Enterprise Linux For Arm 64@8.0 Security Vulnerabilities and Issues — Enterprise Linux For Arm 64@8.0 CVE List

Lucene search

RedhatEnterprise Linux For Arm 648.0

10 matches found

CVE•added 2021/09/16 3:15 p.m.•4436 views

CVE-2021-40438

A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.

9CVSS9.5AI score0.94432EPSS

CVE•added 2019/11/01 11:15 p.m.•1251 views

CVE-2019-6470

There had existed in one of the ISC BIND libraries a bug in a function that was used by dhcpd when operating in DHCPv6 mode. There was also a bug in dhcpd relating to the use of this function per its documentation, but the bug in the library function prevented this from causing any harm. All releas...

7.5CVSS6.7AI score0.002EPSS

CVE•added 2023/12/10 6:15 p.m.•969 views

CVE-2023-5869

A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing spe...

8.8CVSS9.2AI score0.01608EPSS

CVE•added 2023/12/10 6:15 p.m.•608 views

CVE-2023-5868

A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes, potential...

4.3CVSS6.8AI score0.02718EPSS

CVE•added 2023/08/23 11:15 a.m.•513 views

CVE-2023-3899

A vulnerability was found in subscription-manager that allows local privilege escalation due to inadequate authorization. The D-Bus interface com.redhat.RHSM1 exposes a significant number of methods to all users that could change the state of the registration. By using the com.redhat.RHSM1.Config.S...

7.8CVSS7.7AI score0.00034EPSS

CVE•added 2023/12/10 6:15 p.m.•468 views

CVE-2023-5870

A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Successful exploitation requires a non-core extension with a less-resilient background worker and would a...

4.4CVSS6.4AI score0.00645EPSS

CVE•added 2023/12/27 4:15 p.m.•183 views

CVE-2023-4641

A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails in cleaning the buffer used to store the first entry. This may allow an attacker with enough access to retrieve the password from t...

5.5CVSS5.8AI score0.00015EPSS

CVE•added 2023/11/01 4:15 p.m.•149 views

CVE-2023-3972

A vulnerability was found in insights-client. This security issue occurs because of insecure file operations or unsafe handling of temporary files and directories that lead to local privilege escalation. Before the insights-client has been registered on the system by root, an unprivileged local use...

7.8CVSS7.6AI score0.00008EPSS

CVE•added 2024/02/12 2:15 p.m.•121 views

CVE-2023-6681

A vulnerability was found in JWCrypto. This flaw allows an attacker to cause a denial of service (DoS) attack and possible password brute-force and dictionary attacks to be more resource-intensive. This issue can result in a large amount of computational consumption, causing a denial of service att...

5.3CVSS5AI score0.00029EPSS

CVE•added 2025/04/03 2:15 p.m.•102 views

CVE-2025-3155

A flaw was found in Yelp. The Gnome user help application allows the help document to execute arbitrary scripts. This vulnerability allows malicious users to input help documents, which may exfiltrate user files to an external environment.

7.4CVSS7.5AI score0.0006EPSS