Enterprise Linux Workstation

enterprise_linux_workstation

Vendor: Redhat • 1,845 CVEs

CVEs (1,845)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2014-1532 7Canonical DebianFedoraproject+4 more 15Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+12 more May 6, 2026 Apr 30, 2014 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Use-after-free vulnerability in the nsHostResolver::ConditionallyRefreshRecord function in libxul.so in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows...Show more Use-after-free vulnerability in the nsHostResolver::ConditionallyRefreshRecord function in libxul.so in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to host resolution.Show less
CVE-2014-1531 7Canonical DebianFedoraproject+4 more 15Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+12 more May 6, 2026 Apr 30, 2014 N/A· v4 8.8 HIGH· v3 9.3 HIGH· v2 Use-after-free vulnerability in the nsGenericHTMLElement::GetWidthHeightForImage function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote att...Show more Use-after-free vulnerability in the nsGenericHTMLElement::GetWidthHeightForImage function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving an imgLoader object that is not properly handled during an image-resize operation.Show less
CVE-2014-1530 7Canonical DebianFedoraproject+4 more 15Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+12 more May 6, 2026 Apr 30, 2014 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 The docshell implementation in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to trigger the loading of a URL with a spoofed baseURI...Show more The docshell implementation in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to trigger the loading of a URL with a spoofed baseURI property, and conduct cross-site scripting (XSS) attacks, via a crafted web site that performs history navigation.Show less
CVE-2014-1529 7Canonical DebianFedoraproject+4 more 15Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+12 more May 6, 2026 Apr 30, 2014 N/A· v4 8.8 HIGH· v3 9.3 HIGH· v2 The Web Notification API in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to bypass intended source-component restrictions and execu...Show more The Web Notification API in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to bypass intended source-component restrictions and execute arbitrary JavaScript code in a privileged context via a crafted web page for which Notification.permission is granted.Show less
CVE-2014-1524 7Canonical DebianFedoraproject+4 more 15Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+12 more May 6, 2026 Apr 30, 2014 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The nsXBLProtoImpl::InstallImplementation function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 does not properly check whether objects are XBL objects,...Show more The nsXBLProtoImpl::InstallImplementation function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 does not properly check whether objects are XBL objects, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via crafted JavaScript code that accesses a non-XBL object as if it were an XBL object.Show less
CVE-2014-1523 7Canonical DebianFedoraproject+4 more 15Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+12 more May 6, 2026 Apr 30, 2014 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 Heap-based buffer overflow in the read_u32 function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to cause a denial of service (o...Show more Heap-based buffer overflow in the read_u32 function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG image.Show less
CVE-2014-1518 7Canonical DebianFedoraproject+4 more 15Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+12 more May 6, 2026 Apr 30, 2014 N/A· v4 8.8 HIGH· v3 9.3 HIGH· v2 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allow remote attackers to cause a denial of serv...Show more Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.Show less
CVE-2014-2440 3Mariadb OracleRedhat 9Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+6 more May 6, 2026 Apr 16, 2014 N/A· v4 N/A· v3 5.1 MEDIUM· v2 Unspecified vulnerability in the MySQL Client component in Oracle MySQL 5.5.36 and earlier and 5.6.16 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
CVE-2014-2438 3Mariadb OracleRedhat 8Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+5 more May 6, 2026 Apr 16, 2014 N/A· v4 N/A· v3 3.5 LOW· v2 Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Replication.
CVE-2014-2436 3Mariadb OracleRedhat 9Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+6 more May 6, 2026 Apr 16, 2014 N/A· v4 N/A· v3 6.5 MEDIUM· v2 Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to RBR.
CVE-2014-2432 3Mariadb OracleRedhat 9Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+6 more May 6, 2026 Apr 16, 2014 N/A· v4 N/A· v3 2.8 LOW· v2 Unspecified vulnerability Oracle the MySQL Server component 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Federated.
CVE-2014-2431 3Mariadb OracleRedhat 9Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+6 more May 6, 2026 Apr 16, 2014 N/A· v4 N/A· v3 2.6 LOW· v2 Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote attackers to affect availability via unknown vectors related to Options.
CVE-2014-2430 3Mariadb OracleRedhat 9Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+6 more May 6, 2026 Apr 16, 2014 N/A· v4 N/A· v3 3.5 LOW· v2 Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect availability via unknown vectors related to Performance Schema.
CVE-2014-2419 3Mariadb OracleRedhat 9Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+6 more May 6, 2026 Apr 16, 2014 N/A· v4 N/A· v3 4.0 MEDIUM· v2 Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.
CVE-2014-0384 3Mariadb OracleRedhat 8Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+5 more May 6, 2026 Apr 16, 2014 N/A· v4 N/A· v3 4.0 MEDIUM· v2 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to XML.
CVE-2013-5704 5Apache AppleCanonical+2 more 15Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+12 more May 6, 2026 Apr 15, 2014 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The mod_headers module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass "RequestHeader unset" directives by placing a header in the trailer portion of data sent with chunked transfer coding. NOTE: the...Show more The mod_headers module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass "RequestHeader unset" directives by placing a header in the trailer portion of data sent with chunked transfer coding. NOTE: the vendor states "this is not a security issue in httpd as such."Show less
CVE-2014-0160 13Broadcom CanonicalDebian+10 more 28Application Processing Engine Firmware Cp 1543 1 FirmwareDebian Linux+25 more Apr 21, 2026 Apr 7, 2014 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted pa...Show more The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.Show less
CVE-2014-2497 6Canonical DebianOracle+3 more 12Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+9 more May 6, 2026 Mar 21, 2014 N/A· v4 N/A· v3 4.3 MEDIUM· v2 The gdImageCreateFromXpm function in gdxpm.c in libgd, as used in PHP 5.4.26 and earlier, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted color table in...Show more The gdImageCreateFromXpm function in gdxpm.c in libgd, as used in PHP 5.4.26 and earlier, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted color table in an XPM file.Show less
CVE-2014-1514 6Canonical DebianMozilla+3 more 16Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+13 more May 6, 2026 Mar 19, 2014 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 vmtypedarrayobject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not validate the length of the destination array before a copy operation, which...Show more vmtypedarrayobject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not validate the length of the destination array before a copy operation, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write and application crash) by triggering incorrect use of the TypedArrayObject class.Show less
CVE-2014-1513 6Canonical DebianMozilla+3 more 16Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+13 more May 6, 2026 Mar 19, 2014 N/A· v4 8.8 HIGH· v3 9.3 HIGH· v2 TypedArrayObject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not prevent a zero-length transition during use of an ArrayBuffer object, which a...Show more TypedArrayObject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not prevent a zero-length transition during use of an ArrayBuffer object, which allows remote attackers to execute arbitrary code or cause a denial of service (heap-based out-of-bounds write or read) via a crafted web site.Show less

Previous 1...777879...93 Next