Enterprise Linux Workstation

enterprise_linux_workstation

Vendor: Redhat • 1,845 CVEs

CVEs (1,845)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2015-0382 7Canonical DebianFedoraproject+4 more 17Communications Policy Management Debian LinuxEnterprise Linux Desktop+14 more May 6, 2026 Jan 21, 2015 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication, a different vulnerability tha...Show more Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication, a different vulnerability than CVE-2015-0381.Show less
CVE-2015-0381 7Canonical DebianFedoraproject+4 more 17Communications Policy Management Debian LinuxEnterprise Linux Desktop+14 more May 6, 2026 Jan 21, 2015 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication, a different vulnerability tha...Show more Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication, a different vulnerability than CVE-2015-0382.Show less
CVE-2015-0374 7Canonical DebianFedoraproject+4 more 16Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+13 more May 6, 2026 Jan 21, 2015 N/A· v4 N/A· v3 3.5 LOW· v2 Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges : Forei...Show more Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges : Foreign Key.Show less
CVE-2014-6568 7Canonical DebianFedoraproject+4 more 16Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+13 more May 6, 2026 Jan 21, 2015 N/A· v4 N/A· v3 3.5 LOW· v2 Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier, and 5.6.21 and earlier, allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DML.
CVE-2014-9585 7Canonical DebianFedoraproject+4 more 19Debian Linux Enterprise Linux AusEnterprise Linux Desktop+16 more May 6, 2026 Jan 9, 2015 N/A· v4 N/A· v3 2.1 LOW· v2 The vdso_addr function in arch/x86/vdso/vma.c in the Linux kernel through 3.18.2 does not properly choose memory locations for the vDSO area, which makes it easier for local users to bypass the ASLR protection mechanism...Show more The vdso_addr function in arch/x86/vdso/vma.c in the Linux kernel through 3.18.2 does not properly choose memory locations for the vDSO area, which makes it easier for local users to bypass the ASLR protection mechanism by guessing a location at the end of a PMD.Show less
CVE-2014-9584 7Canonical DebianLinux+4 more 19Debian Linux Enterprise Linux AusEnterprise Linux Desktop+16 more May 6, 2026 Jan 9, 2015 N/A· v4 N/A· v3 2.1 LOW· v2 The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel before 3.18.2 does not validate a length value in the Extensions Reference (ER) System Use Field, which allows local users to obtain sen...Show more The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel before 3.18.2 does not validate a length value in the Extensions Reference (ER) System Use Field, which allows local users to obtain sensitive information from kernel memory via a crafted iso9660 image.Show less
CVE-2014-9529 6Canonical DebianFedoraproject+3 more 11Debian Linux Enterprise Linux DesktopEnterprise Linux Server+8 more May 6, 2026 Jan 9, 2015 N/A· v4 N/A· v3 6.9 MEDIUM· v2 Race condition in the key_gc_unused_keys function in security/keys/gc.c in the Linux kernel through 3.18.2 allows local users to cause a denial of service (memory corruption or panic) or possibly have unspecified other i...Show more Race condition in the key_gc_unused_keys function in security/keys/gc.c in the Linux kernel through 3.18.2 allows local users to cause a denial of service (memory corruption or panic) or possibly have unspecified other impact via keyctl commands that trigger access to a key structure member during garbage collection of a key.Show less
CVE-2014-7300 2Gnome Redhat 5Enterprise Linux Desktop Enterprise Linux Hpc NodeEnterprise Linux Server+2 more May 6, 2026 Dec 25, 2014 N/A· v4 N/A· v3 7.2 HIGH· v2 GNOME Shell 3.14.x before 3.14.1, when the Screen Lock feature is used, does not limit the aggregate memory consumption of all active PrtSc requests, which allows physically proximate attackers to execute arbitrary comma...Show more GNOME Shell 3.14.x before 3.14.1, when the Screen Lock feature is used, does not limit the aggregate memory consumption of all active PrtSc requests, which allows physically proximate attackers to execute arbitrary commands on an unattended workstation by making many PrtSc requests and leveraging a temporary lock outage, and the resulting temporary shell availability, caused by the Linux kernel OOM killer.Show less
CVE-2014-8136 4Canonical MageiaOpensuse+1 more 8Enterprise Linux Desktop Enterprise Linux Hpc NodeEnterprise Linux Server+5 more May 6, 2026 Dec 19, 2014 N/A· v4 N/A· v3 2.1 LOW· v2 The (1) qemuDomainMigratePerform and (2) qemuDomainMigrateFinish2 functions in qemu/qemu_driver.c in libvirt do not unlock the domain when an ACL check fails, which allow local users to cause a denial of service via unsp...Show more The (1) qemuDomainMigratePerform and (2) qemuDomainMigrateFinish2 functions in qemu/qemu_driver.c in libvirt do not unlock the domain when an ACL check fails, which allow local users to cause a denial of service via unspecified vectors.Show less
CVE-2014-8108 3Apache AppleRedhat 6Enterprise Linux Desktop Enterprise Linux Hpc NodeEnterprise Linux Server+3 more May 6, 2026 Dec 18, 2014 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.7.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a request for a UR...Show more The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.7.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a request for a URI that triggers a lookup for a virtual transaction name that does not exist.Show less
CVE-2014-3580 4Apache AppleDebian+1 more 8Debian Linux Enterprise Linux DesktopEnterprise Linux Hpc Node+5 more May 6, 2026 Dec 18, 2014 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a REPORT requ...Show more The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a REPORT request for a resource that does not exist.Show less
CVE-2014-5353 7Canonical DebianFedoraproject+4 more 12Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+9 more May 6, 2026 Dec 16, 2014 N/A· v4 N/A· v3 3.5 LOW· v2 The krb5_ldap_get_password_policy_from_dn function in plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c in MIT Kerberos 5 (aka krb5) before 1.13.1, when the KDC uses LDAP, allows remote authenticated users to cause a denial...Show more The krb5_ldap_get_password_policy_from_dn function in plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c in MIT Kerberos 5 (aka krb5) before 1.13.1, when the KDC uses LDAP, allows remote authenticated users to cause a denial of service (daemon crash) via a successful LDAP query with no results, as demonstrated by using an incorrect object type for a password policy.Show less
CVE-2014-8964 6Fedoraproject MariadbOpensuse+3 more 11Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+8 more May 6, 2026 Dec 16, 2014 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Heap-based buffer overflow in PCRE 8.36 and earlier allows remote attackers to cause a denial of service (crash) or have other unspecified impact via a crafted regular expression, related to an assertion that allows zero...Show more Heap-based buffer overflow in PCRE 8.36 and earlier allows remote attackers to cause a denial of service (crash) or have other unspecified impact via a crafted regular expression, related to an assertion that allows zero repeats.Show less
CVE-2014-7840 2Qemu Redhat 7Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+4 more May 6, 2026 Dec 12, 2014 N/A· v4 N/A· v3 7.5 HIGH· v2 The host_from_stream_offset function in arch_init.c in QEMU, when loading RAM during migration, allows remote attackers to execute arbitrary code via a crafted (1) offset or (2) length value in savevm data.
CVE-2014-9273 3Debian OpensuseRedhat 6Enterprise Linux Desktop Enterprise Linux Hpc NodeEnterprise Linux Server+3 more May 6, 2026 Dec 8, 2014 N/A· v4 N/A· v3 4.6 MEDIUM· v2 lib/handle.c in Hivex before 1.3.11 allows local users to execute arbitrary code and gain privileges via a small hive files, which triggers an out-of-bounds read or write.
CVE-2012-6662 2Jqueryui Redhat 5Enterprise Linux Desktop Enterprise Linux Hpc NodeEnterprise Linux Server+2 more May 6, 2026 Nov 24, 2014 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in the default content option in jquery.ui.tooltip.js in the Tooltip widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title...Show more Cross-site scripting (XSS) vulnerability in the default content option in jquery.ui.tooltip.js in the Tooltip widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title attribute, which is not properly handled in the autocomplete combo box demo.Show less
CVE-2014-4975 4Canonical DebianRedhat+1 more 7Debian Linux Enterprise Linux DesktopEnterprise Linux Hpc Node+4 more May 6, 2026 Nov 15, 2014 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Off-by-one error in the encodes function in pack.c in Ruby 1.9.3 and earlier, and 2.x through 2.1.2, when using certain format string specifiers, allows context-dependent attackers to cause a denial of service (segmentat...Show more Off-by-one error in the encodes function in pack.c in Ruby 1.9.3 and earlier, and 2.x through 2.1.2, when using certain format string specifiers, allows context-dependent attackers to cause a denial of service (segmentation fault) via vectors that trigger a stack-based buffer overflow.Show less
CVE-2014-8567 2Redhat Uninett 7Enterprise Linux Desktop Enterprise Linux ServerEnterprise Linux Server Aus+4 more May 6, 2026 Nov 14, 2014 N/A· v4 N/A· v3 9.4 HIGH· v2 The mod_auth_mellon module before 0.8.1 allows remote attackers to cause a denial of service (Apache HTTP server crash) via a crafted logout request that triggers a read of uninitialized data.
CVE-2014-7815 5Canonical DebianQemu+2 more 11Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+8 more May 6, 2026 Nov 14, 2014 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The set_pixel_format function in ui/vnc.c in QEMU allows remote attackers to cause a denial of service (crash) via a small bytes_per_pixel value.
CVE-2014-8564 4Canonical GnuOpensuse+1 more 7Enterprise Linux Desktop Enterprise Linux Hpc NodeEnterprise Linux Server+4 more May 6, 2026 Nov 13, 2014 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The _gnutls_ecc_ansi_x963_export function in gnutls_ecc.c in GnuTLS 3.x before 3.1.28, 3.2.x before 3.2.20, and 3.3.x before 3.3.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted...Show more The _gnutls_ecc_ansi_x963_export function in gnutls_ecc.c in GnuTLS 3.x before 3.1.28, 3.2.x before 3.2.20, and 3.3.x before 3.3.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted (1) Elliptic Curve Cryptography (ECC) certificate or (2) certificate signing requests (CSR), related to generating key IDs.Show less

Previous 1...757677...93 Next