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+9 more Apr 29, 2026 Oct 12, 2012 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Mozilla Firefox before 16.0.1, Firefox ESR 10.x before 10.0.9, Thunderbird before 16.0.1, Thunderbird ESR 10.x before 10.0.9, and SeaMonkey before 2.13.1 omit a security check in the defaultValue function during the unwr...Show more Mozilla Firefox before 16.0.1, Firefox ESR 10.x before 10.0.9, Thunderbird before 16.0.1, Thunderbird ESR 10.x before 10.0.9, and SeaMonkey before 2.13.1 omit a security check in the defaultValue function during the unwrapping of security wrappers, which allows remote attackers to bypass the Same Origin Policy and read the properties of a Location object, or execute arbitrary JavaScript code, via a crafted web site.Show less
CVE-2012-4188 5Canonical DebianMozilla+2 more 13Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+10 more Apr 29, 2026 Oct 10, 2012 N/A· v4 N/A· v3 9.3 HIGH· v2 Heap-based buffer overflow in the Convolve3x3 function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote...Show more Heap-based buffer overflow in the Convolve3x3 function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code via unspecified vectors.Show less
CVE-2012-4187 4Canonical MozillaRedhat+1 more 12Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+9 more Apr 29, 2026 Oct 10, 2012 N/A· v4 N/A· v3 9.3 HIGH· v2 Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly manage a certain insPos variable, which allows remote at...Show more Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly manage a certain insPos variable, which allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and assertion failure) via unspecified vectors.Show less

Previous 1...878889...95 Next