Enterprise Linux Workstation

enterprise_linux_workstation

Vendor: Redhat • 1,845 CVEs

CVEs (1,845)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2015-7704 6Citrix DebianMcafee+3 more 14Clustered Data Ontap Data OntapDebian Linux+11 more May 13, 2026 Aug 7, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted "KOD" messages.
CVE-2015-7702 5Debian NetappNtp+2 more 13Clustered Data Ontap Data OntapDebian Linux+10 more May 13, 2026 Aug 7, 2017 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9...Show more The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750.Show less
CVE-2015-7701 5Debian NetappNtp+2 more 13Clustered Data Ontap Data OntapDebian Linux+10 more May 13, 2026 Aug 7, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Memory leak in the CRYPTO_ASSOC function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (memory consumption).
CVE-2015-7692 5Debian NetappNtp+2 more 13Clustered Data Ontap Data OntapDebian Linux+10 more May 13, 2026 Aug 7, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9...Show more The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750.Show less
CVE-2015-7691 5Debian NetappNtp+2 more 13Clustered Data Ontap Data OntapDebian Linux+10 more May 13, 2026 Aug 7, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted packets containing particular autokey operations. NOTE: This...Show more The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted packets containing particular autokey operations. NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750.Show less
CVE-2017-10664 3Debian QemuRedhat 10Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+7 more May 13, 2026 Aug 2, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 qemu-nbd in QEMU (aka Quick Emulator) does not ignore SIGPIPE, which allows remote attackers to cause a denial of service (daemon crash) by disconnecting during a server-to-client reply attempt.
CVE-2016-8743 4Apache DebianNetapp+1 more 11Clustered Data Ontap Debian LinuxEnterprise Linux Desktop+8 more May 13, 2026 Jul 27, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Apache HTTP Server, in all releases prior to 2.2.32 and 2.4.25, was liberal in the whitespace accepted from requests and sent in response lines and headers. Accepting these different behaviors represented a security conc...Show more Apache HTTP Server, in all releases prior to 2.2.32 and 2.4.25, was liberal in the whitespace accepted from requests and sent in response lines and headers. Accepting these different behaviors represented a security concern when httpd participates in any chain of proxies or interacts with back-end application servers, either through mod_proxy or using conventional CGI mechanisms, and may result in request smuggling, response splitting and cache pollution.Show less
CVE-2015-3149 1Redhat 7Enterprise Linux Desktop Enterprise Linux Hpc NodeEnterprise Linux Hpc Node Eus+4 more May 13, 2026 Jul 25, 2017 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 The Hotspot component in OpenJDK8 as packaged in Red Hat Enterprise Linux 6 and 7 allows local users to write to arbitrary files via a symlink attack.
CVE-2017-7980 4Canonical DebianQemu+1 more 11Debian Linux Enterprise Linux DesktopEnterprise Linux Server+8 more May 13, 2026 Jul 25, 2017 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 Heap-based buffer overflow in Cirrus CLGD 54xx VGA Emulator in Quick Emulator (Qemu) 2.8 and earlier allows local guest OS users to execute arbitrary code or cause a denial of service (crash) via vectors related to a VNC...Show more Heap-based buffer overflow in Cirrus CLGD 54xx VGA Emulator in Quick Emulator (Qemu) 2.8 and earlier allows local guest OS users to execute arbitrary code or cause a denial of service (crash) via vectors related to a VNC client updating its display after a VGA operation.Show less
CVE-2015-7703 5Debian NetappNtp+2 more 13Clustered Data Ontap Data OntapDebian Linux+10 more May 13, 2026 Jul 24, 2017 N/A· v4 7.5 HIGH· v3 4.3 MEDIUM· v2 The "pidfile" or "driftfile" directives in NTP ntpd 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77, when ntpd is configured to allow remote configuration, allows remote attackers with an IP address that is allowed to send...Show more The "pidfile" or "driftfile" directives in NTP ntpd 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77, when ntpd is configured to allow remote configuration, allows remote attackers with an IP address that is allowed to send configuration requests, and with knowledge of the remote configuration password to write to arbitrary files via the :config command.Show less
CVE-2015-5300 7Canonical DebianFedoraproject+4 more 20Debian Linux Enterprise Linux DesktopEnterprise Linux Hpc Node+17 more May 13, 2026 Jul 21, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, which allows remote attackers to set NTP to an arbitrary time wh...Show more The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, which allows remote attackers to set NTP to an arbitrary time when started with the -g option, or to alter the time by up to 900 seconds otherwise by responding to an unspecified number of requests from trusted sources, and leveraging a resulting denial of service (abort and restart).Show less
CVE-2015-5219 10Canonical DebianFedoraproject+7 more 18Debian Linux Enterprise Linux DesktopEnterprise Linux Hpc Node+15 more May 13, 2026 Jul 21, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a craft...Show more The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a crafted NTP packet.Show less
CVE-2015-5195 5Canonical DebianFedoraproject+2 more 8Debian Linux Enterprise Linux DesktopEnterprise Linux Hpc Node+5 more May 13, 2026 Jul 21, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 ntp_openssl.m4 in ntpd in NTP before 4.2.7p112 allows remote attackers to cause a denial of service (segmentation fault) via a crafted statistics or filegen configuration command that is not enabled during compilation.
CVE-2015-5194 6Canonical DebianFedoraproject+3 more 13Debian Linux Enterprise Linux DesktopEnterprise Linux Hpc Node+10 more May 13, 2026 Jul 21, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The log_config_command function in ntp_parser.y in ntpd in NTP before 4.2.7p42 allows remote attackers to cause a denial of service (ntpd crash) via crafted logconfig commands.
CVE-2017-10978 3Debian FreeradiusRedhat 8Debian Linux Enterprise Linux DesktopEnterprise Linux Server+5 more May 13, 2026 Jul 17, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 An FR-GV-201 issue in FreeRADIUS 2.x before 2.2.10 and 3.x before 3.0.15 allows "Read / write overflow in make_secret()" and a denial of service.
CVE-2017-1000050 4Canonical FedoraprojectJasper Project+1 more 6Enterprise Linux Desktop Enterprise Linux ServerEnterprise Linux Workstation+3 more May 13, 2026 Jul 17, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 JasPer 2.0.12 is vulnerable to a NULL pointer exception in the function jp2_encode which failed to check to see if the image contained at least one component resulting in a denial-of-service.
CVE-2017-9788 6Apache AppleDebian+3 more 15Debian Linux Enterprise Linux DesktopEnterprise Linux Server+12 more May 13, 2026 Jul 13, 2017 N/A· v4 9.1 CRITICAL· v3 6.4 MEDIUM· v2 In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by mod_auth_d...Show more In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by mod_auth_digest. Providing an initial key with no '=' assignment could reflect the stale value of uninitialized pool memory used by the prior request, leading to leakage of potentially confidential information, and a segfault in other cases resulting in denial of service.Show less
CVE-2017-9776 3Debian FreedesktopRedhat 8Debian Linux Enterprise Linux DesktopEnterprise Linux Server+5 more May 13, 2026 Jun 22, 2017 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 Integer overflow leading to Heap buffer overflow in JBIG2Stream.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact v...Show more Integer overflow leading to Heap buffer overflow in JBIG2Stream.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document.Show less
CVE-2017-9775 3Debian FreedesktopRedhat 8Debian Linux Enterprise Linux DesktopEnterprise Linux Server+5 more May 13, 2026 Jun 22, 2017 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 Stack buffer overflow in GfxState.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service (application crash) via a crafted PDF document.
CVE-2017-7668 6Apache AppleDebian+3 more 13Clustered Data Ontap Debian LinuxEnterprise Linux Desktop+10 more May 13, 2026 Jun 20, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The HTTP strict parsing changes added in Apache httpd 2.2.32 and 2.4.24 introduced a bug in token list parsing, which allows ap_find_token() to search past the end of its input string. By maliciously crafting a sequence...Show more The HTTP strict parsing changes added in Apache httpd 2.2.32 and 2.4.24 introduced a bug in token list parsing, which allows ap_find_token() to search past the end of its input string. By maliciously crafting a sequence of request headers, an attacker may be able to cause a segmentation fault, or to force ap_find_token() to return an incorrect value.Show less

Previous 1...555657...93 Next