厂商或团体 redhat 的搜索结果 (1563)

CVE-2015-3149(发布:2017-07-25 14:29:00)NMCP
CVSS2.1

[CNNVD]Oracle OpenJDK 不安全临时文件处理漏洞--Oracle OpenJDK是美国甲骨文(Oracle)公司的一个Java平台的开源参考实现,它包含有Java SE、Java语言、JDK和JRE。 Oracle OpenJDK中存在不安全临时文件处理漏洞。攻击者可利用该漏洞实施符号链接攻击,覆盖受影响应用程序上下文中的任意文件...

CVE-2015-3198(发布:2017-07-21 10:29:00)NM
CVSS5.0

[原文]The Undertow module of WildFly 9.x before 9.0.0.CR2 and 10.x before 10.0.0.Alpha1 allows remote attackers to obtain the source code of a JSP page via a "/" at the end of a URL.

CVE-2015-5194(发布:2017-07-21 10:29:00)NMPS
CVSS5.0

[原文]The log_config_command function in ntp_parser.y in ntpd in NTP before 4.2.7p42 allows remote attackers to cause a denial of service (ntpd crash) via crafted logconfig commands.

CVE-2015-5195(发布:2017-07-21 10:29:00)NMPS
CVSS5.0

[原文]ntp_openssl.m4 in ntpd in NTP before 4.2.7p112 allows remote attackers to cause a denial of service (segmentation fault) via a crafted statistics or filegen configuration command that is not enabled during compilation.

CVE-2015-5219(发布:2017-07-21 10:29:00)NMPS
CVSS5.0

[原文]The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a crafted NTP packet.

CVE-2015-5300(发布:2017-07-21 10:29:00)NMPS
CVSS5.0

[原文]The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, which allows remote attackers to set NTP to an arbitrary time when started with the -g option, or to alter the time by up to 900 seconds otherwise by responding to an unspecified number of requests from trusted sources, and leveraging a resulting denial of service (abort and restart).

12345678下一页尾页 第1页 / 共261页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站