Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Enterprise_linux_server
(Redhat)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2012-06-05 | CVE-2012-0260 | The JPEGWarningHandler function in coders/jpeg.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (memory consumption) via a JPEG image with a crafted sequence of restart markers. | Ubuntu_linux, Debian_linux, Imagemagick, Opensuse, Enterprise_linux_aus, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_eus, Enterprise_linux_workstation, Storage | N/A | ||
| 2012-06-05 | CVE-2012-0248 | ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted image whose IFD contains IOP tags that all reference the beginning of the IDF. | Ubuntu_linux, Debian_linux, Imagemagick, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_workstation, Storage | N/A | ||
| 2012-06-05 | CVE-2012-0247 | ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset and count values in the ResolutionUnit tag in the EXIF IFD0 of an image. | Ubuntu_linux, Debian_linux, Imagemagick, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_workstation, Storage | N/A | ||
| 2010-12-07 | CVE-2010-4494 | Double free vulnerability in libxml2 2.7.8 and other versions, as used in Google Chrome before 8.0.552.215 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling. | Openoffice, Iphone_os, Itunes, Mac_os_x, Safari, Debian_linux, Fedora, Chrome, Insight_control_server_deployment, Rapid_deployment_pack, Opensuse, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_workstation, Suse_linux_enterprise_server, Libxml2 | N/A | ||
| 2018-05-10 | CVE-2017-18267 | The FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc in Poppler through 0.64.0 allows remote attackers to cause a denial of service (infinite recursion) via a crafted PDF file, as demonstrated by pdftops. | Ubuntu_linux, Debian_linux, Poppler, Ansible_tower, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation | 5.5 | ||
| 2018-03-30 | CVE-2018-7566 | The Linux kernel 4.15 has a Buffer Overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user. | Ubuntu_linux, Debian_linux, Linux_kernel, Communications_eagle_application_processor, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Linux_enterprise_module_for_public_cloud, Linux_enterprise_server | 7.8 | ||
| 2018-04-17 | CVE-2018-6798 | An issue was discovered in Perl 5.22 through 5.26. Matching a crafted locale dependent regular expression can cause a heap-based buffer over-read and potentially information disclosure. | Ubuntu_linux, Debian_linux, Perl, Enterprise_linux_server, Enterprise_linux_workstation | 7.5 | ||
| 2018-04-17 | CVE-2018-6797 | An issue was discovered in Perl 5.18 through 5.26. A crafted regular expression can cause a heap-based buffer overflow, with control over the bytes written. | Ubuntu_linux, Debian_linux, Perl, Enterprise_linux_server, Enterprise_linux_workstation | 9.8 | ||
| 2018-01-18 | CVE-2016-6814 | When an application with unsupported Codehaus versions of Groovy from 1.7.0 to 2.4.3, Apache Groovy 2.4.4 to 2.4.7 on classpath uses standard Java serialization mechanisms, e.g. to communicate between servers or to store local data, it was possible for an attacker to bake a special serialized object that will execute code directly when deserialized. All applications which rely on serialization and do not isolate the code which deserializes objects were subject to this vulnerability. | Groovy, Enterprise_linux_server | 9.8 | ||
| 2018-02-01 | CVE-2018-6485 | An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a heap area that is too small, potentially leading to heap corruption. | Glibc, Cloud_backup, Data_ontap_edge, Element_software, Element_software_management, Steelstore_cloud_integrated_storage, Storage_replication_adapter, Vasa_provider, Virtual_storage_console, Communications_session_border_controller, Enterprise_communications_broker, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Virtualization_host | 9.8 |