Enterprise Linux For Power Little Endian Eus@9.2 ppc64le Security Vulnerabilities and Issues — Enterprise Linux For Power Little Endian Eus@9.2 ppc64le CVE List

Lucene search

RedhatEnterprise Linux For Power Little Endian Eus9.2 ppc64le

23 matches found

CVE•added 2023/10/03 6:15 p.m.•1171 views

CVE-2023-4911

A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code...

7.8CVSS8.2AI score0.74608EPSS

CVE•added 2023/12/10 6:15 p.m.•969 views

CVE-2023-5869

A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing spe...

8.8CVSS9.2AI score0.01608EPSS

CVE•added 2023/09/18 5:15 p.m.•746 views

CVE-2023-4527

A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data,...

6.5CVSS7.2AI score0.00105EPSS

CVE•added 2023/12/10 6:15 p.m.•608 views

CVE-2023-5868

A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes, potential...

4.3CVSS6.8AI score0.02718EPSS

CVE•added 2023/09/18 5:15 p.m.•573 views

CVE-2023-4806

A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the nss _gethostbyname2_r and nss _getcanonname_r hooks without implementing...

5.9CVSS6.8AI score0.01106EPSS

CVE•added 2023/09/12 10:15 p.m.•523 views

CVE-2023-4813

A flaw was found in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with SUCCESS=continue ...

5.9CVSS6.9AI score0.00304EPSS

CVE•added 2023/12/10 6:15 p.m.•468 views

CVE-2023-5870

A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Successful exploitation requires a non-core extension with a less-resilient background worker and would a...

4.4CVSS6.4AI score0.00645EPSS

CVE•added 2023/09/27 3:19 p.m.•291 views

CVE-2023-5157

A vulnerability was found in MariaDB. An OpenVAS port scan on ports 3306 and 4567 allows a malicious remote client to cause a denial of service.

7.5CVSS7.2AI score0.00204EPSS

CVE•added 2024/10/09 3:15 p.m.•247 views

CVE-2024-9675

A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a RUN instruction in a Container file to mount an arbitrary directory from the host (read/write) into the container as long as those files can...

7.8CVSS4.8AI score0.0008EPSS

CVE•added 2024/02/07 9:15 p.m.•237 views

CVE-2023-6535

A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service.

7.5CVSS6.9AI score0.00035EPSS

CVE•added 2024/02/07 9:15 p.m.•227 views

CVE-2023-6536

7.5CVSS6.9AI score0.00029EPSS

CVE•added 2023/10/23 10:15 p.m.•221 views

CVE-2023-5633

The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. When running inside a VMware guest with 3D acceleration enabled, a local, unprivileged user coul...

7.8CVSS6.8AI score0.00015EPSS

CVE•added 2024/02/07 9:15 p.m.•215 views

CVE-2023-6356

7.5CVSS7AI score0.00031EPSS

CVE•added 2024/04/16 8:15 p.m.•190 views

CVE-2022-24805

net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a buffer overflow in the handling of the INDEX of NET-SNMP-VACM-MIB can cause an out-of-bounds memory access. A user with read-only credentials can exploit the issue. Version 5.9.2 contains a...

8.8CVSS6.6AI score0.00406EPSS

CVE•added 2024/04/16 8:15 p.m.•172 views

CVE-2022-24806

net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can exploit an Improper Input Validation vulnerability when SETing malformed OIDs in master agent and subagent simultaneously. Version 5.9.2 contains a patc...

6.5CVSS6.2AI score0.00113EPSS

CVE•added 2024/04/18 7:15 p.m.•169 views

CVE-2023-3758

A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper authorization issues, granting or denying access to resources inappropriately.

7.1CVSS5.9AI score0.00024EPSS

CVE•added 2024/04/16 8:15 p.m.•154 views

CVE-2022-24809

net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-only credentials can use a malformed OID in a GET-NEXT to the nsVacmAccessTable to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users should use strong S...

6.5CVSS6.1AI score0.00114EPSS

CVE•added 2024/04/16 8:15 p.m.•143 views

CVE-2022-24807

net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a malformed OID in a SET request to SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable can cause an out-of-bounds memory access. A user with read-write credentials can exploit the issue. Version 5.9.2 ...

6.5CVSS6.2AI score0.00421EPSS

CVE•added 2024/04/16 8:15 p.m.•139 views

CVE-2022-24808

net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can use a malformed OID in a SET request to NET-SNMP-AGENT-MIB::nsLogTable to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users should...

6.5CVSS6.1AI score0.00164EPSS

CVE•added 2025/04/03 2:15 p.m.•102 views

CVE-2025-3155

A flaw was found in Yelp. The Gnome user help application allows the help document to execute arbitrary scripts. This vulnerability allows malicious users to input help documents, which may exfiltrate user files to an external environment.

7.4CVSS7.5AI score0.0006EPSS

CVE•added 2023/08/25 5:15 p.m.•101 views

CVE-2023-38201

A flaw was found in the Keylime registrar that could allow a bypass of the challenge-response protocol during agent registration. This issue may allow an attacker to impersonate an agent and hide the true status of a monitored machine if the fake agent is added to the verifier list by a legitimate ...

6.5CVSS6.4AI score0.00019EPSS

CVE•added 2025/04/03 3:15 a.m.•93 views

CVE-2025-2784

A flaw was found in libsoup. The package is vulnerable to a heap buffer over-read when sniffing content via the skip_insight_whitespace() function. Libsoup clients may read one byte out-of-bounds in response to a crafted HTTP response by an HTTP server.

7CVSS7AI score0.0214EPSS

CVE•added 2024/06/06 6:15 a.m.•81 views

CVE-2024-3049

A flaw was found in Booth, a cluster ticket manager. If a specially-crafted hash is passed to gcry_md_get_algo_dlen(), it may allow an invalid HMAC to be accepted by the Booth server.

5.9CVSS5.4AI score0.00685EPSS