Filtered by vendor Redhat Subscriptions
Filtered by product Enterprise Linux Desktop Subscriptions
Total 1947 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2014-9273 3 Debian, Opensuse, Redhat 7 Hivex, Opensuse, Enterprise Linux and 4 more 2024-11-21 N/A
lib/handle.c in Hivex before 1.3.11 allows local users to execute arbitrary code and gain privileges via a small hive files, which triggers an out-of-bounds read or write.
CVE-2014-8964 6 Fedoraproject, Mariadb, Opensuse and 3 more 12 Fedora, Mariadb, Opensuse and 9 more 2024-11-21 N/A
Heap-based buffer overflow in PCRE 8.36 and earlier allows remote attackers to cause a denial of service (crash) or have other unspecified impact via a crafted regular expression, related to an assertion that allows zero repeats.
CVE-2014-8867 4 Debian, Opensuse, Redhat and 1 more 5 Debian Linux, Opensuse, Enterprise Linux and 2 more 2024-11-21 N/A
The acceleration support for the "REP MOVS" instruction in Xen 4.4.x, 3.2.x, and earlier lacks properly bounds checking for memory mapped I/O (MMIO) emulated in the hypervisor, which allows local HVM guests to cause a denial of service (host crash) via unspecified vectors.
CVE-2014-8567 2 Redhat, Uninett 8 Enterprise Linux, Enterprise Linux Desktop, Enterprise Linux Server and 5 more 2024-11-21 N/A
The mod_auth_mellon module before 0.8.1 allows remote attackers to cause a denial of service (Apache HTTP server crash) via a crafted logout request that triggers a read of uninitialized data.
CVE-2014-8564 4 Canonical, Gnu, Opensuse and 1 more 8 Ubuntu Linux, Gnutls, Opensuse and 5 more 2024-11-21 N/A
The _gnutls_ecc_ansi_x963_export function in gnutls_ecc.c in GnuTLS 3.x before 3.1.28, 3.2.x before 3.2.20, and 3.3.x before 3.3.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted (1) Elliptic Curve Cryptography (ECC) certificate or (2) certificate signing requests (CSR), related to generating key IDs.
CVE-2014-8241 2 Redhat, Tigervnc 6 Enterprise Linux, Enterprise Linux Desktop, Enterprise Linux Hpc Node and 3 more 2024-11-21 N/A
XRegion in TigerVNC allows remote VNC servers to cause a denial of service (NULL pointer dereference) by leveraging failure to check a malloc return value, a similar issue to CVE-2014-6052.
CVE-2014-8169 3 Automount Project, Opensuse, Redhat 7 Automount, Opensuse, Enterprise Linux and 4 more 2024-11-21 N/A
automount 5.0.8, when a program map uses certain interpreted languages, uses the calling user's USER and HOME environment variable values instead of the values for the user used to run the mapped program, which allows local users to gain privileges via a Trojan horse program in the user home directory.
CVE-2014-8160 6 Canonical, Debian, Linux and 3 more 17 Ubuntu Linux, Debian Linux, Linux Kernel and 14 more 2024-11-21 N/A
net/netfilter/nf_conntrack_proto_generic.c in the Linux kernel before 3.18 generates incorrect conntrack entries during handling of certain iptables rule sets for the SCTP, DCCP, GRE, and UDP-Lite protocols, which allows remote attackers to bypass intended access restrictions via packets with disallowed port numbers.
CVE-2014-8141 2 Redhat, Unzip Project 7 Enterprise Linux, Enterprise Linux Desktop, Enterprise Linux Server and 4 more 2024-11-21 7.8 High
Heap-based buffer overflow in the getZip64Data function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.
CVE-2014-8140 2 Redhat, Unzip Project 8 Enterprise Linux, Enterprise Linux Desktop, Enterprise Linux Server and 5 more 2024-11-21 7.8 High
Heap-based buffer overflow in the test_compr_eb function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.
CVE-2014-8139 2 Redhat, Unzip Project 8 Enterprise Linux, Enterprise Linux Desktop, Enterprise Linux Server and 5 more 2024-11-21 7.8 High
Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.
CVE-2014-8136 4 Canonical, Mageia, Opensuse and 1 more 10 Ubuntu Linux, Mageia, Opensuse and 7 more 2024-11-21 N/A
The (1) qemuDomainMigratePerform and (2) qemuDomainMigrateFinish2 functions in qemu/qemu_driver.c in libvirt do not unlock the domain when an ACL check fails, which allow local users to cause a denial of service via unspecified vectors.
CVE-2014-8130 3 Apple, Libtiff, Redhat 10 Iphone Os, Mac Os X, Libtiff and 7 more 2024-11-21 N/A
The _TIFFmalloc function in tif_unix.c in LibTIFF 4.0.3 does not reject a zero size, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image that is mishandled by the TIFFWriteScanline function in tif_write.c, as demonstrated by tiffdither.
CVE-2014-8108 3 Apache, Apple, Redhat 7 Subversion, Xcode, Enterprise Linux and 4 more 2024-11-21 N/A
The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.7.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a request for a URI that triggers a lookup for a virtual transaction name that does not exist.
CVE-2014-7844 3 Bsd Mailx Project, Debian, Redhat 9 Bsd Mailx, Debian Linux, Enterprise Linux and 6 more 2024-11-21 7.8 High
BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via a crafted email address.
CVE-2014-7840 2 Qemu, Redhat 8 Qemu, Enterprise Linux, Enterprise Linux Desktop and 5 more 2024-11-21 N/A
The host_from_stream_offset function in arch_init.c in QEMU, when loading RAM during migration, allows remote attackers to execute arbitrary code via a crafted (1) offset or (2) length value in savevm data.
CVE-2014-7815 5 Canonical, Debian, Qemu and 2 more 12 Ubuntu Linux, Debian Linux, Qemu and 9 more 2024-11-21 N/A
The set_pixel_format function in ui/vnc.c in QEMU allows remote attackers to cause a denial of service (crash) via a small bytes_per_pixel value.
CVE-2014-7300 2 Gnome, Redhat 6 Gnome-shell, Enterprise Linux, Enterprise Linux Desktop and 3 more 2024-11-21 N/A
GNOME Shell 3.14.x before 3.14.1, when the Screen Lock feature is used, does not limit the aggregate memory consumption of all active PrtSc requests, which allows physically proximate attackers to execute arbitrary commands on an unattended workstation by making many PrtSc requests and leveraging a temporary lock outage, and the resulting temporary shell availability, caused by the Linux kernel OOM killer.
CVE-2014-7169 17 Apple, Arista, Canonical and 14 more 90 Mac Os X, Eos, Ubuntu Linux and 87 more 2024-11-21 9.8 Critical
GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271.
CVE-2014-7145 3 Canonical, Linux, Redhat 7 Ubuntu Linux, Linux Kernel, Enterprise Linux and 4 more 2024-11-21 N/A
The SMB2_tcon function in fs/cifs/smb2pdu.c in the Linux kernel before 3.16.3 allows remote CIFS servers to cause a denial of service (NULL pointer dereference and client system crash) or possibly have unspecified other impact by deleting the IPC$ share during resolution of DFS referrals.