Lucene search
K
RedhatRecent

114788 matches found

RedHat Linux
RedHat Linux
•added 2 days ago•3 views

mariadb: Arbitrary code execution via improper parameter validation during SST

A flaw was found in MariaDB server. During the State Snapshot Transfer SST process, a malicious joiner node could exploit improper parameter validation on the donor node. This vulnerability, specifically within the rsync SST method, allows the malicious joiner to execute arbitrary shell commands ...

9.1CVSS6.1AI score0.00694EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2 days ago•3 views

mariadb: MariaDB server: SQL injection vulnerability via improper handling of big5 character set with mysql_real_escape_string()

A flaw was found in MariaDB server. An application processing non-validated user input, which then uses mysqlrealescapestring and sends data to the database via text protocol with the big5 character set, is vulnerable to SQL injection. This allows a remote attacker to execute malicious SQL...

9.8CVSS5.9AI score0.00319EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2 days ago•4 views

mariadb: mbstream: Unauthorized file creation via path traversal

A flaw was found in MariaDB's mbstream utility. This vulnerability allows a highly privileged local attacker, who can provide a specially crafted archive, to create files outside of the intended target directory. This is due to mbstream not properly validating paths containing directory traversal...

7.8CVSS5.7AI score0.00135EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2 days ago•4 views

mariadb: MariaDB: Privilege bypass allows unauthorized file write via subqueries

A flaw was found in MariaDB server. This vulnerability allows a low-privileged authenticated user to bypass a security control that normally restricts file operations. Specifically, the system failed to verify the necessary 'FILE' privilege when certain 'SELECT' statements, which write data to...

8.1CVSS5.8AI score0.00276EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2 days ago•3 views

mariadb: Arbitrary shell command execution via improper sanitization in CONNECT engine

A flaw was found in MariaDB server. When the CONNECT engine is installed and REST support is enabled on Windows, a user can exploit improper sanitization of the table HTTP attribute. This attribute is interpolated into the curl command line, allowing for arbitrary shell command execution on the...

9.9CVSS6.1AI score0.00554EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2 days ago•4 views

mariadb: MariaDB server: Information disclosure of stored routine definitions due to insufficient privilege check

A flaw was found in MariaDB server. A user who has been granted EXECUTE access to a stored routine through a role can view the definition of that routine. This information disclosure occurs even if the user does not possess the SHOW CREATE ROUTINE privilege, potentially exposing sensitive routine...

4.3CVSS5.7AI score0.00161EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2 days ago•4 views

mariadb: Arbitrary code execution via global system variable manipulation by a high-privileged user

A flaw was found in MariaDB server. A high-privileged MariaDB user could exploit this vulnerability by manipulating specific global system variables, namely wsrepsstreceiveaddress or wsrepsstdonor. This manipulation could allow the user to execute arbitrary shell commands as the user ID of the...

9.1CVSS6.2AI score0.00666EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2 days ago•4 views

mariadb: Arbitrary Code Execution via improper parameter validation during State Snapshot Transfer

A flaw was found in MariaDB. During a State Snapshot Transfer SST, the donor node improperly validates parameters sent by a joiner node. This vulnerability allows a malicious joiner to execute arbitrary shell commands on the donor server through the mariabackup SST method. This could lead to a...

8CVSS6.1AI score0.00469EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2 days ago•6 views

mariadb: MariaDB Server: Arbitrary code execution via wsrep_notify_cmd

A flaw was found in MariaDB server. When the wsrepnotifycmd feature is enabled, a remote attacker could exploit this vulnerability by embedding shell commands in the name of a joiner node. This could lead to arbitrary code execution on the server, allowing the attacker to take full control of the...

10CVSS6.5AI score0.00998EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2 days ago•7 views

Important: Red Hat Security Advisory: mariadb:11.8 security, bug fix, and enhancement update

An update for the mariadb:11.8 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

10CVSS6.3AI score0.00998EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2 days ago•8 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.20.27 bug fix and security update

Red Hat OpenShift Container Platform release 4.20.27 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.20. Red Hat Product Security has rated this update as having a...

8.7CVSS5.8AI score0.01041EPSS
Exploits1References3
RedHat Linux
RedHat Linux
•added 2 days ago•7 views

Important: Red Hat Security Advisory: ruby security update

An update for ruby is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

8.1CVSS6.3AI score0.01131EPSS
Exploits0References2
RedHat Linux
RedHat Linux
•added 2 days ago•6 views

erb: ERB: Arbitrary code execution via deserialization bypass

A flaw was found in ERB, a templating system for Ruby. An attacker who can trigger deserialization of untrusted data in a Ruby application can bypass existing protections. This vulnerability allows for arbitrary code execution by exploiting specific public methods that evaluate template source...

8.1CVSS6.4AI score0.01131EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2 days ago•4 views

kernel: net: skbuff: propagate shared-frag marker through frag-transfer helpers

A flaw was found in the Linux kernel's networking skbuff component. When skbtrycoalesce attaches paged fragments, it can lose the SKBFLSHAREDFRAG marker. This can lead to the Encapsulating Security Payload ESP input decrypting data in place over page-cache backed fragments, potentially resulting ...

8.8CVSS6.4AI score0.0013EPSS
Exploits7References6
RedHat Linux
RedHat Linux
•added 2 days ago•7 views

kernel: "Fragnesia" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel

A flaw was found in the Linux kernel's XFRM ESP-in-TCP subsystem. Unsafe in-place cryptographic processing allows a low-privileged local attacker to write arbitrary bytes into the page cache of read-only files, including sensitive system files. An attacker can exploit this to overwrite privileged...

7.8CVSS7.4AI score0.03663EPSS
Exploits11References5
RedHat Linux
RedHat Linux
•added 2 days ago•4 views

kernel: Linux kernel: smb: client: reject userspace cifs.spnego descriptions

A privilege escalation vulnerability was found in the Linux kernel's CIFS client implementation. This could allow a local attacker to impersonate other users, bypass authentication in SMB mount operations, and potentially gain unauthorized access to network file shares or escalate privileges...

7.8CVSS6.7AI score0.00353EPSS
Exploits4References7
RedHat Linux
RedHat Linux
•added 2 days ago•4 views

kernel: Read root-owned files as an unprivileged user

A vulnerability was found in the Linux kernel that allows an unprivileged local user to read sensitive files normally restricted to the root user. The flaw occurs during process exit, where a brief window allows an attacker to intercept file access from a privileged process before it fully...

7.8CVSS6.4AI score0.0138EPSS
Exploits6References7
RedHat Linux
RedHat Linux
•added 2 days ago•4 views

kernel: "Dirty Frag" ESP XFRM variant is a new universal Local Privilege Escalation (LPE) vulnerability in the Linux kernel

A flaw was found in the Linux kernel's xfrm-ESP and RxRPC subsystems. Unsafe in-place cryptographic processing of shared socket buffer fragments allows a low-privileged local attacker to corrupt page-cache contents of readable files, including sensitive system files, and gain root privileges. The...

8.8CVSS7.1AI score0.93235EPSS
Exploits31References6
RedHat Linux
RedHat Linux
•added 2 days ago•4 views

kernel: ip6_tunnel: clear skb2->cb[] in ip4ip6_err()

A flaw was found in the Linux kernel's IPv6 tunnel implementation. A remote attacker could exploit this flaw by sending malicious ICMPv6 error messages to cause a stack-based buffer overflow in the kernel's IPv4-over-IPv6 tunnel error handling code. This could result in a kernel crash denial of...

9.8CVSS7AI score0.00563EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2 days ago•4 views

kernel: crypto: algif_aead - Revert to operating out-of-place

A flaw was found in the Linux kernel's algifaead cryptographic algorithm interface. An incorrect in-place operation causes source and destination data mappings to differ during cryptographic processing. A low-privileged local attacker can exploit this flaw to corrupt the contents of sensitive...

7.8CVSS7.3AI score0.96775EPSS
Exploits228References14
RedHat Linux
RedHat Linux
•added 2 days ago•6 views

Critical: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux for NVIDIA. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

9.8CVSS6.9AI score0.96775EPSS
Exploits280References33
RedHat Linux
RedHat Linux
•added 2 days ago•4 views

mariadb: MariaDB Server: Arbitrary code execution via wsrep_notify_cmd

A flaw was found in MariaDB server. When the wsrepnotifycmd feature is enabled, a remote attacker could exploit this vulnerability by embedding shell commands in the name of a joiner node. This could lead to arbitrary code execution on the server, allowing the attacker to take full control of the...

10CVSS6.5AI score0.00998EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2 days ago•4 views

mariadb: Arbitrary shell command execution via improper sanitization in CONNECT engine

A flaw was found in MariaDB server. When the CONNECT engine is installed and REST support is enabled on Windows, a user can exploit improper sanitization of the table HTTP attribute. This attribute is interpolated into the curl command line, allowing for arbitrary shell command execution on the...

9.9CVSS6.1AI score0.00554EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2 days ago•3 views

mariadb: MariaDB server: Information disclosure of stored routine definitions due to insufficient privilege check

A flaw was found in MariaDB server. A user who has been granted EXECUTE access to a stored routine through a role can view the definition of that routine. This information disclosure occurs even if the user does not possess the SHOW CREATE ROUTINE privilege, potentially exposing sensitive routine...

4.3CVSS5.7AI score0.00161EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2 days ago•3 views

mariadb: Arbitrary Code Execution via improper parameter validation during State Snapshot Transfer

A flaw was found in MariaDB. During a State Snapshot Transfer SST, the donor node improperly validates parameters sent by a joiner node. This vulnerability allows a malicious joiner to execute arbitrary shell commands on the donor server through the mariabackup SST method. This could lead to a...

8CVSS6.1AI score0.00469EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2 days ago•4 views

mariadb: Arbitrary code execution via improper parameter validation during SST

A flaw was found in MariaDB server. During the State Snapshot Transfer SST process, a malicious joiner node could exploit improper parameter validation on the donor node. This vulnerability, specifically within the rsync SST method, allows the malicious joiner to execute arbitrary shell commands ...

9.1CVSS6.1AI score0.00694EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2 days ago•2 views

mariadb: MariaDB server: SQL injection vulnerability via improper handling of big5 character set with mysql_real_escape_string()

A flaw was found in MariaDB server. An application processing non-validated user input, which then uses mysqlrealescapestring and sends data to the database via text protocol with the big5 character set, is vulnerable to SQL injection. This allows a remote attacker to execute malicious SQL...

9.8CVSS5.9AI score0.00319EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2 days ago•4 views

mariadb: mbstream: Unauthorized file creation via path traversal

A flaw was found in MariaDB's mbstream utility. This vulnerability allows a highly privileged local attacker, who can provide a specially crafted archive, to create files outside of the intended target directory. This is due to mbstream not properly validating paths containing directory traversal...

7.8CVSS5.7AI score0.00135EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2 days ago•4 views

mariadb: MariaDB: Privilege bypass allows unauthorized file write via subqueries

A flaw was found in MariaDB server. This vulnerability allows a low-privileged authenticated user to bypass a security control that normally restricts file operations. Specifically, the system failed to verify the necessary 'FILE' privilege when certain 'SELECT' statements, which write data to...

8.1CVSS5.8AI score0.00276EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2 days ago•3 views

mariadb: Arbitrary code execution via global system variable manipulation by a high-privileged user

A flaw was found in MariaDB server. A high-privileged MariaDB user could exploit this vulnerability by manipulating specific global system variables, namely wsrepsstreceiveaddress or wsrepsstdonor. This manipulation could allow the user to execute arbitrary shell commands as the user ID of the...

9.1CVSS6.2AI score0.00666EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2 days ago•10 views

Important: Red Hat Security Advisory: mariadb:10.11 security, bug fix, and enhancement update

An update for the mariadb:10.11 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

10CVSS6.3AI score0.00998EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2 days ago•4 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.22.3 security and extras update

Red Hat OpenShift Container Platform release 4.22.3 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.22. Red Hat Product Security has rated this update as having a security impact of...

7.5CVSS5.8AI score0.00457EPSS
Exploits0References2
RedHat Linux
RedHat Linux
•added 2 days ago•4 views

php: NULL pointer dereference in SOAP apache:Map decoder with missing <value>

A flaw was found in PHP. When a PHP SOAP server has a typemap configured, the apache:Map decoding process checks the incorrect variable in case of a missing value element. This incorrect check leads to a NULL pointer dereference and allows a remote unauthenticated attacker to crash the PHP SOAP...

7.5CVSS5.8AI score0.0076EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2 days ago•4 views

PHP: PHP-FPM: PHP-FPM: Cross-Site Scripting vulnerability via improper URL sanitation

A flaw was found in PHP, specifically within the PHP-FPM status page. Due to improper sanitation of user data, a remote attacker can craft a malicious URL. When a user views the PHP-FPM status page with this crafted URL, it can lead to the execution of arbitrary JavaScript code Cross-Site Scripti...

8.8CVSS6.2AI score0.0021EPSS
Exploits1References5
RedHat Linux
RedHat Linux
•added 2 days ago•4 views

php: signed integer overflow in metaphone()

A flaw was found in PHP. The metaphone function in ext/standard/metaphone.c uses a signed int variable to track the current position within the input string. When an input string is longer than 2,147,483,647 bytes, a signed integer overflow can occur, leading to undefined behavior and an...

7.5CVSS5.8AI score0.00443EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2 days ago•4 views

PHP: PHP SoapServer: Memory corruption and information disclosure via incorrect persistence handling

A flaw was found in the PHP SoapServer component. When the server is configured to maintain session persistence, an error during a SOAP request can cause the system to incorrectly manage memory. This can lead to a "use-after-free" vulnerability, where the system attempts to use memory that has...

9.8CVSS7.2AI score0.00302EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2 days ago•4 views

php: NULL pointer dereference in php_mb_check_encoding() via mb_ereg_search_init()

A flaw was found in PHP. When an attacker input can influence the encoding passed to mbregexencoding and the application subsequently uses mbregex search APIs, a NULL pointer dereference can occur due to a mismatch between the Oniguruma and mbfl encoding support. This issue can cause a crash in t...

6.5CVSS6.5AI score0.00202EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2 days ago•4 views

PHP: PHP: Denial of Service via improper handling of signed characters in ctype functions

A flaw was found in PHP. Some functions, including urldecode, incorrectly pass signed characters to character type ctype functions. On certain systems, this can lead to accessing memory with a negative offset. This vulnerability can be exploited by an attacker to trigger a denial of service DoS,...

7.5CVSS7AI score0.00337EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2 days ago•4 views

php: php-soap: php-src: PHP SOAP extension: Remote Code Execution via use-after-free vulnerability

A flaw was found in PHP's SOAP extension. This vulnerability allows a remote attacker to execute arbitrary code on the affected system. The issue stems from a use-after-free error in the object deduplication mechanism, which can be triggered by sending a specially crafted SOAP request. This allow...

9.8CVSS7.8AI score0.00686EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2 days ago•5 views

Important: Red Hat Security Advisory: php security update

An update for php is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

9.8CVSS7.1AI score0.0076EPSS
Exploits1References9
RedHat Linux
RedHat Linux
•added 2 days ago•11 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.21.22 bug fix and security update

Red Hat OpenShift Container Platform release 4.21.22 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.21. Red Hat Product Security has rated this update as having a...

9.8CVSS6AI score0.02501EPSS
Exploits9References3
RedHat Linux
RedHat Linux
•added 2 days ago•6 views

erb: ERB: Arbitrary code execution via deserialization bypass

A flaw was found in ERB, a templating system for Ruby. An attacker who can trigger deserialization of untrusted data in a Ruby application can bypass existing protections. This vulnerability allows for arbitrary code execution by exploiting specific public methods that evaluate template source...

8.1CVSS6.4AI score0.01131EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2 days ago•11 views

ruby/net-imap: ruby: Net::IMAP: IMAP Command Injection via Symbol Arguments

A flaw was found in Net::IMAP, a Ruby library that provides Internet Message Access Protocol IMAP client functionality. This vulnerability allows a remote attacker to inject arbitrary IMAP commands. This is achieved by passing specially crafted symbol arguments to IMAP commands. Successful...

7.1CVSS6AI score0.00685EPSS
Exploits0References8
RedHat Linux
RedHat Linux
•added 2 days ago•9 views

net-imap: ruby: Net::IMAP: Information disclosure via man-in-the-middle attack bypassing TLS

A flaw was found in the Ruby net-imap library. When upgrading a cleartext IMAP connection to TLS using the Net::IMAPstarttls method, the library improperly handles certain responses received during STARTTLS negotiation. A man-in-the-middle MITM attacker can inject a predicted tagged OK response...

7.6CVSS5.7AI score0.00312EPSS
Exploits0References12
RedHat Linux
RedHat Linux
•added 2 days ago•7 views

Important: Red Hat Security Advisory: ruby security update

An update for ruby is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

8.1CVSS6.3AI score0.01131EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2 days ago•4 views

giflib: giflib: Denial of Service via buffer overflow in EGifGCBToExtension

A flaw was found in giflib. A remote attacker can exploit a buffer overflow vulnerability in the EGifGCBToExtension function by providing a specially crafted Graphics Control Extension GCE block. This allows overwriting an existing GCE block without proper size validation, leading to a denial of...

8.2CVSS6.1AI score0.00488EPSS
Exploits1References5
RedHat Linux
RedHat Linux
•added 2 days ago•5 views

Important: Red Hat Security Advisory: giflib security update

An update for giflib is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring Syst...

8.2CVSS6AI score0.00488EPSS
Exploits1References2
RedHat Linux
RedHat Linux
•added 2 days ago•4 views

giflib: giflib: Denial of Service via buffer overflow in EGifGCBToExtension

A flaw was found in giflib. A remote attacker can exploit a buffer overflow vulnerability in the EGifGCBToExtension function by providing a specially crafted Graphics Control Extension GCE block. This allows overwriting an existing GCE block without proper size validation, leading to a denial of...

8.2CVSS6.1AI score0.00488EPSS
Exploits1References5
RedHat Linux
RedHat Linux
•added 2 days ago•3 views

Important: Red Hat Security Advisory: giflib security update

An update for giflib is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

8.2CVSS6AI score0.00488EPSS
Exploits1References2
RedHat Linux
RedHat Linux
•added 2 days ago•4 views

vim: command injection when decompressing .tgz archives

A flaw was found in Vim. When decompressing .tgz archives, the Vimuntar function builds shell commands using shellescape without the special flag. This allows a specially crafted archive filename to trigger Vim cmdline-special expansion and execute arbitrary commands in the context of the current...

7CVSS6AI score0.00552EPSS
Exploits0References7
Total number of security vulnerabilities114788