||8 Enterprise Linux Desktop, Enterprise Linux, Enterprise Linux Server Aus and 5 more
|The calloc function in the glibc package in Red Hat Enterprise Linux (RHEL) 6.7 and 7.2 does not properly initialize memory areas, which might allow context-dependent attackers to cause a denial of service (hang or crash) via unspecified vectors.
||2 Openldap, Redhat
||5 Enterprise Linux Server, Enterprise Linux Desktop, Enterprise Linux Workstation and 2 more
|The nss_parse_ciphers function in libraries/libldap/tls_m.c in OpenLDAP does not properly parse OpenSSL-style multi-keyword mode cipher strings, which might cause a weaker than intended cipher to be used and allow remote attackers to have...
||2 Fedoraproject, Redhat
||6 389 Directory Server, Enterprise Linux Desktop, Enterprise Linux and 3 more
|slapd/connection.c in 389 Directory Server (formerly Fedora Directory Server) 1.3.4.x before 22.214.171.124 allows remote attackers to cause a denial of service (infinite loop and connection blocking) by leveraging an abnormally closed connection.
||4 Libndp, Debian, Canonical and 1 more
||10 Ubuntu Linux, Debian Linux, Enterprise Linux Desktop and 7 more
|libndp before 1.6, as used in NetworkManager, does not properly validate the origin of Neighbor Discovery Protocol (NDP) messages, which allows remote attackers to conduct man-in-the-middle attacks or cause a denial of service (network...
||3 Linux, Novell, Redhat
||8 Linux Kernel, Enterprise Linux Desktop, Enterprise Linux and 5 more
|The rio_ioctl function in drivers/net/ethernet/dlink/dl2k.c in the Linux kernel before 3.3.7 does not restrict access to the SIOCSMIIREG command, which allows local users to write data to an Ethernet adapter via an ioctl call.
||2 Gnome, Redhat
||5 Gnome-shell, Enterprise Linux Server, Enterprise Linux Desktop and 2 more
|GNOME Shell 3.14.x before 3.14.1, when the Screen Lock feature is used, does not limit the aggregate memory consumption of all active PrtSc requests, which allows physically proximate attackers to execute arbitrary commands on an unattended...
||2 Virt-who Project, Redhat
||4 Enterprise Linux Desktop, Enterprise Linux Workstation, Virt-who and 1 more
|virt-who uses world-readable permissions for /etc/sysconfig/virt-who, which allows local users to obtain password for hypervisors by reading the file.
||3 Linux, Canonical, Redhat
||6 Ubuntu Linux, Linux Kernel, Enterprise Linux Desktop and 3 more
|The SMB2_tcon function in fs/cifs/smb2pdu.c in the Linux kernel before 3.16.3 allows remote CIFS servers to cause a denial of service (NULL pointer dereference and client system crash) or possibly have unspecified other impact by deleting the...
||3 Canonical, Isc, Redhat
||8 Ubuntu Linux, Enterprise Linux Desktop, Enterprise Linux Server Aus and 5 more
|ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain configurations involving DNS64 with a Response Policy Zone that lacks an AAAA rewrite rule, allows remote attackers to cause a denial of service (assertion failure and named...
||3 Libwpd, Apache, Redhat
||4 Enterprise Linux Optional Productivity Applications, Libwpd, Enterprise Linux Desktop and 1 more
|The WPXContentListener::_closeTableRow function in WPXContentListener.cpp in libwpd 0.8.8, as used by OpenOffice.org (OOo) before 3.4, allows remote attackers to execute arbitrary code via a crafted Wordperfect .WPD document that causes a...