Enterprise Linux Server

enterprise_linux_server

Vendor: Redhat • 1,891 CVEs

CVEs (1,891)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2018-8905 4Canonical DebianLibtiff+1 more 6Debian Linux Enterprise Linux DesktopEnterprise Linux Server+3 more Nov 21, 2024 Mar 22, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 In LibTIFF 4.0.9, a heap-based buffer overflow occurs in the function LZWDecodeCompat in tif_lzw.c via a crafted TIFF file, as demonstrated by tiff2ps.
CVE-2018-8088 3Oracle QosRedhat 13Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+10 more Nov 21, 2024 Mar 20, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 org.slf4j.ext.EventData in the slf4j-ext module in QOS.CH SLF4J before 1.8.0-beta2 allows remote attackers to bypass intended access restrictions via crafted data. EventData in the slf4j-ext module in QOS.CH SLF4J, has b...Show more org.slf4j.ext.EventData in the slf4j-ext module in QOS.CH SLF4J before 1.8.0-beta2 allows remote attackers to bypass intended access restrictions via crafted data. EventData in the slf4j-ext module in QOS.CH SLF4J, has been fixed in SLF4J versions 1.7.26 later and in the 2.0.x series.Show less
CVE-2018-1068 4Canonical DebianLinux+1 more 10Debian Linux Enterprise Linux DesktopEnterprise Linux Server+7 more Nov 21, 2024 Mar 16, 2018 N/A· v4 6.7 MEDIUM· v3 7.2 HIGH· v2 A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory.
CVE-2018-1000122 5Canonical DebianHaxx+2 more 9Communications Webrtc Session Controller CurlDebian Linux+6 more Nov 21, 2024 Mar 14, 2018 N/A· v4 9.1 CRITICAL· v3 6.4 MEDIUM· v2 A buffer over-read exists in curl 7.20.0 to and including curl 7.58.0 in the RTSP+RTP handling code that allows an attacker to cause a denial of service or information leakage
CVE-2018-1000121 5Canonical DebianHaxx+2 more 9Communications Webrtc Session Controller CurlDebian Linux+6 more Nov 21, 2024 Mar 14, 2018 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 A NULL pointer dereference exists in curl 7.21.0 to and including curl 7.58.0 in the LDAP code that allows an attacker to cause a denial of service
CVE-2018-1000120 5Canonical DebianHaxx+2 more 9Communications Webrtc Session Controller CurlDebian Linux+6 more Nov 21, 2024 Mar 14, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A buffer overflow exists in curl 7.12.3 to and including curl 7.58.0 in the FTP URL handling that allows an attacker to cause a denial of service or worse.
CVE-2018-7750 3Debian ParamikoRedhat 11Ansible Engine CloudformsDebian Linux+8 more Nov 21, 2024 Mar 13, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 transport.py in the SSH server implementation of Paramiko before 1.17.6, 1.18.x before 1.18.5, 2.0.x before 2.0.8, 2.1.x before 2.1.5, 2.2.x before 2.2.3, 2.3.x before 2.3.2, and 2.4.x before 2.4.1 does not properly chec...Show more transport.py in the SSH server implementation of Paramiko before 1.17.6, 1.18.x before 1.18.5, 2.0.x before 2.0.8, 2.1.x before 2.1.5, 2.2.x before 2.2.3, 2.3.x before 2.3.2, and 2.4.x before 2.4.1 does not properly check whether authentication is completed before processing other requests, as demonstrated by channel-open. A customized SSH client can simply skip the authentication step.Show less
CVE-2018-1050 4Canonical DebianRedhat+1 more 6Debian Linux Enterprise Linux DesktopEnterprise Linux Server+3 more Nov 21, 2024 Mar 13, 2018 N/A· v4 4.3 MEDIUM· v3 3.3 LOW· v2 All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. Missing input sanitization checks on some of the input par...Show more All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. Missing input sanitization checks on some of the input parameters to spoolss RPC calls could cause the print spooler service to crash.Show less
CVE-2018-7858 4Canonical OpensuseQemu+1 more 9Enterprise Linux Desktop Enterprise Linux ServerEnterprise Linux Server Aus+6 more Nov 21, 2024 Mar 12, 2018 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 Quick Emulator (aka QEMU), when built with the Cirrus CLGD 54xx VGA Emulator support, allows local guest OS privileged users to cause a denial of service (out-of-bounds access and QEMU process crash) by leveraging incorr...Show more Quick Emulator (aka QEMU), when built with the Cirrus CLGD 54xx VGA Emulator support, allows local guest OS privileged users to cause a denial of service (out-of-bounds access and QEMU process crash) by leveraging incorrect region calculation when updating VGA display.Show less
CVE-2016-9600 3Canonical Jasper ProjectRedhat 8Enterprise Linux Desktop Enterprise Linux ServerEnterprise Linux Server Aus+5 more Nov 21, 2024 Mar 12, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 JasPer before version 2.0.10 is vulnerable to a null pointer dereference was found in the decoded creation of JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash.
CVE-2014-8130 3Apple LibtiffRedhat 9Enterprise Linux Desktop Enterprise Linux ServerEnterprise Linux Server Aus+6 more Nov 21, 2024 Mar 12, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 The _TIFFmalloc function in tif_unix.c in LibTIFF 4.0.3 does not reject a zero size, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image that i...Show more The _TIFFmalloc function in tif_unix.c in LibTIFF 4.0.3 does not reject a zero size, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image that is mishandled by the TIFFWriteScanline function in tif_write.c, as demonstrated by tiffdither.Show less
CVE-2014-8129 4Apple DebianLibtiff+1 more 8Debian Linux Enterprise Linux ServerEnterprise Linux Server Aus+5 more Nov 21, 2024 Mar 12, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by failure of tif_next.c to verify that the Bit...Show more LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by failure of tif_next.c to verify that the BitsPerSample value is 2, and the t2p_sample_lab_signed_to_unsigned function in tiff2pdf.c.Show less
CVE-2016-9591 3Debian Jasper ProjectRedhat 6Debian Linux Enterprise Linux DesktopEnterprise Linux Server+3 more Nov 21, 2024 Mar 9, 2018 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 JasPer before version 2.0.12 is vulnerable to a use-after-free in the way it decodes certain JPEG 2000 image files resulting in a crash on the application using JasPer.
CVE-2018-1071 4Canonical DebianRedhat+1 more 6Debian Linux Enterprise Linux DesktopEnterprise Linux Server+3 more Nov 21, 2024 Mar 9, 2018 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 zsh through version 5.4.2 is vulnerable to a stack-based buffer overflow in the exec.c:hashcmd() function. A local attacker could exploit this to cause a denial of service.
CVE-2018-1054 2Fedoraproject Redhat 4389 Directory Server Enterprise Linux DesktopEnterprise Linux Server+1 more Nov 21, 2024 Mar 7, 2018 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 An out-of-bounds memory read flaw was found in the way 389-ds-base handled certain LDAP search filters, affecting all versions including 1.4.x. A remote, unauthenticated attacker could potentially use this flaw to make n...Show more An out-of-bounds memory read flaw was found in the way 389-ds-base handled certain LDAP search filters, affecting all versions including 1.4.x. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus resulting in denial of service.Show less
CVE-2018-7740 4Canonical DebianLinux+1 more 7Debian Linux Enterprise Linux DesktopEnterprise Linux Server+4 more Nov 21, 2024 Mar 7, 2018 N/A· v4 5.5 MEDIUM· v3 4.9 MEDIUM· v2 The resv_map_release function in mm/hugetlb.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (BUG) via a crafted application that makes mmap system calls and has a large pgoff argument...Show more The resv_map_release function in mm/hugetlb.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (BUG) via a crafted application that makes mmap system calls and has a large pgoff argument to the remap_file_pages system call.Show less
CVE-2018-5730 4Debian FedoraprojectMit+1 more 6Debian Linux Enterprise Linux DesktopEnterprise Linux Server+3 more May 5, 2025 Mar 6, 2018 N/A· v4 3.8 LOW· v3 5.5 MEDIUM· v2 MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to circumvent a DN containership check by supplying both a "linkdn" and "containerdn" database argument,...Show more MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to circumvent a DN containership check by supplying both a "linkdn" and "containerdn" database argument, or by supplying a DN string which is a left extension of a container DN string but is not hierarchically within the container DN.Show less
CVE-2018-5729 4Debian FedoraprojectMit+1 more 6Debian Linux Enterprise Linux DesktopEnterprise Linux Server+3 more May 5, 2025 Mar 6, 2018 N/A· v4 4.7 MEDIUM· v3 6.5 MEDIUM· v2 MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to cause a denial of service (NULL pointer dereference) or bypass a DN container check by supplying tagg...Show more MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to cause a denial of service (NULL pointer dereference) or bypass a DN container check by supplying tagged data that is internal to the database module.Show less
CVE-2018-7727 2Gdraheim Redhat 4Enterprise Linux Desktop Enterprise Linux ServerEnterprise Linux Workstation+1 more Jul 10, 2025 Mar 6, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 An issue was discovered in ZZIPlib 0.13.68. There is a memory leak triggered in the function zzip_mem_disk_new in memdisk.c, which will lead to a denial of service attack.
CVE-2018-7726 3Canonical GdraheimRedhat 5Enterprise Linux Desktop Enterprise Linux ServerEnterprise Linux Workstation+2 more Jul 10, 2025 Mar 6, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 An issue was discovered in ZZIPlib 0.13.68. There is a bus error caused by the __zzip_parse_root_directory function of zip.c. Attackers could leverage this vulnerability to cause a denial of service via a crafted zip fil...Show more An issue was discovered in ZZIPlib 0.13.68. There is a bus error caused by the __zzip_parse_root_directory function of zip.c. Attackers could leverage this vulnerability to cause a denial of service via a crafted zip file.Show less

Previous 1...454647...95 Next