VYPR

Enterprise Linux Server

by Red Hat

CVEs (1,623)

  • CVE-2015-1774Apr 28, 2015
    risk 0.01cvss epss 0.08

    The HWP filter in LibreOffice before 4.3.7 and 4.4.x before 4.4.2 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted HWP document, which triggers an out-of-bounds write.

  • CVE-2015-2568Apr 16, 2015
    risk 0.01cvss epss 0.07

    Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote attackers to affect availability via unknown vectors related to Server : Security : Privileges.

  • CVE-2015-0501Apr 16, 2015
    risk 0.01cvss epss 0.10

    Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Compiling.

  • CVE-2015-2775Apr 13, 2015
    risk 0.01cvss epss 0.08

    Directory traversal vulnerability in GNU Mailman before 2.1.20, when not using a static alias, allows remote attackers to execute arbitrary files via a .. (dot dot) in a list name.

  • CVE-2015-0251Apr 8, 2015
    risk 0.01cvss epss 0.08

    The mod_dav_svn server in Subversion 1.5.0 through 1.7.19 and 1.8.0 through 1.8.11 allows remote authenticated users to spoof the svn:author property via a crafted v1 HTTP protocol request sequences.

  • CVE-2015-0248Apr 8, 2015
    risk 0.01cvss epss 0.13

    The (1) mod_dav_svn and (2) svnserve servers in Subversion 1.6.0 through 1.7.19 and 1.8.0 through 1.8.11 allow remote attackers to cause a denial of service (assertion failure and abort) via crafted parameter combinations related to dynamically evaluated revision numbers.

  • CVE-2015-2787Mar 30, 2015
    risk 0.01cvss epss 0.12

    Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages use of the unset…

  • CVE-2015-2348Mar 30, 2015
    risk 0.01cvss epss 0.09

    The move_uploaded_file implementation in ext/standard/basic_functions.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 truncates a pathname upon encountering a \x00 character, which allows remote attackers to bypass intended extension restrictions and create…

  • CVE-2015-2301Mar 30, 2015
    risk 0.01cvss epss 0.15

    Use-after-free vulnerability in the phar_rename_archive function in phar_object.c in PHP before 5.5.22 and 5.6.x before 5.6.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an attempted renaming of a Phar…

  • CVE-2014-8158Jan 26, 2015
    risk 0.01cvss epss 0.14

    Multiple stack-based buffer overflows in jpc_qmfb.c in JasPer 1.900.1 and earlier allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 image.

  • CVE-2014-8157Jan 26, 2015
    risk 0.01cvss epss 0.17

    Off-by-one error in the jpc_dec_process_sot function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 image, which triggers a heap-based buffer overflow.

  • CVE-2015-0411Jan 21, 2015
    risk 0.01cvss epss 0.10

    Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier, and 5.6.21 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Server : Security : Encryption.

  • CVE-2015-0408Jan 21, 2015
    risk 0.01cvss epss 0.07

    Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI.

  • CVE-2015-0391Jan 21, 2015
    risk 0.01cvss epss 0.07

    Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect availability via vectors related to DDL.

  • CVE-2015-0382Jan 21, 2015
    risk 0.01cvss epss 0.10

    Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication, a different vulnerability than CVE-2015-0381.

  • CVE-2014-6601Jan 21, 2015
    risk 0.01cvss epss 0.07

    Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.

  • CVE-2014-6568Jan 21, 2015
    risk 0.01cvss epss 0.07

    Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier, and 5.6.21 and earlier, allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DML.

  • CVE-2014-8138Dec 24, 2014
    risk 0.01cvss epss 0.18

    Heap-based buffer overflow in the jp2_decode function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 file.

  • CVE-2014-8137Dec 24, 2014
    risk 0.01cvss epss 0.15

    Double free vulnerability in the jas_iccattrval_destroy function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted ICC color profile in a JPEG 2000 image file.

  • CVE-2004-2771Dec 24, 2014
    risk 0.01cvss epss 0.07

    The expand function in fio.c in Heirloom mailx 12.5 and earlier and BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in an email address.

Page 48 of 82