Product:

Enterprise_linux_workstation

(Redhat)
Repositories https://github.com/torvalds/linux
https://github.com/krb5/krb5
https://github.com/ceph/ceph
https://github.com/libarchive/libarchive
https://github.com/kyz/libmspack
https://github.com/LibRaw/LibRaw
https://github.com/rubygems/rubygems
https://github.com/madler/zlib
https://github.com/fedora-selinux/setroubleshoot
https://github.com/mdadams/jasper
https://github.com/ntp-project/ntp
https://github.com/neomutt/neomutt
https://github.com/mm2/Little-CMS
https://github.com/openbsd/src
https://github.com/abrt/abrt
https://github.com/mysql/mysql-server
https://github.com/dajobe/raptor
https://github.com/qos-ch/slf4j
• git://git.openssl.org/openssl.git
https://github.com/uclouvain/openjpeg
https://github.com/SELinuxProject/selinux
https://github.com/FreeRDP/FreeRDP
https://github.com/Perl/perl5
https://github.com/codehaus-plexus/plexus-archiver
https://github.com/jpirko/libndp
https://github.com/candlepin/subscription-manager
https://github.com/dogtagpki/pki
https://github.com/szukw000/openjpeg
https://github.com/rpm-software-management/yum-utils
https://github.com/sosreport/sos-collector
https://github.com/requests/requests
https://github.com/glennrp/libpng
https://github.com/paramiko/paramiko
https://github.com/mjg59/linux
https://github.com/ImageMagick/ImageMagick
https://github.com/git/git
https://github.com/karelzak/util-linux
https://github.com/GNOME/evince
https://git.savannah.gnu.org/git/patch.git
https://github.com/UNINETT/mod_auth_mellon
https://github.com/flori/json
https://github.com/flatpak/flatpak
https://github.com/libguestfs/hivex
https://github.com/vadz/libtiff
https://github.com/jquery/jquery-ui
#Vulnerabilities 1815
Date Id Summary Products Score Patch Annotated
2015-12-02 CVE-2015-8391 The pcre_compile function in pcre_compile.c in PCRE before 8.38 mishandles certain [: nesting, which allows remote attackers to cause a denial of service (CPU consumption) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror. Fedora, Linux, Pcre, Php, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation 9.8
2018-09-25 CVE-2018-14633 A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes of the stack. The attack requires the iSCSI target to be enabled on the victim host. Depending on how the target's code was built (i.e. depending on a compiler, compile flags and hardware architecture) an attack may... Ubuntu_linux, Debian_linux, Linux_kernel, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation 7.0
2005-08-05 CVE-2005-1268 Off-by-one error in the mod_ssl Certificate Revocation List (CRL) verification callback in Apache, when configured to use a CRL, allows remote attackers to cause a denial of service (child process crash) via a CRL that causes a buffer overflow of one null byte. Http_server, Debian_linux, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation N/A
2005-10-25 CVE-2005-2970 Memory leak in the worker MPM (worker.c) for Apache 2, in certain circumstances, allows remote attackers to cause a denial of service (memory consumption) via aborted connections, which prevents the memory for the transaction pool from being reused for other connections. Http_server, Ubuntu_linux, Fedora_core, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation N/A
2008-06-13 CVE-2008-2364 The ap_proxy_http_process_response function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server 2.0.63 and 2.2.8 does not limit the number of forwarded interim responses, which allows remote HTTP servers to cause a denial of service (memory consumption) via a large number of interim responses. Http_server, Ubuntu_linux, Fedora, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_workstation N/A
2008-08-08 CVE-2008-3272 The snd_seq_oss_synth_make_info function in sound/core/seq/oss/seq_oss_synth.c in the sound subsystem in the Linux kernel before 2.6.27-rc2 does not verify that the device number is within the range defined by max_synthdev before returning certain data to the caller, which allows local users to obtain sensitive information. Ubuntu_linux, Debian_linux, Linux_kernel, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_workstation N/A
2009-07-05 CVE-2009-1890 The stream_reqbody_cl function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server before 2.3.3, when a reverse proxy is configured, does not properly handle an amount of streamed data that exceeds the Content-Length value, which allows remote attackers to cause a denial of service (CPU consumption) via crafted requests. Http_server, Ubuntu_linux, Debian_linux, Fedora, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_workstation N/A
2009-07-10 CVE-2009-1891 The mod_deflate module in Apache httpd 2.2.11 and earlier compresses large files until completion even after the associated network connection is closed, which allows remote attackers to cause a denial of service (CPU consumption). Http_server, Ubuntu_linux, Debian_linux, Fedora, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_workstation N/A
2009-10-20 CVE-2009-2910 arch/x86/ia32/ia32entry.S in the Linux kernel before 2.6.31.4 on the x86_64 platform does not clear certain kernel registers before a return to user mode, which allows local users to read register values from an earlier process by switching an ia32 process to 64-bit mode. Ubuntu_linux, Fedora, Linux_kernel, Opensuse, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_workstation, Virtualization, Linux_enterprise_debuginfo, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit N/A
2010-12-23 CVE-2010-3881 arch/x86/kvm/x86.c in the Linux kernel before 2.6.36.2 does not initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory via read operations on the /dev/kvm device. Linux_kernel, Enterprise_linux_server, Enterprise_linux_workstation, Suse_linux_enterprise_desktop, Suse_linux_enterprise_high_availability_extension, Suse_linux_enterprise_server N/A