Enterprise_linux - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Enterprise_linux
(Redhat)

Repositories

• https://github.com/torvalds/linux
• https://github.com/Perl/perl5
• https://github.com/ceph/ceph
• https://github.com/ClusterLabs/pcs
• https://github.com/mjg59/linux

• https://github.com/apache/httpd
• https://github.com/opencontainers/runc
• https://github.com/bonzini/qemu
• https://github.com/codehaus-plexus/plexus-archiver
• https://github.com/openssh/openssh-portable
• https://github.com/kyz/libmspack
• https://github.com/git/git
• https://github.com/mysql/mysql-server
• https://github.com/neomutt/neomutt
• https://github.com/php/php-src
• https://github.com/vadz/libtiff
• https://github.com/numpy/numpy
• https://github.com/bagder/curl
• https://github.com/ClusterLabs/pacemaker
• https://github.com/hercules-team/augeas

#Vulnerabilities

1678

Date	Id	Summary	Products	Score	Patch	Annotated
2004-12-06	CVE-2004-0633	The iSNS dissector for Ethereal 0.10.3 through 0.10.4 allows remote attackers to cause a denial of service (process abort) via an integer overflow.	Ethereal, Linux, Mandrake_linux, Enterprise_linux, Linux_advanced_workstation	N/A
2004-12-15	CVE-2004-1142	Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet.	Alt_linux, Linux, Debian_linux, Ethereal, Enterprise_linux, Enterprise_linux_desktop, Linux_advanced_workstation, Propack, Suse_linux	N/A
2004-12-15	CVE-2004-1139	Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 through 0.10.7 allows remote attackers to cause a denial of service (application crash).	Alt_linux, Linux, Debian_linux, Ethereal, Enterprise_linux, Enterprise_linux_desktop, Linux_advanced_workstation, Propack, Suse_linux	N/A
2005-03-08	CVE-2005-0699	Multiple buffer overflows in the dissect_a11_radius function in the CDMA A11 (3G-A11) dissector (packet-3g-a11.c) for Ethereal 0.10.9 and earlier allow remote attackers to execute arbitrary code via RADIUS authentication packets with large length values.	Alt_linux, Linux, Ethereal, Enterprise_linux, Enterprise_linux_desktop, Linux_advanced_workstation	N/A
2006-10-10	CVE-2006-4997	The clip_mkip function in net/atm/clip.c of the ATM subsystem in Linux kernel allows remote attackers to cause a denial of service (panic) via unknown vectors that cause the ATM subsystem to access the memory of socket buffers after they are freed (freed pointer dereference).	Ubuntu_linux, Linux_kernel, Enterprise_linux	7.5
2004-08-18	CVE-2004-0421	The Portable Network Graphics library (libpng) 1.0.15 and earlier allows attackers to cause a denial of service (crash) via a malformed PNG image file that triggers an error that causes an out-of-bounds read when creating the error message.	Libpng, Openpkg, Enterprise_linux, Enterprise_linux_desktop, Libpng, Secure_linux	N/A
2009-04-09	CVE-2009-0846	The asn1_decode_generaltime function in lib/krb5/asn.1/asn1_decode.c in the ASN.1 GeneralizedTime decoder in MIT Kerberos 5 (aka krb5) before 1.6.4 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via vectors involving an invalid DER encoding that triggers a free of an uninitialized pointer.	Mac_os_x, Ubuntu_linux, Fedora, Kerberos_5, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_workstation	N/A
2018-01-09	CVE-2017-15129	A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel before 4.14.11. The function get_net_ns_by_id() in net/core/net_namespace.c does not check for the net::count value after it has found a peer network in netns_ids idr, which could lead to double free and memory corruption. This vulnerability could allow an unprivileged local user to induce kernel memory corruption on the system, leading to a crash. Due to the nature of the flaw, privilege...	Ubuntu_linux, Fedora, Linux_kernel, Enterprise_linux, Enterprise_linux_compute_node_eus, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_for_ibm_z_systems, Enterprise_linux_for_ibm_z_systems_eus, Enterprise_linux_for_power_big_endian, Enterprise_linux_for_power_big_endian_eus, Enterprise_linux_for_power_little_endian_eus, Enterprise_linux_for_real_time, Enterprise_linux_for_real_time_for_nfv, Enterprise_linux_for_scientific_computing, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_server_update_services_for_sap_solutions, Enterprise_linux_workstation	4.7
2010-03-05	CVE-2010-0302	Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS before 1.4.4, when kqueue or epoll is used, allows remote attackers to cause a denial of service (daemon crash or hang) via a client disconnection during listing of a large number of print jobs, related to improperly maintaining a reference count. NOTE: some of these details are obtained from third party information. NOTE: this...	Cups, Mac_os_x, Mac_os_x_server, Ubuntu_linux, Fedora, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_workstation	7.5
2005-02-09	CVE-2004-0977	The make_oidjoins_check script in PostgreSQL 7.4.5 and earlier allows local users to overwrite files via a symlink attack on temporary files.	Mandrake_linux, Mandrake_linux_corporate_server, Postgresql, Enterprise_linux, Enterprise_linux_desktop, Secure_linux	N/A