VYPR

Enterprise Linux Hpc Node

by Red Hat

CVEs (143)

  • CVE-2015-4603CriMay 16, 2016
    risk 0.65cvss 9.8epss 0.11

    The exception::getTraceAsString function in Zend/zend_exceptions.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to execute arbitrary code via an unexpected data type, related to a "type confusion" issue.

  • CVE-2015-4602CriMay 16, 2016
    risk 0.65cvss 9.8epss 0.11

    The __PHP_Incomplete_Class function in ext/standard/incomplete_class.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type,…

  • CVE-2015-4600CriMay 16, 2016
    risk 0.65cvss 9.8epss 0.11

    The SoapClient implementation in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to "type confusion" issues in the (1)…

  • CVE-2015-4599CriMay 16, 2016
    risk 0.65cvss 9.8epss 0.11

    The SoapFault::__toString method in ext/soap/soap.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to obtain sensitive information, cause a denial of service (application crash), or possibly execute arbitrary code via an unexpected data…

  • CVE-2016-7050CriJun 8, 2017
    risk 0.64cvss 9.8epss 0.05

    SerializableProvider in RESTEasy in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux Workstation 7 allows remote attackers to execute arbitrary code.

  • CVE-2016-5405CriJun 8, 2017
    risk 0.64cvss 9.8epss 0.03

    389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allows remote attackers to obtain user passwords.

  • CVE-2016-9636CriJan 27, 2017
    risk 0.64cvss 9.8epss 0.09

    Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by providing a 'write count' that goes beyond…

  • CVE-2016-9635CriJan 27, 2017
    risk 0.64cvss 9.8epss 0.09

    Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by providing a 'skip count' that goes beyond…

  • CVE-2016-9634CriJan 27, 2017
    risk 0.64cvss 9.8epss 0.09

    Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via the start_line parameter.

  • CVE-2014-8241CriDec 14, 2016
    risk 0.64cvss 9.8epss 0.03

    XRegion in TigerVNC allows remote VNC servers to cause a denial of service (NULL pointer dereference) by leveraging failure to check a malloc return value, a similar issue to CVE-2014-6052.

  • CVE-2015-4601CriMay 16, 2016
    risk 0.64cvss 9.8epss 0.08

    PHP before 5.6.7 might allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to "type confusion" issues in (1) ext/soap/php_encoding.c, (2) ext/soap/php_http.c, and (3) ext/soap/soap.c, a…

  • CVE-2010-5325CriApr 15, 2016
    risk 0.64cvss 9.8epss 0.05

    Heap-based buffer overflow in the unhtmlify function in foomatic-rip in foomatic-filters before 4.0.6 allows remote attackers to cause a denial of service (memory corruption and crash) or possibly execute arbitrary code via a long job title.

  • CVE-2016-2108CriMay 5, 2016
    risk 0.63cvss 9.8epss 0.78

    The ASN.1 implementation in OpenSSL before 1.0.1o and 1.0.2 before 1.0.2c allows remote attackers to execute arbitrary code or cause a denial of service (buffer underflow and memory corruption) via an ANY field in crafted serialized data, aka the "negative zero" issue.

  • CVE-2015-7547HigFeb 18, 2016
    risk 0.63cvss 8.1epss 0.90

    Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS…

  • CVE-2015-8540HigApr 14, 2016
    risk 0.58cvss 8.8epss 0.06

    Integer underflow in the png_check_keyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x before 1.0.66, 1.1.x and 1.2.x before 1.2.56, 1.3.x and 1.4.x before 1.4.19, and 1.5.x before 1.5.26 allows remote attackers to have unspecified impact via a space character as a…

  • CVE-2016-3069HigApr 13, 2016
    risk 0.58cvss 8.8epss 0.05

    Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted name when converting a Git repository.

  • CVE-2016-3068HigApr 13, 2016
    risk 0.58cvss 8.8epss 0.05

    Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted git ext:: URL when cloning a subrepository.

  • CVE-2016-7545HigJan 19, 2017
    risk 0.57cvss 8.8epss 0.00

    SELinux policycoreutils allows local users to execute arbitrary commands outside of the sandbox via a crafted TIOCSTI ioctl call.

  • CVE-2016-3718MedKEVMay 5, 2016
    risk 0.57cvss 5.5epss 0.77

    The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image.

  • CVE-2016-3715MedKEVMay 5, 2016
    risk 0.57cvss 5.5epss 0.75

    The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image.

Page 1 of 8