Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Redhat Subscribe
Filtered by product Enterprise Linux Hpc Node
Total 149 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-2301 6 Apple, Canonical, Debian and 3 more 11 Mac Os X, Ubuntu Linux, Debian Linux and 8 more 2022-08-16 7.5 HIGH N/A
Use-after-free vulnerability in the phar_rename_archive function in phar_object.c in PHP before 5.5.22 and 5.6.x before 5.6.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an attempted renaming of a Phar archive to the name of an existing file.
CVE-2015-4819 6 Canonical, Debian, Fedoraproject and 3 more 14 Ubuntu Linux, Debian Linux, Fedora and 11 more 2022-07-01 7.2 HIGH N/A
Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier, and 5.6.25 and earlier, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Client programs.
CVE-2012-1703 3 Mariadb, Oracle, Redhat 7 Mariadb, Mysql, Enterprise Linux Desktop and 4 more 2022-07-01 6.8 MEDIUM N/A
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer, a different vulnerability than CVE-2012-1690.
CVE-2015-4142 3 Opensuse, Redhat, W1.fi 7 Opensuse, Enterprise Linux Desktop, Enterprise Linux Hpc Node and 4 more 2022-05-17 4.3 MEDIUM N/A
Integer underflow in the WMM Action frame parser in hostapd 0.5.5 through 2.4 and wpa_supplicant 0.7.0 through 2.4, when used for AP mode MLME/SME functionality, allows remote attackers to cause a denial of service (crash) via a crafted frame, which triggers an out-of-bounds read.
CVE-2016-0636 2 Oracle, Redhat 7 Jdk, Jre, Enterprise Linux Desktop and 4 more 2022-05-13 9.3 HIGH 8.1 HIGH
Unspecified vulnerability in Oracle Java SE 7u97, 8u73, and 8u74 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to the Hotspot sub-component.
CVE-2016-0695 2 Oracle, Redhat 12 Jdk, Jre, Jrockit and 9 more 2022-05-13 2.6 LOW 5.9 MEDIUM
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality via vectors related to Security.
CVE-2015-8540 4 Debian, Fedoraproject, Libpng and 1 more 7 Debian Linux, Fedora, Libpng and 4 more 2021-06-29 9.3 HIGH 8.8 HIGH
Integer underflow in the png_check_keyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x before 1.0.66, 1.1.x and 1.2.x before 1.2.56, 1.3.x and 1.4.x before 1.4.19, and 1.5.x before 1.5.26 allows remote attackers to have unspecified impact via a space character as a keyword in a PNG image, which triggers an out-of-bounds read.
CVE-2016-6489 3 Canonical, Nettle Project, Redhat 6 Ubuntu Linux, Nettle, Enterprise Linux Desktop and 3 more 2020-11-16 5.0 MEDIUM 7.5 HIGH
The RSA and DSA decryption code in Nettle makes it easier for attackers to discover private keys via a cache side channel attack.
CVE-2016-0764 1 Redhat 5 Enterprise Linux Desktop, Enterprise Linux Hpc Node, Enterprise Linux Server and 2 more 2020-07-01 2.1 LOW 6.2 MEDIUM
Race condition in Network Manager before 1.0.12 as packaged in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux Workstation 7 allows local users to obtain sensitive connection information by reading temporary files during ifcfg and keyfile changes.
CVE-2014-4344 3 Debian, Mit, Redhat 6 Debian Linux, Kerberos 5, Enterprise Linux Desktop and 3 more 2020-01-21 7.8 HIGH N/A
The acc_ctx_cont function in the SPNEGO acceptor in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.5.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty continuation token at a certain point during a SPNEGO negotiation.
CVE-2014-4343 3 Debian, Mit, Redhat 6 Debian Linux, Kerberos 5, Enterprise Linux Desktop and 3 more 2020-01-21 7.6 HIGH N/A
Double free vulnerability in the init_ctx_reselect function in the SPNEGO initiator in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.10.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via network traffic that appears to come from an intended acceptor, but specifies a security mechanism different from the one proposed by the initiator.
CVE-2014-4342 3 Debian, Mit, Redhat 7 Debian Linux, Kerberos, Kerberos 5 and 4 more 2020-01-21 5.0 MEDIUM N/A
MIT Kerberos 5 (aka krb5) 1.7.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (buffer over-read or NULL pointer dereference, and application crash) by injecting invalid tokens into a GSSAPI application session.
CVE-2016-4809 3 Libarchive, Oracle, Redhat 9 Libarchive, Linux, Enterprise Linux Desktop and 6 more 2019-12-27 5.0 MEDIUM 7.5 HIGH
The archive_read_format_cpio_read_header function in archive_read_support_format_cpio.c in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a CPIO archive with a large symlink.
CVE-2016-5418 3 Libarchive, Oracle, Redhat 10 Libarchive, Linux, Enterprise Linux Desktop and 7 more 2019-12-27 5.0 MEDIUM 7.5 HIGH
The sandboxing code in libarchive 3.2.0 and earlier mishandles hardlink archive entries of non-zero data size, which might allow remote attackers to write to arbitrary files via a crafted archive file.
CVE-2016-5844 3 Libarchive, Oracle, Redhat 10 Libarchive, Linux, Solaris and 7 more 2019-12-27 4.3 MEDIUM 6.5 MEDIUM
Integer overflow in the ISO parser in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a crafted ISO file.
CVE-2016-7166 3 Libarchive, Oracle, Redhat 9 Libarchive, Linux, Enterprise Linux Desktop and 6 more 2019-12-27 4.3 MEDIUM 5.5 MEDIUM
libarchive before 3.2.0 does not limit the number of recursive decompressions, which allows remote attackers to cause a denial of service (memory consumption and application crash) via a crafted gzip file.
CVE-2015-4024 5 Apple, Hp, Oracle and 2 more 12 Mac Os X, System Management Homepage, Linux and 9 more 2019-12-27 5.0 MEDIUM N/A
Algorithmic complexity vulnerability in the multipart_buffer_headers function in main/rfc1867.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote attackers to cause a denial of service (CPU consumption) via crafted form data that triggers an improper order-of-growth outcome.
CVE-2016-0609 6 Canonical, Debian, Mariadb and 3 more 16 Ubuntu Linux, Debian Linux, Mariadb and 13 more 2019-12-27 1.7 LOW N/A
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to privileges.
CVE-2015-3330 4 Apple, Oracle, Php and 1 more 11 Mac Os X, Linux, Solaris and 8 more 2019-12-27 6.8 MEDIUM N/A
The php_handler function in sapi/apache2handler/sapi_apache2.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, when the Apache HTTP Server 2.4.x is used, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via pipelined HTTP requests that result in a "deconfigured interpreter."
CVE-2016-0616 6 Canonical, Debian, Mariadb and 3 more 14 Ubuntu Linux, Debian Linux, Mariadb and 11 more 2019-12-27 4.0 MEDIUM N/A
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to Optimizer.