Filtered by vendor Redhat Subscriptions
Filtered by product Enterprise Linux Eus Subscriptions
Total 769 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2008-3281 7 Apple, Canonical, Debian and 4 more 12 Iphone Os, Safari, Ubuntu Linux and 9 more 2024-11-21 6.5 Medium
libxml2 2.6.32 and earlier does not properly detect recursion during entity expansion in an attribute value, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document.
CVE-2008-3272 4 Canonical, Debian, Linux and 1 more 9 Ubuntu Linux, Debian Linux, Linux Kernel and 6 more 2024-11-21 N/A
The snd_seq_oss_synth_make_info function in sound/core/seq/oss/seq_oss_synth.c in the sound subsystem in the Linux kernel before 2.6.27-rc2 does not verify that the device number is within the range defined by max_synthdev before returning certain data to the caller, which allows local users to obtain sensitive information.
CVE-2008-2364 4 Apache, Canonical, Fedoraproject and 1 more 9 Http Server, Ubuntu Linux, Fedora and 6 more 2024-11-21 N/A
The ap_proxy_http_process_response function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server 2.0.63 and 2.2.8 does not limit the number of forwarded interim responses, which allows remote HTTP servers to cause a denial of service (memory consumption) via a large number of interim responses.
CVE-2008-1945 6 Canonical, Debian, Opensuse and 3 more 10 Ubuntu Linux, Debian Linux, Opensuse and 7 more 2024-11-21 N/A
QEMU 0.9.0 does not properly handle changes to removable media, which allows guest OS users to read arbitrary files on the host OS by using the diskformat: parameter in the -usbdevice option to modify the disk-image header to identify a different format, a related issue to CVE-2008-2004.
CVE-2007-6206 6 Canonical, Debian, Linux and 3 more 13 Ubuntu Linux, Debian Linux, Linux Kernel and 10 more 2024-11-21 N/A
The do_coredump function in fs/exec.c in Linux kernel 2.4.x and 2.6.x up to 2.6.24-rc3, and possibly other versions, does not change the UID of a core dump file if it exists before a root process creates a core dump in the same location, which might allow local users to obtain sensitive information.
CVE-2007-1349 3 Apache, Canonical, Redhat 12 Mod Perl, Ubuntu Linux, Certificate System and 9 more 2024-11-21 N/A
PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted URI.
CVE-2006-5752 4 Apache, Canonical, Fedoraproject and 1 more 12 Http Server, Ubuntu Linux, Fedora and 9 more 2024-11-21 N/A
Cross-site scripting (XSS) vulnerability in mod_status.c in the mod_status module in Apache HTTP Server (httpd), when ExtendedStatus is enabled and a public server-status page is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving charsets with browsers that perform "charset detection" when the content-type is not specified.
CVE-2006-5158 3 Canonical, Linux, Redhat 7 Ubuntu Linux, Linux Kernel, Enterprise Linux and 4 more 2024-11-21 7.5 High
The nlmclnt_mark_reclaim in clntlock.c in NFS lockd in Linux kernel before 2.6.16 allows remote attackers to cause a denial of service (process crash) and deny access to NFS exports via unspecified vectors that trigger a kernel oops (null dereference) and a deadlock.
CVE-2002-2443 6 Canonical, Debian, Fedoraproject and 3 more 11 Ubuntu Linux, Debian Linux, Fedora and 8 more 2024-11-21 N/A
schpw.c in the kpasswd service in kadmind in MIT Kerberos 5 (aka krb5) before 1.11.3 does not properly validate UDP packets before sending responses, which allows remote attackers to cause a denial of service (CPU and bandwidth consumption) via a forged packet that triggers a communication loop, as demonstrated by krb_pingpong.nasl, a related issue to CVE-1999-0103.