Enterprise_linux_eus - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Enterprise_linux_eus
(Redhat)

Repositories

• https://github.com/torvalds/linux
• https://github.com/krb5/krb5
• https://github.com/madler/zlib
• https://github.com/dajobe/raptor
• https://github.com/qos-ch/slf4j

• https://github.com/uclouvain/openjpeg
• https://github.com/Perl/perl5
• https://github.com/apache/httpd
• https://github.com/openssh/openssh-portable
• https://github.com/openbsd/src
• https://github.com/mysql/mysql-server
• https://github.com/ImageMagick/ImageMagick
• https://github.com/mdadams/jasper

#Vulnerabilities

752

Date	Id	Summary	Products	Score	Patch	Annotated
2014-07-03	CVE-2014-4656	Multiple integer overflows in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 allow local users to cause a denial of service by leveraging /dev/snd/controlCX access, related to (1) index values in the snd_ctl_add function and (2) numid values in the snd_ctl_remove_numid_conflict function.	Ubuntu_linux, Linux_kernel, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Linux_enterprise_server	N/A
2014-08-01	CVE-2014-5045	The mountpoint_last function in fs/namei.c in the Linux kernel before 3.15.8 does not properly maintain a certain reference count during attempts to use the umount system call in conjunction with a symlink, which allows local users to cause a denial of service (memory consumption or use-after-free) or possibly have unspecified other impact via the umount program.	Linux_kernel, Enterprise_linux_eus, Enterprise_linux_server_aus, Enterprise_linux_server_tus	N/A
2014-10-10	CVE-2014-3581	The cache_merge_headers_out function in modules/cache/cache_util.c in the mod_cache module in the Apache HTTP Server before 2.4.11 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty HTTP Content-Type header.	Http_server, Ubuntu_linux, Enterprise_manager_ops_center, Linux, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus	N/A
2014-11-01	CVE-2014-3615	The VGA emulator in QEMU allows local guest users to read host memory by setting the display to a high resolution.	Ubuntu_linux, Debian_linux, Opensuse, Qemu, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Openstack, Virtualization	N/A
2014-12-17	CVE-2014-9322	arch/x86/kernel/entry_64.S in the Linux kernel before 3.17.5 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to gain privileges by triggering an IRET instruction that leads to access to a GS Base address from the wrong space.	Ubuntu_linux, Android, Linux_kernel, Evergreen, Enterprise_linux_eus, Suse_linux_enterprise_server	7.8
2015-01-09	CVE-2014-9585	The vdso_addr function in arch/x86/vdso/vma.c in the Linux kernel through 3.18.2 does not properly choose memory locations for the vDSO area, which makes it easier for local users to bypass the ASLR protection mechanism by guessing a location at the end of a PMD.	Ubuntu_linux, Debian_linux, Fedora, Linux_kernel, Evergreen, Opensuse, Enterprise_linux_aus, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Linux_enterprise_desktop, Linux_enterprise_real_time_extension, Linux_enterprise_server, Linux_enterprise_software_development_kit, Linux_enterprise_workstation_extension	N/A
2015-02-06	CVE-2015-1209	Use-after-free vulnerability in the VisibleSelection::nonBoundaryShadowTreeRootNode function in core/editing/VisibleSelection.cpp in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers improper handling of a shadow-root anchor.	Ubuntu_linux, Chrome, Opensuse, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_workstation	N/A
2015-02-06	CVE-2015-1210	The V8ThrowException::createDOMException function in bindings/core/v8/V8ThrowException.cpp in the V8 bindings in Blink, as used in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android, does not properly consider frame access restrictions during the throwing of an exception, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.	Ubuntu_linux, Chrome, Opensuse, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_workstation	N/A
2015-02-06	CVE-2015-1211	The OriginCanAccessServiceWorkers function in content/browser/service_worker/service_worker_dispatcher_host.cc in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android does not properly restrict the URI scheme during a ServiceWorker registration, which allows remote attackers to gain privileges via a filesystem: URI.	Ubuntu_linux, Chrome, Opensuse, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_workstation	N/A
2015-02-06	CVE-2015-1212	Multiple unspecified vulnerabilities in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android allow attackers to cause a denial of service or possibly have other impact via unknown vectors.	Ubuntu_linux, Chrome, Opensuse, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_workstation	N/A