Redhat Enterprise_linux_hpc_node_eus
81 CVEs affecting Redhat Enterprise_linux_hpc_node_eus. Latest disclosed: 2017-07-25. Critical: 7, High: 22.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2016-0749 | Critical | 9.8 | 2016-06-09 | The smartcard interaction in SPICE allows remote attackers to cause a denial of service (QEMU-KVM process crash) or possibly execute arbitrary code via vectors… |
CVE-2015-4603 | Critical | 9.8 | 2016-05-16 | The exception::getTraceAsString function in Zend/zend_exceptions.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to… |
CVE-2015-4602 | Critical | 9.8 | 2016-05-16 | The __PHP_Incomplete_Class function in ext/standard/incomplete_class.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attacker… |
CVE-2015-4601 | Critical | 9.8 | 2016-05-16 | PHP before 5.6.7 might allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type… |
CVE-2015-4600 | Critical | 9.8 | 2016-05-16 | The SoapClient implementation in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (applicati… |
CVE-2015-4599 | Critical | 9.8 | 2016-05-16 | The SoapFault::__toString method in ext/soap/soap.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to obtain sensiti… |
CVE-2016-2108 | Critical | 9.8 | 2016-05-05 | The ASN.1 implementation in OpenSSL before 1.0.1o and 1.0.2 before 1.0.2c allows remote attackers to execute arbitrary code or cause a denial of service (buffe… |
CVE-2016-3069 | High | 8.8 | 2016-04-13 | Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted name when converting a Git repository. |
CVE-2016-3068 | High | 8.8 | 2016-04-13 | Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted git ext:: URL when cloning a subrepository. |
CVE-2016-5388 | High | 8.1 | 2016-07-19 | Apache Tomcat 7.x through 7.0.70 and 8.x through 8.5.4, when the CGI Servlet is enabled, follows RFC 3875 section 4.1.18 and therefore does not protect applica… |
CVE-2016-3698 | High | 8.1 | 2016-06-13 | libndp before 1.6, as used in NetworkManager, does not properly validate the origin of Neighbor Discovery Protocol (NDP) messages, which allows remote attacker… |
CVE-2015-7547 | High | 8.1 | 2016-02-18 | Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2… |
CVE-2015-3315 | High | 7.8 | 2017-06-26 | Automatic Bug Reporting Tool (ABRT) allows local users to read, change the ownership of, or have other unspecified impact on arbitrary files via a symlink atta… |
CVE-2016-6325 | High | 7.8 | 2016-10-13 | The Tomcat package on Red Hat Enterprise Linux (RHEL) 5 through 7, JBoss Web Server 3.0, and JBoss EWS 2 uses weak permissions for (1) /etc/sysconfig/tomcat an… |
CVE-2016-4302 | High | 7.8 | 2016-09-21 | Heap-based buffer overflow in the parse_codes function in archive_read_support_format_rar.c in libarchive before 3.2.1 allows remote attackers to execute arbit… |
CVE-2016-4300 | High | 7.8 | 2016-09-21 | Integer overflow in the read_SubStreamsInfo function in archive_read_support_format_7zip.c in libarchive before 3.2.1 allows remote attackers to execute arbitr… |
CVE-2016-0758 | High | 7.8 | 2016-06-27 | Integer overflow in lib/asn1_decoder.c in the Linux kernel before 4.6 allows local users to gain privileges via crafted ASN.1 data. |
CVE-2015-5260 | High | 7.8 | 2016-06-07 | Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possi… |
CVE-2015-5300 | High | 7.5 | 2017-07-21 | The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, whi… |
CVE-2016-5418 | High | 7.5 | 2016-09-21 | The sandboxing code in libarchive 3.2.0 and earlier mishandles hardlink archive entries of non-zero data size, which might allow remote attackers to write to a… |