Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Redhat Subscribe
Filtered by product Enterprise Linux Workstation
Total 1787 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-4599 2 Php, Redhat 7 Php, Enterprise Linux Desktop, Enterprise Linux Hpc Node and 4 more 2018-01-04 10.0 HIGH 9.8 CRITICAL
The SoapFault::__toString method in ext/soap/soap.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to obtain sensitive information, cause a denial of service (application crash), or possibly execute arbitrary code via an unexpected data type, related to a "type confusion" issue.
CVE-2015-4600 2 Php, Redhat 7 Php, Enterprise Linux Desktop, Enterprise Linux Hpc Node and 4 more 2018-01-04 10.0 HIGH 9.8 CRITICAL
The SoapClient implementation in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to "type confusion" issues in the (1) SoapClient::__getLastRequest, (2) SoapClient::__getLastResponse, (3) SoapClient::__getLastRequestHeaders, (4) SoapClient::__getLastResponseHeaders, (5) SoapClient::__getCookies, and (6) SoapClient::__setCookie methods.
CVE-2016-4302 2 Libarchive, Redhat 8 Libarchive, Enterprise Linux Desktop, Enterprise Linux Hpc Node and 5 more 2017-11-03 6.8 MEDIUM 7.8 HIGH
Heap-based buffer overflow in the parse_codes function in archive_read_support_format_rar.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a RAR file with a zero-sized dictionary.
CVE-2016-4300 2 Libarchive, Redhat 8 Libarchive, Enterprise Linux Desktop, Enterprise Linux Hpc Node and 5 more 2017-11-03 6.8 MEDIUM 7.8 HIGH
Integer overflow in the read_SubStreamsInfo function in archive_read_support_format_7zip.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a 7zip file with a large number of substreams, which triggers a heap-based buffer overflow.
CVE-2015-5261 4 Canonical, Debian, Redhat and 1 more 9 Ubuntu Linux, Debian Linux, Enterprise Linux Desktop and 6 more 2017-09-15 3.6 LOW 7.1 HIGH
Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to read and write to arbitrary memory locations on the host via guest QXL commands related to surface creation.
CVE-2015-8317 5 Canonical, Debian, Hp and 2 more 9 Ubuntu Linux, Debian Linux, Icewall Federation Agent and 6 more 2017-09-13 5.0 MEDIUM N/A
The xmlParseXMLDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive information via an (1) unterminated encoding value or (2) incomplete XML declaration in XML data, which triggers an out-of-bounds heap read.
CVE-2015-8241 5 Canonical, Debian, Hp and 2 more 9 Ubuntu Linux, Debian Linux, Icewall Federation Agent and 6 more 2017-09-13 6.4 MEDIUM N/A
The xmlNextChar function in libxml2 2.9.2 does not properly check the state, which allows context-dependent attackers to cause a denial of service (heap-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.
CVE-2014-4975 4 Canonical, Debian, Redhat and 1 more 7 Ubuntu Linux, Debian Linux, Enterprise Linux Desktop and 4 more 2017-08-28 5.0 MEDIUM N/A
Off-by-one error in the encodes function in pack.c in Ruby 1.9.3 and earlier, and 2.x through 2.1.2, when using certain format string specifiers, allows context-dependent attackers to cause a denial of service (segmentation fault) via vectors that trigger a stack-based buffer overflow.
CVE-2012-6137 1 Redhat 9 Enterprise Linux, Enterprise Linux Desktop, Enterprise Linux Eus and 6 more 2017-08-28 4.3 MEDIUM N/A
rhn-migrate-classic-to-rhsm tool in Red Hat subscription-manager does not verify the Red Hat Network Classic server's X.509 certificate when migrating to a Certificate-based Red Hat Network, which allows remote man-in-the-middle attackers to obtain sensitive information such as user credentials.
CVE-2016-7796 3 Novell, Redhat, Systemd Project 9 Suse Linux Enterprise Desktop, Suse Linux Enterprise Server, Suse Linux Enterprise Server For Sap and 6 more 2017-07-27 4.9 MEDIUM 5.5 MEDIUM
The manager_dispatch_notify_fd function in systemd allows local users to cause a denial of service (system hang) via a zero-length message received over a notify socket, which causes an error to be returned and the notification handler to be disabled.
CVE-2015-7981 4 Canonical, Debian, Libpng and 1 more 10 Ubuntu Linux, Debian Linux, Libpng and 7 more 2017-06-30 5.0 MEDIUM N/A
The png_convert_to_rfc1123 function in png.c in libpng 1.0.x before 1.0.64, 1.2.x before 1.2.54, and 1.4.x before 1.4.17 allows remote attackers to obtain sensitive process memory information via crafted tIME chunk data in an image file, which triggers an out-of-bounds read.
CVE-2016-7050 1 Redhat 4 Enterprise Linux Desktop, Enterprise Linux Hpc Node, Enterprise Linux Server and 1 more 2017-06-16 7.5 HIGH 9.8 CRITICAL
SerializableProvider in RESTEasy in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux Workstation 7 allows remote attackers to execute arbitrary code.
CVE-2016-5410 2 Firewalld, Redhat 5 Firewalld, Enterprise Linux Desktop, Enterprise Linux Hpc Node and 2 more 2017-04-25 2.1 LOW 5.5 MEDIUM
firewalld.py in firewalld before 0.4.3.3 allows local users to bypass authentication and modify firewall configurations via the (1) addPassthrough, (2) removePassthrough, (3) addEntry, (4) removeEntry, or (5) setEntries D-Bus API method.
CVE-2016-4989 2 Redhat, Setroubleshoot Project 5 Enterprise Linux Desktop, Enterprise Linux Hpc Node, Enterprise Linux Server and 2 more 2017-04-17 6.9 MEDIUM 7.0 HIGH
setroubleshoot allows local users to bypass an intended container protection mechanism and execute arbitrary commands by (1) triggering an SELinux denial with a crafted file name, which is handled by the _set_tpath function in audit_data.py or via a crafted (2) local_id or (3) analysis_id field in a crafted XML document to the run_fix function in SetroubleshootFixit.py, related to the subprocess.check_output and commands.getstatusoutput functions, a different vulnerability than CVE-2016-4445.
CVE-2016-4446 2 Redhat, Setroubleshoot Project 5 Enterprise Linux Desktop, Enterprise Linux Hpc Node, Enterprise Linux Server and 2 more 2017-04-17 6.9 MEDIUM 7.0 HIGH
The allow_execstack plugin for setroubleshoot allows local users to execute arbitrary commands by triggering an execstack SELinux denial with a crafted filename, related to the commands.getoutput function.
CVE-2016-4445 2 Redhat, Setroubleshoot Project 5 Enterprise Linux Desktop, Enterprise Linux Hpc Node, Enterprise Linux Server and 2 more 2017-04-17 6.9 MEDIUM 7.0 HIGH
The fix_lookup_id function in sealert in setroubleshoot before 3.2.23 allows local users to execute arbitrary commands as root by triggering an SELinux denial with a crafted file name, related to executing external commands with the commands.getstatusoutput function.
CVE-2016-4444 2 Redhat, Setroubleshoot Project 5 Enterprise Linux Desktop, Enterprise Linux Hpc Node, Enterprise Linux Server and 2 more 2017-04-17 6.9 MEDIUM 7.0 HIGH
The allow_execmod plugin for setroubleshoot before 3.2.23 allows local users to execute arbitrary commands by triggering an execmod SELinux denial with a crafted binary filename, related to the commands.getstatusoutput function.
CVE-2014-8108 3 Apache, Apple, Redhat 6 Subversion, Xcode, Enterprise Linux Desktop and 3 more 2017-01-02 5.0 MEDIUM N/A
The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.7.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a request for a URI that triggers a lookup for a virtual transaction name that does not exist.
CVE-2014-3580 4 Apache, Apple, Debian and 1 more 8 Subversion, Xcode, Debian Linux and 5 more 2016-12-23 5.0 MEDIUM N/A
The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a REPORT request for a resource that does not exist.
CVE-2016-7091 1 Redhat 5 Enterprise Linux, Enterprise Linux Desktop, Enterprise Linux Hpc Node and 2 more 2016-12-23 4.9 MEDIUM 4.4 MEDIUM
sudo: It was discovered that the default sudo configuration on Red Hat Enterprise Linux and possibly other Linux implementations preserves the value of INPUTRC which could lead to information disclosure. A local user with sudo access to a restricted program that uses readline could use this flaw to read content from specially formatted files with elevated privileges provided by sudo.