Lucene search

K
RedhatEnterprise Linux Aus8.4

7 matches found

CVE
CVE
added 2019/06/14 2:29 p.m.413 views

CVE-2019-10126

A flaw was found in the Linux kernel. A heap based buffer overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c might lead to memory corruption and possibly other consequences.

9.8CVSS9.8AI score0.00873EPSS
CVE
CVE
added 2024/02/09 7:16 a.m.343 views

CVE-2024-0229

An out-of-bounds memory access flaw was found in the X.Org server. This issue can be triggered when a device frozen by a sync grab is reattached to a different master device. This issue may lead to an application crash, local privilege escalation (if the server runs with extended privileges), or re...

7.8CVSS8.2AI score0.00406EPSS
CVE
CVE
added 2023/03/27 9:15 p.m.300 views

CVE-2023-0494

A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege elevation on systems where the X server runs pri...

7.8CVSS7.9AI score0.00588EPSS
CVE
CVE
added 2021/07/09 11:15 a.m.231 views

CVE-2021-3570

A flaw was found in the ptp4l program of the linuxptp package. A missing length check when forwarding a PTP message between ports allows a remote attacker to cause an information leak, crash, or potentially remote code execution. The highest threat from this vulnerability is to data confidentiality...

8.8CVSS8.5AI score0.01229EPSS
CVE
CVE
added 2019/04/18 6:29 p.m.167 views

CVE-2018-16878

A flaw was found in pacemaker up to and including version 2.0.1. An insufficient verification inflicted preference of uncontrolled processes can lead to DoS

6.2CVSS6.1AI score0.00031EPSS
CVE
CVE
added 2020/09/11 5:15 p.m.167 views

CVE-2020-1045

A security feature bypass vulnerability exists in the way Microsoft ASP.NET Core parses encoded cookie names.The ASP.NET Core cookie parser decodes entire cookie strings which could allow a malicious attacker to set a second cookie with the name being percent encoded.The security update addresses t...

7.5CVSS7.3AI score0.17328EPSS
CVE
CVE
added 2024/06/12 9:15 a.m.86 views

CVE-2024-3183

A vulnerability was found in FreeIPA in a way when a Kerberos TGS-REQ is encrypted using the client’s session key. This key is different for each new session, which protects it from brute force attacks. However, the ticket it contains is encrypted using the target principal key directly. For user p...

8.1CVSS7.8AI score0.18586EPSS