Vulnerabilities (CVE)

Filtered by vendor Redhat Subscribe
Filtered by product Enterprise Linux Workstation
Total 1730 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-5229 1 Redhat 8 Enterprise Linux, Enterprise Linux Desktop, Enterprise Linux Hpc Node and 5 more 2025-04-12 5.0 MEDIUM 7.5 HIGH
The calloc function in the glibc package in Red Hat Enterprise Linux (RHEL) 6.7 and 7.2 does not properly initialize memory areas, which might allow context-dependent attackers to cause a denial of service (hang or crash) via unspecified vectors.
CVE-2016-1690 5 Debian, Google, Opensuse and 2 more 8 Debian Linux, Chrome, Leap and 5 more 2025-04-12 5.1 MEDIUM 7.5 HIGH
The Autofill implementation in Google Chrome before 51.0.2704.63 mishandles the interaction between field updates and JavaScript code that triggers a frame deletion, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted web site, a different vulnerability than CVE-2016-1701.
CVE-2015-4913 4 Novell, Opensuse, Oracle and 1 more 16 Suse Linux Enterprise Desktop, Suse Linux Enterprise Server, Suse Linux Enterprise Software Development Kit and 13 more 2025-04-12 3.5 LOW N/A
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML, a different vulnerability than CVE-2015-4858.
CVE-2016-7163 4 Debian, Fedoraproject, Redhat and 1 more 9 Debian Linux, Fedora, Enterprise Linux Desktop and 6 more 2025-04-12 6.8 MEDIUM 7.8 HIGH
Integer overflow in the opj_pi_create_decode function in pi.c in OpenJPEG allows remote attackers to execute arbitrary code via a crafted JP2 file, which triggers an out-of-bounds read or write.
CVE-2016-1689 6 Canonical, Debian, Google and 3 more 9 Ubuntu Linux, Debian Linux, Chrome and 6 more 2025-04-12 4.3 MEDIUM 6.5 MEDIUM
Heap-based buffer overflow in content/renderer/media/canvas_capture_handler.cc in Google Chrome before 51.0.2704.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted web site.
CVE-2015-3196 7 Canonical, Debian, Fedoraproject and 4 more 13 Ubuntu Linux, Debian Linux, Fedora and 10 more 2025-04-12 4.3 MEDIUM N/A
ssl/s3_clnt.c in OpenSSL 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1p, and 1.0.2 before 1.0.2d, when used for a multi-threaded client, writes the PSK identity hint to an incorrect data structure, which allows remote servers to cause a denial of service (race condition and double free) via a crafted ServerKeyExchange message.
CVE-2016-2150 5 Debian, Microsoft, Opensuse and 2 more 12 Debian Linux, Windows, Leap and 9 more 2025-04-12 3.6 LOW 7.1 HIGH
SPICE allows local guest OS users to read from or write to arbitrary host memory locations via crafted primary surface parameters, a similar issue to CVE-2015-5261.
CVE-2014-9666 7 Canonical, Debian, Fedoraproject and 4 more 12 Ubuntu Linux, Debian Linux, Fedora and 9 more 2025-04-12 6.8 MEDIUM N/A
The tt_sbit_decoder_init function in sfnt/ttsbit.c in FreeType before 2.5.4 proceeds with a count-to-size association without restricting the count value, which allows remote attackers to cause a denial of service (integer overflow and out-of-bounds read) or possibly have unspecified other impact via a crafted embedded bitmap.
CVE-2014-3615 5 Canonical, Debian, Opensuse and 2 more 13 Ubuntu Linux, Debian Linux, Opensuse and 10 more 2025-04-12 2.1 LOW N/A
The VGA emulator in QEMU allows local guest users to read host memory by setting the display to a high resolution.
CVE-2015-0501 7 Canonical, Debian, Juniper and 4 more 14 Ubuntu Linux, Debian Linux, Junos Space and 11 more 2025-04-12 5.7 MEDIUM N/A
Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Compiling.
CVE-2014-1514 6 Canonical, Debian, Mozilla and 3 more 17 Ubuntu Linux, Debian Linux, Firefox and 14 more 2025-04-12 7.5 HIGH 9.8 CRITICAL
vmtypedarrayobject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not validate the length of the destination array before a copy operation, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write and application crash) by triggering incorrect use of the TypedArrayObject class.
CVE-2016-1681 5 Debian, Google, Opensuse and 2 more 8 Debian Linux, Chrome, Leap and 5 more 2025-04-12 6.8 MEDIUM 8.8 HIGH
Heap-based buffer overflow in the opj_j2k_read_SPCod_SPCoc function in j2k.c in OpenJPEG, as used in PDFium in Google Chrome before 51.0.2704.63, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document.
CVE-2014-0247 5 Canonical, Fedoraproject, Libreoffice and 2 more 7 Ubuntu Linux, Fedora, Libreoffice and 4 more 2025-04-12 10.0 HIGH N/A
LibreOffice 4.2.4 executes unspecified VBA macros automatically, which has unspecified impact and attack vectors, possibly related to doc/docmacromode.cxx.
CVE-2015-1779 6 Canonical, Debian, Fedoraproject and 3 more 12 Ubuntu Linux, Debian Linux, Fedora and 9 more 2025-04-12 7.8 HIGH 8.6 HIGH
The VNC websocket frame decoder in QEMU allows remote attackers to cause a denial of service (memory and CPU consumption) via a large (1) websocket payload or (2) HTTP headers section.
CVE-2014-1512 6 Canonical, Debian, Mozilla and 3 more 17 Ubuntu Linux, Debian Linux, Firefox and 14 more 2025-04-12 10.0 HIGH N/A
Use-after-free vulnerability in the TypeObject class in the JavaScript engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary code by triggering extensive memory consumption while garbage collection is occurring, as demonstrated by improper handling of BumpChunk objects.
CVE-2015-0382 7 Canonical, Debian, Fedoraproject and 4 more 17 Ubuntu Linux, Debian Linux, Fedora and 14 more 2025-04-12 4.3 MEDIUM N/A
Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication, a different vulnerability than CVE-2015-0381.
CVE-2016-1704 5 Canonical, Google, Novell and 2 more 8 Ubuntu Linux, Chrome, Suse Package Hub For Suse Linux Enterprise and 5 more 2025-04-12 6.8 MEDIUM 8.8 HIGH
Multiple unspecified vulnerabilities in Google Chrome before 51.0.2704.103 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
CVE-2014-4652 4 Canonical, Linux, Redhat and 1 more 6 Ubuntu Linux, Linux Kernel, Enterprise Linux Desktop and 3 more 2025-04-12 1.9 LOW N/A
Race condition in the tlv handler functionality in the snd_ctl_elem_user_tlv function in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 allows local users to obtain sensitive information from kernel memory by leveraging /dev/snd/controlCX access.
CVE-2015-8327 4 Canonical, Debian, Linuxfoundation and 1 more 9 Ubuntu Linux, Debian Linux, Cups-filters and 6 more 2025-04-12 7.5 HIGH N/A
Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.2.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via ` (backtick) characters in a print job.
CVE-2014-4341 4 Debian, Fedoraproject, Mit and 1 more 10 Debian Linux, Fedora, Kerberos 5 and 7 more 2025-04-12 5.0 MEDIUM N/A
MIT Kerberos 5 (aka krb5) before 1.12.2 allows remote attackers to cause a denial of service (buffer over-read and application crash) by injecting invalid tokens into a GSSAPI application session.