Product:

Enterprise_linux_server_aus

(Redhat)
Date Id Summary Products Score Patch Annotated
2018-01-18 CVE-2018-2678 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of... Ubuntu_linux, Debian_linux, Xp7_command_view, Xp_command_view, Xp_p9000_command_view, Jdk, Jre, Jrockit, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Satellite, Struxureware_data_center_expert 4.3
2009-03-06 CVE-2009-0834 The audit_syscall_entry function in the Linux kernel 2.6.28.7 and earlier on the x86_64 platform does not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass certain syscall audit configurations via crafted syscalls, a related issue to CVE-2009-0342 and CVE-2009-0343. Ubuntu_linux, Debian_linux, Linux_kernel, Opensuse, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_workstation, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit N/A
2011-02-18 CVE-2011-1044 The ib_uverbs_poll_cq function in drivers/infiniband/core/uverbs_cmd.c in the Linux kernel before 2.6.37 does not initialize a certain response buffer, which allows local users to obtain potentially sensitive information from kernel memory via vectors that cause this buffer to be only partially filled, a different vulnerability than CVE-2010-4649. Linux_kernel, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_workstation N/A
2012-01-18 CVE-2012-0031 scoreboard.c in the Apache HTTP Server 2.2.21 and earlier might allow local users to cause a denial of service (daemon crash during shutdown) or possibly have unspecified other impact by modifying a certain type field within a scoreboard shared memory segment, leading to an invalid call to the free function. Http_server, Debian_linux, Opensuse, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_workstation, Jboss_enterprise_web_server, Storage, Linux_enterprise_server, Linux_enterprise_software_development_kit N/A
2012-03-22 CVE-2011-3045 Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file, a different vulnerability than CVE-2011-3026. Debian_linux, Fedora, Chrome, Libpng, Opensuse, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_workstation, Gluster_storage, Storage, Storage_for_public_cloud N/A
2013-06-10 CVE-2013-1862 mod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via an HTTP request containing an escape sequence for a terminal emulator. Http_server, Ubuntu_linux, Opensuse, Http_server, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_workstation, Jboss_enterprise_application_platform N/A
2014-04-15 CVE-2013-5704 The mod_headers module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass "RequestHeader unset" directives by placing a header in the trailer portion of data sent with chunked transfer coding. NOTE: the vendor states "this is not a security issue in httpd as such." Http_server, Mac_os_x, Mac_os_x_server, Ubuntu_linux, Enterprise_manager_ops_center, Http_server, Linux, Solaris, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Jboss_enterprise_web_server N/A
2014-07-03 CVE-2014-4656 Multiple integer overflows in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 allow local users to cause a denial of service by leveraging /dev/snd/controlCX access, related to (1) index values in the snd_ctl_add function and (2) numid values in the snd_ctl_remove_numid_conflict function. Ubuntu_linux, Linux_kernel, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Linux_enterprise_server N/A
2014-08-01 CVE-2014-5045 The mountpoint_last function in fs/namei.c in the Linux kernel before 3.15.8 does not properly maintain a certain reference count during attempts to use the umount system call in conjunction with a symlink, which allows local users to cause a denial of service (memory consumption or use-after-free) or possibly have unspecified other impact via the umount program. Linux_kernel, Enterprise_linux_eus, Enterprise_linux_server_aus, Enterprise_linux_server_tus N/A
2014-10-10 CVE-2014-3581 The cache_merge_headers_out function in modules/cache/cache_util.c in the mod_cache module in the Apache HTTP Server before 2.4.11 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty HTTP Content-Type header. Http_server, Ubuntu_linux, Enterprise_manager_ops_center, Linux, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus N/A