VYPR

Enterprise Linux Server

by Red Hat

CVEs (1,624)

  • CVE-2007-1285HigMar 6, 2007
    risk 0.53cvss 7.5epss 0.18

    The Zend Engine in PHP 4.x before 4.4.7, and 5.x before 5.2.2, allows remote attackers to cause a denial of service (stack exhaustion and PHP crash) via deeply nested arrays, which trigger deep recursion in the variable destruction routines.

  • CVE-2026-4480CriMay 26, 2026
    risk 0.52cvss 9.0epss 0.13

    A flaw was found in the Samba printing subsystem. Samba passes the client-controlled job description string to the command configured with the "print command" setting via the "%J" substitution character without escaping shell meta characters. A remote attacker could exploit this…

  • CVE-2016-8610HigNov 13, 2017
    risk 0.52cvss 7.5epss 0.40

    A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive…

  • CVE-2016-9131HigJan 12, 2017
    risk 0.52cvss 7.5epss 0.41

    named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed response to an RTYPE ANY query.

  • CVE-2016-2105HigMay 5, 2016
    risk 0.52cvss 7.5epss 0.40

    Integer overflow in the EVP_EncodeUpdate function in crypto/evp/encode.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of binary data.

  • CVE-2026-50264HigJun 5, 2026
    risk 0.51cvss 7.8epss 0.00

    An out-of-bounds write flaw was found in the X.Org X server and Xwayland in DRIGetBuffers/DRIGetBuffersWithFormat. A client that requests multiple DRI2BufferBackLeft attachments and one DRI2BufferFrontLeft can trigger an out-of-bounds heap write. This may be used to crash the…

  • CVE-2026-50261HigJun 5, 2026
    risk 0.51cvss 7.8epss 0.00

    A use-after-free flaw was found in the X.Org X server and Xwayland in SyncChangeCounter(). A client that sets up multiple SyncCounters can trigger a use-after-free when destroying those counters via a second client connection while changing those counters. This may be used to…

  • CVE-2026-50260HigJun 5, 2026
    risk 0.51cvss 7.8epss 0.00

    A use-after-free flaw was found in the X.Org X server and Xwayland in FreeCounter(). A client that sets up multiple SyncCounters and awaits on those triggers can trigger a use-after-free when destroying those counters via a second client connection. This may be used to crash the…

  • CVE-2026-50258HigJun 5, 2026
    risk 0.51cvss 7.8epss 0.00

    A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. The X server has multiple stack buffers sized XkbMaxShiftLevel * XkbNumKbdGroups but CheckKeyTypes() does not verify or clamp non-canonical key types to XkbMaxShiftLevel. A client can change key…

  • CVE-2026-50257HigJun 5, 2026
    risk 0.51cvss 7.8epss 0.00

    A use-after-free flaw was found in the X.Org X server and Xwayland in miSyncDestroyFence(). A client that sets up multiple fence triggers can trigger a use-after-free function pointer call. An attacker would connect to the X server to set up a fence and await that fence, then a…

  • CVE-2026-50256HigJun 5, 2026
    risk 0.51cvss 7.8epss 0.00

    A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. A mismatch between the X server and the libXfont2 library's maximum font name length can cause a stack buffer overflow during font alias resolution. The server allocates a 256 byte stack buffer but…

  • CVE-2026-48864HigMay 26, 2026
    risk 0.51cvss 7.8epss 0.00

    A flaw was found in libsolv. This heap buffer overflow occurs during the decompression of attacker-controlled compressed data within `.solv` files due to insufficient input validation. An attacker can provide a specially crafted `.solv` file, which, when processed by a…

  • CVE-2026-6846HigApr 22, 2026
    risk 0.51cvss 7.8epss 0.00

    A flaw was found in binutils. A heap-buffer-overflow vulnerability exists when processing a specially crafted XCOFF (Extended Common Object File Format) object file during linking. A local attacker could trick a user into processing this malicious file, which could lead to…

  • CVE-2026-4775HigMar 24, 2026
    risk 0.51cvss 7.8epss 0.01

    A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. This flaw can lead to an out-of-bounds heap write due to incorrect memory pointer…

  • CVE-2025-26601HigFeb 25, 2025
    risk 0.51cvss 7.8epss 0.00

    A use-after-free flaw was found in X.Org and Xwayland. When changing an alarm, the values of the change mask are evaluated one after the other, changing the trigger values as requested, and eventually, SyncInitTrigger() is called. If one of the changes triggers an error, the…

  • CVE-2025-26600HigFeb 25, 2025
    risk 0.51cvss 7.8epss 0.00

    A use-after-free flaw was found in X.Org and Xwayland. When a device is removed while still frozen, the events queued for that device remain while the device is freed. Replaying the events will cause a use-after-free.

  • CVE-2025-26599HigFeb 25, 2025
    risk 0.51cvss 7.8epss 0.00

    An access to an uninitialized pointer flaw was found in X.Org and Xwayland. The function compCheckRedirect() may fail if it cannot allocate the backing pixmap. In that case, compRedirectWindow() will return a BadAlloc error without validating the window tree marked just before,…

  • CVE-2025-26598HigFeb 25, 2025
    risk 0.51cvss 7.8epss 0.00

    An out-of-bounds write flaw was found in X.Org and Xwayland. The function GetBarrierDevice() searches for the pointer device based on its device ID and returns the matching value, or supposedly NULL, if no match was found. However, the code will return the last element of the…

  • CVE-2025-26597HigFeb 25, 2025
    risk 0.51cvss 7.8epss 0.00

    A buffer overflow flaw was found in X.Org and Xwayland. If XkbChangeTypesOfKey() is called with a 0 group, it will resize the key symbols table to 0 but leave the key actions unchanged. If the same function is later called with a non-zero value of groups, this will cause a…

  • CVE-2025-26596HigFeb 25, 2025
    risk 0.51cvss 7.8epss 0.00

    A heap overflow flaw was found in X.Org and Xwayland. The computation of the length in XkbSizeKeySyms() differs from what is written in XkbWriteKeySyms(), which may lead to a heap-based buffer overflow.

Page 16 of 82