Filtered by vendor Redhat Subscriptions
Filtered by product Enterprise Linux Subscriptions
Total 15659 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2009-0397 2 Gstreamer, Redhat 3 Good Plug-ins, Plug-ins, Enterprise Linux 2026-04-23 N/A
Heap-based buffer overflow in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good) 0.10.9 through 0.10.11, and GStreamer Plug-ins (aka gstreamer-plugins) 0.8.5, might allow remote attackers to execute arbitrary code via crafted Time-to-sample (aka stts) atom data in a malformed QuickTime media .mov file.
CVE-2008-1949 2 Gnu, Redhat 2 Gnutls, Enterprise Linux 2026-04-23 N/A
The _gnutls_recv_client_kx_message function in lib/gnutls_kx.c in libgnutls in gnutls-serv in GnuTLS before 2.2.4 continues to process Client Hello messages within a TLS message after one has already been processed, which allows remote attackers to cause a denial of service (NULL dereference and crash) via a TLS message containing multiple Client Hello messages, aka GNUTLS-SA-2008-1-2.
CVE-2009-0025 2 Isc, Redhat 2 Bind, Enterprise Linux 2026-04-23 N/A
BIND 9.6.0, 9.5.1, 9.5.0, 9.4.3, and earlier does not properly check the return value from the OpenSSL DSA_verify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077.
CVE-2007-6694 3 Apple, Linux, Redhat 3 Powerpc, Linux Kernel, Enterprise Linux 2026-04-23 N/A
The chrp_show_cpuinfo function (chrp/setup.c) in Linux kernel 2.4.21 through 2.6.18-53, when running on PowerPC, might allow local users to cause a denial of service (crash) via unknown vectors that cause the of_get_property function to fail, which triggers a NULL pointer dereference.
CVE-2008-3137 2 Redhat, Wireshark 2 Enterprise Linux, Wireshark 2026-04-23 N/A
The GSM SMS dissector in Wireshark (formerly Ethereal) 0.99.2 through 1.0.0 allows remote attackers to cause a denial of service (application crash) via unknown vectors.
CVE-2007-2691 4 Canonical, Debian, Mysql and 1 more 5 Ubuntu Linux, Debian Linux, Mysql and 2 more 2026-04-23 N/A
MySQL before 4.1.23, 5.0.x before 5.0.42, and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements, which allows remote authenticated users to rename arbitrary tables.
CVE-2007-4224 2 Kde, Redhat 2 Konqueror, Enterprise Linux 2026-04-23 N/A
KDE Konqueror 3.5.7 allows remote attackers to spoof the URL address bar by calling setInterval with a small interval and changing the window.location property.
CVE-2008-1679 2 Python, Redhat 2 Python, Enterprise Linux 2026-04-23 N/A
Multiple integer overflows in imageop.c in Python before 2.5.3 allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted images that trigger heap-based buffer overflows. NOTE: this issue is due to an incomplete fix for CVE-2007-4965.
CVE-2007-0909 3 Php, Redhat, Trustix 5 Php, Enterprise Linux, Rhel Application Stack and 2 more 2026-04-23 N/A
Multiple format string vulnerabilities in PHP before 5.2.1 might allow attackers to execute arbitrary code via format string specifiers to (1) all of the *print functions on 64-bit systems, and (2) the odbc_result_all function.
CVE-2008-2237 2 Openoffice, Redhat 2 Openoffice.org, Enterprise Linux 2026-04-23 N/A
Heap-based buffer overflow in OpenOffice.org (OOo) 2.x before 2.4.2 allows remote attackers to execute arbitrary code via a crafted WMF file associated with a StarOffice/StarSuite document.
CVE-2007-4569 2 Kde, Redhat 2 Kde, Enterprise Linux 2026-04-23 N/A
backend/session.c in KDM in KDE 3.3.0 through 3.5.7, when autologin is configured and "shutdown with password" is enabled, allows remote attackers to bypass the password requirement and login to arbitrary accounts via unspecified vectors.
CVE-2006-7225 2 Perl, Redhat 2 Pcre, Enterprise Linux 2026-04-23 N/A
Perl-Compatible Regular Expression (PCRE) library before 6.7 allows context-dependent attackers to cause a denial of service (error or crash) via a regular expression that involves a "malformed POSIX character class", as demonstrated via an invalid character after a [[ sequence.
CVE-2007-5500 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-23 N/A
The wait_task_stopped function in the Linux kernel before 2.6.23.8 checks a TASK_TRACED bit instead of an exit_state value, which allows local users to cause a denial of service (machine crash) via unspecified vectors. NOTE: some of these details are obtained from third party information.
CVE-2008-2944 3 Fedoraproject, Linux, Redhat 3 Fedora Core, Linux Kernel, Enterprise Linux 2026-04-23 N/A
Double free vulnerability in the utrace support in the Linux kernel, probably 2.6.18, in Red Hat Enterprise Linux (RHEL) 5 and Fedora Core 6 (FC6) allows local users to cause a denial of service (oops), as demonstrated by a crash when running the GNU GDB testsuite, a different vulnerability than CVE-2008-2365.
CVE-2008-1943 2 Redhat, Xensource 4 Desktop, Enterprise Linux, Virtualization Server and 1 more 2026-04-23 N/A
Buffer overflow in the backend of XenSource Xen Para Virtualized Frame Buffer (PVFB) 3.0 through 3.1.2 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted description of a shared framebuffer.
CVE-2007-4129 2 Fedoraproject, Redhat 2 Coolkey, Enterprise Linux 2026-04-23 N/A
CoolKey 1.1.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files in the /tmp/.pk11ipc1/ directory.
CVE-2008-1722 2 Cups, Redhat 2 Cups, Enterprise Linux 2026-04-23 N/A
Multiple integer overflows in (1) filter/image-png.c and (2) filter/image-zoom.c in CUPS 1.3 allow attackers to cause a denial of service (crash) and trigger memory corruption, as demonstrated via a crafted PNG image.
CVE-2009-3986 2 Mozilla, Redhat 3 Firefox, Seamonkey, Enterprise Linux 2026-04-23 N/A
Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to execute arbitrary JavaScript with chrome privileges by leveraging a reference to a chrome window from a content window, related to the window.opener property.
CVE-2007-4351 2 Cups, Redhat 2 Cups, Enterprise Linux 2026-04-23 N/A
Off-by-one error in the ippReadIO function in cups/ipp.c in CUPS 1.3.3 allows remote attackers to cause a denial of service (crash) via a crafted (1) textWithLanguage or (2) nameWithLanguage Internet Printing Protocol (IPP) tag, leading to a stack-based buffer overflow.
CVE-2009-1386 3 Canonical, Openssl, Redhat 4 Ubuntu Linux, Openssl, Enterprise Linux and 1 more 2026-04-23 N/A
ssl/s3_pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a DTLS ChangeCipherSpec packet that occurs before ClientHello.