Redhat Enterprise Linux Server Aus vulnerabilities

1,059 known vulnerabilities affecting redhat/enterprise_linux_server_aus.

Total CVEs

1,059

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL215HIGH359MEDIUM415LOW70

Vulnerabilities

SortPage 34 of 53

CVE-2021-3733MEDIUMCVSS 6.5v8.42022-03-10

CVE-2021-3733 [MEDIUM] CWE-400 CVE-2021-3733: There's a flaw in urllib's AbstractBasicAuthHandler class. An attacker who controls a malicious HTTP There's a flaw in urllib's AbstractBasicAuthHandler class. An attacker who controls a malicious HTTP server that an HTTP client (such as web browser) connects to, could trigger a Regular Expression Denial of Service (ReDOS) during an authentication request with a specially crafted payload that is sent by the server to the client. The greatest threat t

nvd

CVE-2017-10384MEDIUMCVSS 6.5v7.6v7.72017-10-19

CVE-2017-10384 [MEDIUM] CVE-2017-10384: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported v Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.57 and earlier 5.6.37 and earlier 5.7.19 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerabi

nvd

CVE-2018-20662MEDIUMCVSS 6.5v8.2v8.4+1 more2019-01-03

CVE-2018-20662 [MEDIUM] CWE-20 CVE-2018-20662: In Poppler 0.72.0, PDFDoc::setup in PDFDoc.cc allows attackers to cause a denial-of-service (applica In Poppler 0.72.0, PDFDoc::setup in PDFDoc.cc allows attackers to cause a denial-of-service (application crash caused by Object.h SIGABRT, because of a wrong return value from PDFDoc::setup) by crafting a PDF file in which an xref data structure is mishandled during extractPDFSubtype processing.

nvd

CVE-2017-2633MEDIUMCVSS 6.5v7.42018-07-27

CVE-2017-2633 [MEDIUM] CWE-120 CVE-2017-2633: An out-of-bounds memory access issue was found in Quick Emulator (QEMU) before 1.7.2 in the VNC disp An out-of-bounds memory access issue was found in Quick Emulator (QEMU) before 1.7.2 in the VNC display driver. This flaw could occur while refreshing the VNC display surface area in the 'vnc_refresh_server_surface'. A user inside a guest could use this flaw to crash the QEMU process.

nvd

CVE-2015-8896MEDIUMCVSS 6.5v7.2v7.3+3 more2017-03-15

CVE-2015-8896 [MEDIUM] CVE-2015-8896: Integer truncation issue in coders/pict.c in ImageMagick before 7.0.5-0 allows remote attackers to c Integer truncation issue in coders/pict.c in ImageMagick before 7.0.5-0 allows remote attackers to cause a denial of service (application crash) via a crafted .pict file.

nvd

CVE-2014-1523MEDIUMCVSS 6.5v6.52014-04-30

CVE-2014-1523 [MEDIUM] CWE-787 CVE-2014-1523: Heap-based buffer overflow in the read_u32 function in Mozilla Firefox before 29.0, Firefox ESR 24.x Heap-based buffer overflow in the read_u32 function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG image.

nvd

CVE-2013-1552MEDIUMCVSS 6.5v6.42013-04-17

CVE-2013-1552 [MEDIUM] CVE-2013-1552: Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier allows remote au Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.

nvd

CVE-2013-1531MEDIUMCVSS 6.5v6.42013-04-17

CVE-2013-1531 [MEDIUM] CVE-2013-1531: Unspecified vulnerability in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote au Unspecified vulnerability in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Server Privileges.

nvd

CVE-2013-2378MEDIUMCVSS 6.5v6.42013-04-17

CVE-2013-2378 [MEDIUM] CVE-2013-2378: Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, 5.5.29 and earlier, and 5.6.10 and ear Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, 5.5.29 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Information Schema.

nvd

CVE-2013-1521MEDIUMCVSS 6.5v6.42013-04-17

CVE-2013-1521 [MEDIUM] CVE-2013-1521: Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier allows remote au Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Server Locking.

nvd

CVE-2013-2375MEDIUMCVSS 6.5v6.42013-04-17

CVE-2013-2375 [MEDIUM] CVE-2013-2375: Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and ear Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.

nvd

CVE-2019-2695MEDIUMCVSS 6.5v8.2v8.4+1 more2019-04-23

CVE-2019-2695 [MEDIUM] CVE-2019-2695: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Suppo Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized abil

nvd

CVE-2019-2693MEDIUMCVSS 6.5v8.2v8.4+1 more2019-04-23

CVE-2019-2693 [MEDIUM] CVE-2019-2693: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Suppo Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized abil

nvd

CVE-2015-3147MEDIUMCVSS 6.5v7.3v7.4+2 more2020-01-14

CVE-2015-3147 [MEDIUM] CWE-59 CVE-2015-3147: daemon/abrt-handle-upload.in in Automatic Bug Reporting Tool (ABRT), when moving problem reports fro daemon/abrt-handle-upload.in in Automatic Bug Reporting Tool (ABRT), when moving problem reports from /var/spool/abrt-upload, allows local users to write to arbitrary files or possibly have other unspecified impact via a symlink attack on (1) /var/spool/abrt or (2) /var/tmp/abrt.

nvd

CVE-2020-14301MEDIUMCVSS 6.5v8.42021-05-27

CVE-2020-14301 [MEDIUM] CWE-212 CVE-2020-14301: An information disclosure vulnerability was found in libvirt in versions before 6.3.0. HTTP cookies An information disclosure vulnerability was found in libvirt in versions before 6.3.0. HTTP cookies used to access network-based disks were saved in the XML dump of the guest domain. This flaw allows an attacker to access potentially sensitive information in the domain configuration via the `dumpxml` command.

nvd

CVE-2019-2805MEDIUMCVSS 6.5v8.2v8.4+1 more2019-07-23

CVE-2019-2805 [MEDIUM] CVE-2019-2805: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supporte Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerabi

nvd

CVE-2019-3460MEDIUMCVSS 6.5v8.2v8.42019-04-11

CVE-2019-3460 [MEDIUM] CWE-20 CVE-2019-3460: A heap data infoleak in multiple locations including L2CAP_PARSE_CONF_RSP was found in the Linux ker A heap data infoleak in multiple locations including L2CAP_PARSE_CONF_RSP was found in the Linux kernel before 5.1-rc1.

nvd

CVE-2019-3459MEDIUMCVSS 6.5v8.2v8.42019-04-11

CVE-2019-3459 [MEDIUM] CWE-125 CVE-2019-3459: A heap address information leak while using L2CAP_GET_CONF_OPT was discovered in the Linux kernel be A heap address information leak while using L2CAP_GET_CONF_OPT was discovered in the Linux kernel before 5.1-rc1.

nvd

CVE-2025-2784MEDIUMCVSS 6.5v8.2v8.4+4 more2025-04-03

CVE-2025-2784 [MEDIUM] CWE-125 CVE-2025-2784: A flaw was found in libsoup. The package is vulnerable to a heap buffer over-read when sniffing cont A flaw was found in libsoup. The package is vulnerable to a heap buffer over-read when sniffing content via the skip_insight_whitespace() function. Libsoup clients may read one byte out-of-bounds in response to a crafted HTTP response by an HTTP server.

nvd

CVE-2017-3453MEDIUMCVSS 6.5v7.6v7.72017-04-24

CVE-2017-3453 [MEDIUM] CVE-2017-3453: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Suppo Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of thi

nvd

← Previous34 / 53Next →