Vulnerabilities (CVE)

Vendor filter

Redhat Subscribe

Product filter

Enterprise Linux Subscribe

Filter

678 total CVE
CVE Vendors Products Updated CVSS
CVE-2016-0741 2 Fedoraproject, Redhat 6 389 Directory Server, Enterprise Linux Desktop, Enterprise Linux and 3 more 2016-10-12 7.8
slapd/connection.c in 389 Directory Server (formerly Fedora Directory Server) 1.3.4.x before 1.3.4.7 allows remote attackers to cause a denial of service (infinite loop and connection blocking) by leveraging an abnormally closed connection.
CVE-2012-2313 3 Linux, Novell, Redhat 8 Linux Kernel, Enterprise Linux Desktop, Enterprise Linux and 5 more 2016-09-06 1.2
The rio_ioctl function in drivers/net/ethernet/dlink/dl2k.c in the Linux kernel before 3.3.7 does not restrict access to the SIOCSMIIREG command, which allows local users to write data to an Ethernet adapter via an ioctl call.
CVE-2004-2771 4 Heirloom, Oracle, Bsd Mailx Project and 1 more 4 Enterprise Linux, Bsd Mailx, Mailx and 1 more 2014-12-29 7.5
The expand function in fio.c in Heirloom mailx 12.5 and earlier and BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in an email address.
CVE-2014-0186 1 Redhat 1 Enterprise Linux 2014-06-16 5.0
A certain tomcat7 package for Apache Tomcat 7 in Red Hat Enterprise Linux (RHEL) 7 allows remote attackers to cause a denial of service (CPU consumption) via a crafted request. NOTE: this vulnerability exists because of an unspecified regression.
CVE-2011-3346 3 Qemu, Xen, Redhat 3 Enterprise Linux, Xen, Qemu 2014-04-01 4.0
Buffer overflow in hw/scsi-disk.c in the SCSI subsystem in QEMU before 0.15.2, as used by Xen, might allow local guest users with permission to access the CD-ROM to cause a denial of service (guest crash) via a crafted SAI READ CAPACITY SCSI...
CVE-2013-7347 1 Redhat 2 Enterprise Linux, Conga 2014-03-31 3.7
Luci in Red Hat Conga does not properly enforce the user session timeout, which might allow attackers to gain access to the session by reading the __ac session cookie. NOTE: this issue has been SPLIT due to different vulnerability types. Use...
CVE-2012-3359 1 Redhat 2 Enterprise Linux, Conga 2014-03-31 3.7
Luci in Red Hat Conga stores the user's username and password in a Base64 encoded string in the __ac session cookie, which allows attackers to gain privileges by accessing this cookie. NOTE: this issue has been SPLIT due to different...
CVE-2011-2482 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2013-12-31 7.8
A certain Red Hat patch to the sctp_sock_migrate function in net/sctp/socket.c in the Linux kernel before 2.6.21, as used in Red Hat Enterprise Linux (RHEL) 5, allows remote attackers to cause a denial of service (NULL pointer dereference and...
CVE-2011-2519 2 Linux, Redhat 2 Enterprise Linux, Linux Kernel 2013-12-27 5.2
Xen in the Linux kernel, when running a guest on a host without hardware assisted paging (HAP), allows guest users to cause a denial of service (invalid pointer dereference and hypervisor crash) via the SAHF instruction.
CVE-2011-2942 2 Linux, Redhat 2 Enterprise Linux, Linux Kernel 2013-06-10 6.8
A certain Red Hat patch to the __br_deliver function in net/bridge/br_forward.c in the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or...
CVE-2012-2124 2 Squirrelmail, Redhat 2 Squirrelmail, Enterprise Linux 2013-01-18 5.0
functions/imap_general.php in SquirrelMail, as used in Red Hat Enterprise Linux (RHEL) 4 and 5, does not properly handle 8-bit characters in passwords, which allows remote attackers to cause a denial of service (disk consumption) by making many...
CVE-2007-1865 1 Redhat 1 Enterprise Linux 2008-11-13 1.9
** DISPUTED ** The ipv6_getsockopt_sticky function in the kernel in Red Hat Enterprise Linux (RHEL) Beta 5.1.0 allows local users to obtain sensitive information (kernel memory contents) via a negative value of the len parameter. NOTE: this...
CVE-2003-0689 1 Redhat 1 Enterprise Linux 2008-09-10 7.5
The getgrouplist function in GNU libc (glibc) 2.2.4 and earlier allows attackers to cause a denial of service (segmentation fault) and execute arbitrary code when a user is a member of a large number of groups, which can cause a buffer overflow.
CVE-2007-0004 1 Redhat 1 Enterprise Linux 2008-09-05 1.9
The NFS client implementation in the kernel in Red Hat Enterprise Linux (RHEL) 3, when a filesystem is mounted with the noacl option, checks permissions for the open system call via vfs_permission (mode bits) data rather than an NFS ACCESS call...
CVE-2005-1061 2 Logwatch, Redhat 3 Enterprise Linux, Logwatch, Linux Advanced Workstation 2008-09-05 5.0
The secure script in LogWatch before 2.6-2 allows attackers to prevent LogWatch from detecting malicious activity via certain strings in the secure file that are later used as part of a regular expression, which causes the parser to crash, aka...
CVE-2005-0667 5 Gentoo, Altlinux, Sylpheed and 2 more 7 Linux Advanced Workstation, Linux, Sylpheed and 4 more 2008-09-05 5.1
Buffer overflow in Sylpheed before 1.0.3 and other versions before 1.9.5 allows remote attackers to execute arbitrary code via an e-mail message with certain headers containing non-ASCII characters that are not properly handled when the user...
CVE-2003-1295 2 Suse, Redhat 2 Suse Linux, Enterprise Linux 2008-09-05 2.1
Unspecified vulnerability in xscreensaver 4.12, and possibly other versions, allows attackers to cause xscreensaver to crash via unspecified vectors "while verifying the user-password."
CVE-2003-0857 1 Redhat 1 Enterprise Linux 2008-09-05 4.6
The (1) ipq_read and (2) ipulog_read functions in iptables allow local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface.