Filtered by vendor Redhat
Subscriptions
Filtered by product Enterprise Linux Eus
Subscriptions
Total
788 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-15129 | 4 Canonical, Fedoraproject, Linux and 1 more | 22 Ubuntu Linux, Fedora, Linux Kernel and 19 more | 2024-11-21 | 4.7 Medium |
| A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel before 4.14.11. The function get_net_ns_by_id() in net/core/net_namespace.c does not check for the net::count value after it has found a peer network in netns_ids idr, which could lead to double free and memory corruption. This vulnerability could allow an unprivileged local user to induce kernel memory corruption on the system, leading to a crash. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although it is thought to be unlikely. | ||||
| CVE-2016-9901 | 2 Mozilla, Redhat | 8 Firefox, Firefox Esr, Enterprise Linux and 5 more | 2024-11-21 | N/A |
| HTML tags received from the Pocket server will be processed without sanitization and any JavaScript code executed will be run in the "about:pocket-saved" (unprivileged) page, giving it access to Pocket's messaging API through HTML injection. This vulnerability affects Firefox ESR < 45.6 and Firefox < 50.1. | ||||
| CVE-2016-2124 | 5 Canonical, Debian, Fedoraproject and 2 more | 26 Ubuntu Linux, Debian Linux, Fedora and 23 more | 2024-11-21 | 5.9 Medium |
| A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the plaintext password sent over the wire even if Kerberos authentication was required. | ||||
| CVE-2015-5160 | 2 Libvirt, Redhat | 11 Libvirt, Enterprise Linux, Enterprise Linux Desktop and 8 more | 2024-11-21 | N/A |
| libvirt before 2.2 includes Ceph credentials on the qemu command line when using RADOS Block Device (aka RBD), which allows local users to obtain sensitive information via a process listing. | ||||
| CVE-2015-1931 | 3 Ibm, Redhat, Suse | 10 Java Sdk, Enterprise Linux Desktop, Enterprise Linux Eus and 7 more | 2024-11-21 | 5.5 Medium |
| IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR1 FP10, 7 R1 before SR3 FP10, 7 before SR9 FP10, 6 R1 before SR8 FP7, 6 before SR16 FP7, and 5.0 before SR16 FP13 stores plaintext information in memory dumps, which allows local users to obtain sensitive information by reading a file. | ||||
| CVE-2014-0148 | 2 Qemu, Redhat | 11 Qemu, Enterprise Linux, Enterprise Linux Desktop and 8 more | 2024-11-21 | 5.5 Medium |
| Qemu before 2.0 block driver for Hyper-V VHDX Images is vulnerable to infinite loops and other potential issues when calculating BAT entries, due to missing bounds checks for block_size and logical_sector_size variables. These are used to derive other fields like 'sectors_per_block' etc. A user able to alter the Qemu disk image could ise this flaw to crash the Qemu instance resulting in DoS. | ||||
| CVE-2014-0147 | 3 Fedoraproject, Qemu, Redhat | 12 Fedora, Qemu, Enterprise Linux and 9 more | 2024-11-21 | 6.2 Medium |
| Qemu before 1.6.2 block diver for the various disk image formats used by Bochs and for the QCOW version 2 format, are vulnerable to a possible crash caused by signed data types or a logic error while creating QCOW2 snapshots, which leads to incorrectly calling update_refcount() routine. | ||||
| CVE-2014-0144 | 2 Qemu, Redhat | 11 Qemu, Enterprise Linux, Enterprise Linux Desktop and 8 more | 2024-11-21 | 8.6 High |
| QEMU before 2.0.0 block drivers for CLOOP, QCOW2 version 2 and various other image formats are vulnerable to potential memory corruptions, integer/buffer overflows or crash caused by missing input validations which could allow a remote user to execute arbitrary code on the host with the privileges of the QEMU process. | ||||