Vulnerabilities (CVE)

Filtered by vendor Redhat Subscribe
Filtered by product Enterprise Linux
Total 2166 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2011-2717 2 Linux, Redhat 2 Dhcp6c, Enterprise Linux 2026-06-16 10.0 HIGH 9.8 CRITICAL
The DHCPv6 client (dhcp6c) as used in the dhcpv6 project through 2011-07-25 allows remote DHCP servers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message.
CVE-2011-2699 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Enterprise Mrg 2026-06-16 7.8 HIGH 7.5 HIGH
The IPv6 implementation in the Linux kernel before 3.1 does not generate Fragment Identification values separately for each destination, which makes it easier for remote attackers to cause a denial of service (disrupted networking) by predicting these values and sending crafted packets.
CVE-2011-2693 1 Redhat 1 Enterprise Linux 2026-06-16 1.9 LOW N/A
The perf subsystem in the kernel package 2.6.32-122.el6.x86_64 in Red Hat Enterprise Linux (RHEL) 6 does not properly handle NMIs, which might allow local users to cause a denial of service (excessive log messages) via unspecified vectors.
CVE-2011-2525 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-06-16 7.2 HIGH 7.8 HIGH
The qdisc_notify function in net/sched/sch_api.c in the Linux kernel before 2.6.35 does not prevent tc_fill_qdisc function calls referencing builtin (aka CQ_F_BUILTIN) Qdisc structures, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via a crafted call.
CVE-2011-2517 2 Linux, Redhat 5 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 2 more 2026-06-16 7.2 HIGH N/A
Multiple buffer overflows in net/wireless/nl80211.c in the Linux kernel before 2.6.39.2 allow local users to gain privileges by leveraging the CAP_NET_ADMIN capability during scan operations with a long SSID value.
CVE-2011-2207 3 Debian, Gnupg, Redhat 3 Debian Linux, Gnupg, Enterprise Linux 2026-06-16 5.0 MEDIUM 5.3 MEDIUM
dirmngr before 2.1.0 improperly handles certain system calls, which allows remote attackers to cause a denial of service (DOS) via a specially-crafted certificate.
CVE-2011-2189 4 Canonical, Debian, Linux and 1 more 5 Ubuntu Linux, Debian Linux, Linux Kernel and 2 more 2026-06-16 7.8 HIGH 7.5 HIGH
net/core/net_namespace.c in the Linux kernel 2.6.32 and earlier does not properly handle a high rate of creation and cleanup of network namespaces, which makes it easier for remote attackers to cause a denial of service (memory consumption) via requests to a daemon that requires a separate namespace per connection, as demonstrated by vsftpd.
CVE-2011-2022 2 Linux, Redhat 7 Linux Kernel, Enterprise Linux, Enterprise Linux Aus and 4 more 2026-06-16 6.9 MEDIUM N/A
The agp_generic_remove_memory function in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 does not validate a certain start parameter, which allows local users to gain privileges or cause a denial of service (system crash) via a crafted AGPIOC_UNBIND agp_ioctl ioctl call, a different vulnerability than CVE-2011-1745.
CVE-2011-1773 2 Matthew Booth, Redhat 2 Virt-v2v, Enterprise Linux 2026-06-16 4.4 MEDIUM N/A
virt-v2v before 0.8.4 does not preserve the VNC console password when converting a guest, which allows local users to bypass the intended VNC authentication by connecting without a password.
CVE-2011-1746 2 Linux, Redhat 7 Linux Kernel, Enterprise Linux, Enterprise Linux Aus and 4 more 2026-06-16 6.9 MEDIUM N/A
Multiple integer overflows in the (1) agp_allocate_memory and (2) agp_create_user_memory functions in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 allow local users to trigger buffer overflows, and consequently cause a denial of service (system crash) or possibly have unspecified other impact, via vectors related to calls that specify a large number of memory pages.
CVE-2011-1745 2 Linux, Redhat 7 Linux Kernel, Enterprise Linux, Enterprise Linux Aus and 4 more 2026-06-16 6.9 MEDIUM N/A
Integer overflow in the agp_generic_insert_memory function in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 allows local users to gain privileges or cause a denial of service (system crash) via a crafted AGPIOC_BIND agp_ioctl ioctl call.
CVE-2011-1593 3 Canonical, Linux, Redhat 8 Ubuntu Linux, Linux Kernel, Enterprise Linux and 5 more 2026-06-16 4.9 MEDIUM N/A
Multiple integer overflows in the next_pidmap function in kernel/pid.c in the Linux kernel before 2.6.38.4 allow local users to cause a denial of service (system crash) via a crafted (1) getdents or (2) readdir system call.
CVE-2011-1576 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Enterprise Virtualization Hypervisor 2026-06-16 5.7 MEDIUM N/A
The Generic Receive Offload (GRO) implementation in the Linux kernel 2.6.18 on Red Hat Enterprise Linux 5 and 2.6.32 on Red Hat Enterprise Linux 6, as used in Red Hat Enterprise Virtualization (RHEV) Hypervisor and other products, allows remote attackers to cause a denial of service via crafted VLAN packets that are processed by the napi_reuse_skb function, leading to (1) a memory leak or (2) memory corruption, a different vulnerability than CVE-2011-1478.
CVE-2011-1182 2 Linux, Redhat 7 Linux Kernel, Enterprise Linux, Enterprise Linux Aus and 4 more 2026-06-16 3.6 LOW N/A
kernel/signal.c in the Linux kernel before 2.6.39 allows local users to spoof the uid and pid of a signal sender via a sigqueueinfo system call.
CVE-2011-1145 4 Debian, Opensuse, Redhat and 1 more 4 Debian Linux, Opensuse, Enterprise Linux and 1 more 2026-06-16 4.6 MEDIUM 7.8 HIGH
The SQLDriverConnect() function in unixODBC before 2.2.14p2 have a possible buffer overflow condition when specifying a large value for SAVEFILE parameter in the connection string.
CVE-2011-1011 1 Redhat 3 Enterprise Linux, Fedora, Policycoreutils 2026-06-16 6.9 MEDIUM N/A
The seunshare_mount function in sandbox/seunshare.c in seunshare in certain Red Hat packages of policycoreutils 2.0.83 and earlier in Red Hat Enterprise Linux (RHEL) 6 and earlier, and Fedora 14 and earlier, mounts a new directory on top of /tmp without assigning root ownership and the sticky bit to this new directory, which allows local users to replace or delete arbitrary /tmp files, and consequently cause a denial of service or possibly gain privileges, by running a setuid application that relies on /tmp, as demonstrated by the ksu application.
CVE-2011-1002 5 Avahi, Canonical, Debian and 2 more 5 Avahi, Ubuntu Linux, Debian Linux and 2 more 2026-06-16 5.0 MEDIUM N/A
avahi-core/socket.c in avahi-daemon in Avahi before 0.6.29 allows remote attackers to cause a denial of service (infinite loop) via an empty mDNS (1) IPv4 or (2) IPv6 UDP packet to port 5353. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-2244.
CVE-2011-0714 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-06-16 5.7 MEDIUM N/A
Use-after-free vulnerability in a certain Red Hat patch for the RPC server sockets functionality in the Linux kernel 2.6.32 on Red Hat Enterprise Linux (RHEL) 6 might allow remote attackers to cause a denial of service (crash) via malformed data in a packet, related to lockd and the svc_xprt_received function.
CVE-2011-0536 2 Gnu, Redhat 2 Glibc, Enterprise Linux 2026-06-16 6.9 MEDIUM N/A
Multiple untrusted search path vulnerabilities in elf/dl-object.c in certain modified versions of the GNU C Library (aka glibc or libc6), including glibc-2.5-49.el5_5.6 and glibc-2.12-1.7.el6_0.3 in Red Hat Enterprise Linux, allow local users to gain privileges via a crafted dynamic shared object (DSO) in a subdirectory of the current working directory during execution of a (1) setuid or (2) setgid program that has $ORIGIN in (a) RPATH or (b) RUNPATH within the program itself or a referenced library. NOTE: this issue exists because of an incorrect fix for CVE-2010-3847.
CVE-2010-5325 3 Linuxfoundation, Oracle, Redhat 8 Foomatic-filters, Linux, Enterprise Linux and 5 more 2026-06-16 7.5 HIGH 9.8 CRITICAL
Heap-based buffer overflow in the unhtmlify function in foomatic-rip in foomatic-filters before 4.0.6 allows remote attackers to cause a denial of service (memory corruption and crash) or possibly execute arbitrary code via a long job title.