Skip to main content

Enterprise Linux Server From Rhui

3 CVEs product

Monthly

CVE-2015-3214 MEDIUM POC PATCH This Month

The pit_ioport_read in i8254.c in the Linux kernel before 2.6.33 and QEMU before 2.3.1 does not distinguish between read lengths and write lengths, which might allow guest OS users to execute. Rated medium severity (CVSS 6.9). Public exploit code available.

RCE Linux Buffer Overflow Qemu Linux Kernel +17
NVD GitHub Exploit-DB
CVSS 2.0
6.9
EPSS
1.6%
CVE-2015-5165 CRITICAL PATCH Act Now

The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 13.2%.

Information Disclosure Xen Fedora Linux Enterprise Debuginfo Linux Enterprise Server +20
NVD
CVSS 2.0
9.3
EPSS
13.2%
CVE-2012-1717 LOW PATCH Monitor

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity.

Java Oracle Information Disclosure Jre Jdk +15
NVD
CVSS 2.0
2.1
EPSS
0.1%
EPSS 2% CVSS 6.9
MEDIUM POC PATCH This Month

The pit_ioport_read in i8254.c in the Linux kernel before 2.6.33 and QEMU before 2.3.1 does not distinguish between read lengths and write lengths, which might allow guest OS users to execute. Rated medium severity (CVSS 6.9). Public exploit code available.

RCE Linux Buffer Overflow +19
NVD GitHub Exploit-DB
EPSS 13% CVSS 9.3
CRITICAL PATCH Act Now

The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 13.2%.

Information Disclosure Xen Fedora +22
NVD
EPSS 0% CVSS 2.1
LOW PATCH Monitor

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity.

Java Oracle Information Disclosure +17
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy