Filtered by vendor Redhat
Subscriptions
Filtered by product Enterprise Linux
Subscriptions
Total
13592 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2008-1767 | 1 Redhat | 5 Desktop, Enterprise Linux, Enterprise Linux Desktop and 2 more | 2024-08-07 | N/A |
Buffer overflow in pattern.c in libxslt before 1.1.24 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XSL style sheet file with a long XSLT "transformation match" condition that triggers a large number of steps. | ||||
CVE-2008-1721 | 4 Canonical, Debian, Python and 1 more | 4 Ubuntu Linux, Debian Linux, Python and 1 more | 2024-08-07 | N/A |
Integer signedness error in the zlib extension module in Python 2.5.2 and earlier allows remote attackers to execute arbitrary code via a negative signed integer, which triggers insufficient memory allocation and a buffer overflow. | ||||
CVE-2008-1679 | 2 Python, Redhat | 2 Python, Enterprise Linux | 2024-08-07 | N/A |
Multiple integer overflows in imageop.c in Python before 2.5.3 allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted images that trigger heap-based buffer overflows. NOTE: this issue is due to an incomplete fix for CVE-2007-4965. | ||||
CVE-2008-1722 | 2 Cups, Redhat | 2 Cups, Enterprise Linux | 2024-08-07 | N/A |
Multiple integer overflows in (1) filter/image-png.c and (2) filter/image-zoom.c in CUPS 1.3 allow attackers to cause a denial of service (crash) and trigger memory corruption, as demonstrated via a crafted PNG image. | ||||
CVE-2008-1619 | 2 Redhat, Xensource Inc | 2 Enterprise Linux, Xen | 2024-08-07 | N/A |
The ssm_i emulation in Xen 5.1 on IA64 architectures allows attackers to cause a denial of service (dom0 panic) via certain traffic, as demonstrated using an FTP stress test tool. | ||||
CVE-2008-1612 | 2 Redhat, Squid | 2 Enterprise Linux, Squid | 2024-08-07 | N/A |
The arrayShrink function (lib/Array.c) in Squid 2.6.STABLE17 allows attackers to cause a denial of service (process exit) via unknown vectors that cause an array to shrink to 0 entries, which triggers an assert error. NOTE: this issue is due to an incorrect fix for CVE-2007-6239. | ||||
CVE-2008-1562 | 2 Redhat, Wireshark | 2 Enterprise Linux, Wireshark | 2024-08-07 | N/A |
The LDAP dissector in Wireshark (formerly Ethereal) 0.99.2 through 0.99.8 allows remote attackers to cause a denial of service (application crash) via a malformed packet, a different vulnerability than CVE-2006-5740. | ||||
CVE-2008-1561 | 2 Redhat, Wireshark | 2 Enterprise Linux, Wireshark | 2024-08-07 | N/A |
Multiple unspecified vulnerabilities in Wireshark (formerly Ethereal) 0.99.5 through 0.99.8 allow remote attackers to cause a denial of service (application crash) via a malformed packet to the (1) X.509sat or (2) Roofnet dissectors. NOTE: Vector 2 might also lead to a hang. | ||||
CVE-2008-1615 | 2 Amd, Redhat | 4 Amd64, Enterprise Linux, Enterprise Linux Desktop and 1 more | 2024-08-07 | N/A |
Linux kernel 2.6.18, and possibly other versions, when running on AMD64 architectures, allows local users to cause a denial of service (crash) via certain ptrace calls. | ||||
CVE-2008-1514 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-08-07 | N/A |
arch/s390/kernel/ptrace.c in Linux kernel 2.6.9, and other versions before 2.6.27-rc6, on s390 platforms allows local users to cause a denial of service (kernel panic) via the user-area-padding test from the ptrace testsuite in 31-bit mode, which triggers an invalid dereference. | ||||
CVE-2008-1563 | 2 Redhat, Wireshark | 2 Enterprise Linux, Wireshark | 2024-08-07 | N/A |
The "decode as" feature in packet-bssap.c in the SCCP dissector in Wireshark (formerly Ethereal) 0.99.6 through 0.99.8 allows remote attackers to cause a denial of service (application crash) via a malformed packet. | ||||
CVE-2008-1423 | 2 Redhat, Xiph.org | 3 Enterprise Linux, Linux Advanced Workstation, Libvorbis | 2024-08-07 | N/A |
Integer overflow in a certain quantvals and quantlist calculation in Xiph.org libvorbis 1.2.0 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted OGG file with a large virtual space for its codebook, which triggers a heap overflow. | ||||
CVE-2008-1483 | 2 Openbsd, Redhat | 2 Openssh, Enterprise Linux | 2024-08-07 | N/A |
OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs. | ||||
CVE-2008-1447 | 6 Canonical, Cisco, Debian and 3 more | 8 Ubuntu Linux, Ios, Debian Linux and 5 more | 2024-08-07 | 6.8 Medium |
The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug." | ||||
CVE-2008-1420 | 2 Redhat, Xiph.org | 3 Enterprise Linux, Linux Advanced Workstation, Libvorbis | 2024-08-07 | N/A |
Integer overflow in residue partition value (aka partvals) evaluation in Xiph.org libvorbis 1.2.0 and earlier allows remote attackers to execute arbitrary code via a crafted OGG file, which triggers a heap overflow. | ||||
CVE-2008-1419 | 2 Redhat, Xiph.org | 3 Enterprise Linux, Linux Advanced Workstation, Libvorbis | 2024-08-07 | N/A |
Xiph.org libvorbis 1.2.0 and earlier does not properly handle a zero value for codebook.dim, which allows remote attackers to cause a denial of service (crash or infinite loop) or trigger an integer overflow. | ||||
CVE-2008-1372 | 2 Bzip, Redhat | 2 Bzip2, Enterprise Linux | 2024-08-07 | N/A |
bzlib.c in bzip2 before 1.0.5 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted file that triggers a buffer over-read, as demonstrated by the PROTOS GENOME test suite for Archive Formats. | ||||
CVE-2008-1380 | 2 Mozilla, Redhat | 4 Firefox, Seamonkey, Thunderbird and 1 more | 2024-08-07 | N/A |
The JavaScript engine in Mozilla Firefox before 2.0.0.14, Thunderbird before 2.0.0.14, and SeaMonkey before 1.1.10 allows remote attackers to cause a denial of service (garbage collector crash) and possibly have other impacts via a crafted web page. NOTE: this is due to an incorrect fix for CVE-2008-1237. | ||||
CVE-2008-1382 | 2 Libpng, Redhat | 2 Libpng, Enterprise Linux | 2024-08-07 | N/A |
libpng 1.0.6 through 1.0.32, 1.2.0 through 1.2.26, and 1.4.0beta01 through 1.4.0beta19 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PNG file with zero length "unknown" chunks, which trigger an access of uninitialized memory. | ||||
CVE-2008-1374 | 2 Apple, Redhat | 2 Cups, Enterprise Linux | 2024-08-07 | N/A |
Integer overflow in pdftops filter in CUPS in Red Hat Enterprise Linux 3 and 4, when running on 64-bit platforms, allows remote attackers to execute arbitrary code via a crafted PDF file. NOTE: this issue is due to an incomplete fix for CVE-2004-0888. |