Enterprise Linux Workstation

enterprise_linux_workstation

Vendor: Redhat • 1,845 CVEs

CVEs (1,845)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2015-1241 6Canonical DebianGoogle+3 more 11Chrome Debian LinuxEnterprise Linux Desktop+8 more May 6, 2026 Apr 19, 2015 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Google Chrome before 42.0.2311.90 does not properly consider the interaction of page navigation with the handling of touch events and gesture events, which allows remote attackers to trigger unintended UI actions via a c...Show more Google Chrome before 42.0.2311.90 does not properly consider the interaction of page navigation with the handling of touch events and gesture events, which allows remote attackers to trigger unintended UI actions via a crafted web site that conducts a "tapjacking" attack.Show less
CVE-2015-2573 6Canonical DebianMariadb+3 more 14Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+11 more May 6, 2026 Apr 16, 2015 N/A· v4 N/A· v3 4.0 MEDIUM· v2 Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via vectors related to DDL.
CVE-2015-2571 6Canonical DebianMariadb+3 more 14Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+11 more May 6, 2026 Apr 16, 2015 N/A· v4 N/A· v3 4.0 MEDIUM· v2 Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.
CVE-2015-2568 6Canonical DebianMariadb+3 more 15Communications Policy Management Debian LinuxEnterprise Linux Desktop+12 more May 6, 2026 Apr 16, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote attackers to affect availability via unknown vectors related to Server : Security : Privileges.
CVE-2015-0505 6Canonical DebianMariadb+3 more 14Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+11 more May 6, 2026 Apr 16, 2015 N/A· v4 N/A· v3 3.5 LOW· v2 Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via vectors related to DDL.
CVE-2015-0501 7Canonical DebianJuniper+4 more 14Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+11 more May 6, 2026 Apr 16, 2015 N/A· v4 N/A· v3 5.7 MEDIUM· v2 Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Compiling.
CVE-2015-0499 6Canonical DebianMariadb+3 more 14Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+11 more May 6, 2026 Apr 16, 2015 N/A· v4 N/A· v3 3.5 LOW· v2 Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Federated.
CVE-2015-0441 6Canonical DebianMariadb+3 more 13Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+10 more May 6, 2026 Apr 16, 2015 N/A· v4 N/A· v3 4.0 MEDIUM· v2 Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Encryption.
CVE-2015-0433 6Canonical DebianMariadb+3 more 15Communications Policy Management Debian LinuxEnterprise Linux Desktop+12 more May 6, 2026 Apr 16, 2015 N/A· v4 N/A· v3 4.0 MEDIUM· v2 Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via vectors related to InnoDB : DML.
CVE-2015-3043 4Adobe NovellOpensuse+1 more 11Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+8 more Apr 21, 2026 Apr 14, 2015 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption...Show more Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as exploited in the wild in April 2015, a different vulnerability than CVE-2015-0347, CVE-2015-0350, CVE-2015-0352, CVE-2015-0353, CVE-2015-0354, CVE-2015-0355, CVE-2015-0360, CVE-2015-3038, CVE-2015-3041, and CVE-2015-3042.Show less
CVE-2015-0251 5Apache AppleOpensuse+2 more 9Enterprise Linux Desktop Enterprise Linux Hpc NodeEnterprise Linux Server+6 more May 6, 2026 Apr 8, 2015 N/A· v4 N/A· v3 4.0 MEDIUM· v2 The mod_dav_svn server in Subversion 1.5.0 through 1.7.19 and 1.8.0 through 1.8.11 allows remote authenticated users to spoof the svn:author property via a crafted v1 HTTP protocol request sequences.
CVE-2015-0248 5Apache AppleOpensuse+2 more 9Enterprise Linux Desktop Enterprise Linux Hpc NodeEnterprise Linux Server+6 more May 6, 2026 Apr 8, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The (1) mod_dav_svn and (2) svnserve servers in Subversion 1.6.0 through 1.7.19 and 1.8.0 through 1.8.11 allow remote attackers to cause a denial of service (assertion failure and abort) via crafted parameter combination...Show more The (1) mod_dav_svn and (2) svnserve servers in Subversion 1.6.0 through 1.7.19 and 1.8.0 through 1.8.11 allow remote attackers to cause a denial of service (assertion failure and abort) via crafted parameter combinations related to dynamically evaluated revision numbers.Show less
CVE-2015-2808 9Canonical DebianFujitsu+6 more 619700 Firmware Cognos Metrics ManagerCommunications Application Session Controller+58 more May 28, 2026 Apr 1, 2015 N/A· v4 3.7 LOW· v3 5.0 MEDIUM· v2 The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recover...Show more The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the "Bar Mitzvah" issue.Show less
CVE-2015-2787 4Apple OpensusePhp+1 more 9Enterprise Linux Desktop Enterprise Linux Hpc NodeEnterprise Linux Hpc Node Eus+6 more May 6, 2026 Mar 30, 2015 N/A· v4 N/A· v3 7.5 HIGH· v2 Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 allows remote attackers to execute arbitrary code via...Show more Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages use of the unset function within an __wakeup function, a related issue to CVE-2015-0231.Show less
CVE-2015-2348 4Apple OpensusePhp+1 more 9Enterprise Linux Desktop Enterprise Linux Hpc NodeEnterprise Linux Hpc Node Eus+6 more May 6, 2026 Mar 30, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The move_uploaded_file implementation in ext/standard/basic_functions.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 truncates a pathname upon encountering a \x00 character, which allows remote attac...Show more The move_uploaded_file implementation in ext/standard/basic_functions.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 truncates a pathname upon encountering a \x00 character, which allows remote attackers to bypass intended extension restrictions and create files with unexpected names via a crafted second argument. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-7243.Show less
CVE-2015-2301 6Apple CanonicalDebian+3 more 11Debian Linux Enterprise Linux DesktopEnterprise Linux Hpc Node+8 more May 6, 2026 Mar 30, 2015 N/A· v4 N/A· v3 7.5 HIGH· v2 Use-after-free vulnerability in the phar_rename_archive function in phar_object.c in PHP before 5.5.22 and 5.6.x before 5.6.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact...Show more Use-after-free vulnerability in the phar_rename_archive function in phar_object.c in PHP before 5.5.22 and 5.6.x before 5.6.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an attempted renaming of a Phar archive to the name of an existing file.Show less
CVE-2014-8169 3Automount Project OpensuseRedhat 6Automount Enterprise Linux DesktopEnterprise Linux Hpc Node+3 more May 6, 2026 Mar 18, 2015 N/A· v4 N/A· v3 4.4 MEDIUM· v2 automount 5.0.8, when a program map uses certain interpreted languages, uses the calling user's USER and HOME environment variable values instead of the values for the user used to run the mapped program, which allows lo...Show more automount 5.0.8, when a program map uses certain interpreted languages, uses the calling user's USER and HOME environment variable values instead of the values for the user used to run the mapped program, which allows local users to gain privileges via a Trojan horse program in the user home directory.Show less
CVE-2015-0239 5Canonical DebianLinux+2 more 7Debian Linux Enterprise Linux DesktopEnterprise Linux Server+4 more May 6, 2026 Mar 2, 2015 N/A· v4 N/A· v3 4.4 MEDIUM· v2 The em_sysenter function in arch/x86/kvm/emulate.c in the Linux kernel before 3.18.5, when the guest OS lacks SYSENTER MSR initialization, allows guest OS users to gain guest OS privileges or cause a denial of service (g...Show more The em_sysenter function in arch/x86/kvm/emulate.c in the Linux kernel before 3.18.5, when the guest OS lacks SYSENTER MSR initialization, allows guest OS users to gain guest OS privileges or cause a denial of service (guest OS crash) by triggering use of a 16-bit code segment for emulation of a SYSENTER instruction.Show less
CVE-2014-8160 6Canonical DebianLinux+3 more 15Debian Linux Enterprise Linux DesktopEnterprise Linux Server+12 more May 6, 2026 Mar 2, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 net/netfilter/nf_conntrack_proto_generic.c in the Linux kernel before 3.18 generates incorrect conntrack entries during handling of certain iptables rule sets for the SCTP, DCCP, GRE, and UDP-Lite protocols, which allows...Show more net/netfilter/nf_conntrack_proto_generic.c in the Linux kernel before 3.18 generates incorrect conntrack entries during handling of certain iptables rule sets for the SCTP, DCCP, GRE, and UDP-Lite protocols, which allows remote attackers to bypass intended access restrictions via packets with disallowed port numbers.Show less
CVE-2014-9675 6Canonical DebianFedoraproject+3 more 11Debian Linux Enterprise Linux DesktopEnterprise Linux Hpc Node+8 more May 6, 2026 Feb 8, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 bdf/bdflib.c in FreeType before 2.5.4 identifies property names by only verifying that an initial substring is present, which allows remote attackers to discover heap pointer values and bypass the ASLR protection mechani...Show more bdf/bdflib.c in FreeType before 2.5.4 identifies property names by only verifying that an initial substring is present, which allows remote attackers to discover heap pointer values and bypass the ASLR protection mechanism via a crafted BDF font.Show less

Previous 1...737475...93 Next