Lucene search

K
RedhatEnterprise Linux Update Services For Sap Solutions

11 matches found

CVE
CVE
added 2024/02/09 7:16 a.m.358 views

CVE-2024-0229

An out-of-bounds memory access flaw was found in the X.Org server. This issue can be triggered when a device frozen by a sync grab is reattached to a different master device. This issue may lead to an application crash, local privilege escalation (if the server runs with extended privileges), or re...

7.8CVSS8.2AI score0.00291EPSS
CVE
CVE
added 2024/10/09 3:15 p.m.262 views

CVE-2024-9675

A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a RUN instruction in a Container file to mount an arbitrary directory from the host (read/write) into the container as long as those files can...

7.8CVSS4.8AI score0.00085EPSS
CVE
CVE
added 2024/01/10 1:15 p.m.234 views

CVE-2023-5455

A Cross-site request forgery vulnerability exists in ipa/session/login_password in all supported versions of IPA. This flaw allows an attacker to trick the user into submitting a request that could perform actions as the user, resulting in a loss of confidentiality and system integrity. During comm...

6.5CVSS6.3AI score0.0028EPSS
CVE
CVE
added 2024/04/16 8:15 p.m.191 views

CVE-2022-24805

net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a buffer overflow in the handling of the INDEX of NET-SNMP-VACM-MIB can cause an out-of-bounds memory access. A user with read-only credentials can exploit the issue. Version 5.9.2 contains a...

8.8CVSS6.6AI score0.00406EPSS
CVE
CVE
added 2024/02/12 1:15 p.m.173 views

CVE-2024-1062

A heap overflow flaw was found in 389-ds-base. This issue leads to a denial of service when writing a value larger than 256 chars in log_entry_attr.

5.5CVSS5.3AI score0.00022EPSS
CVE
CVE
added 2024/04/16 8:15 p.m.172 views

CVE-2022-24806

net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can exploit an Improper Input Validation vulnerability when SETing malformed OIDs in master agent and subagent simultaneously. Version 5.9.2 contains a patc...

6.5CVSS6.2AI score0.00113EPSS
CVE
CVE
added 2024/04/18 7:15 p.m.169 views

CVE-2023-3758

A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper authorization issues, granting or denying access to resources inappropriately.

7.1CVSS5.9AI score0.00024EPSS
CVE
CVE
added 2024/04/16 8:15 p.m.154 views

CVE-2022-24809

net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-only credentials can use a malformed OID in a GET-NEXT to the nsVacmAccessTable to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users should use strong S...

6.5CVSS6.1AI score0.00114EPSS
CVE
CVE
added 2024/04/16 8:15 p.m.143 views

CVE-2022-24807

net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a malformed OID in a SET request to SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable can cause an out-of-bounds memory access. A user with read-write credentials can exploit the issue. Version 5.9.2 ...

6.5CVSS6.2AI score0.00421EPSS
CVE
CVE
added 2024/04/16 8:15 p.m.139 views

CVE-2022-24808

net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can use a malformed OID in a SET request to NET-SNMP-AGENT-MIB::nsLogTable to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users should...

6.5CVSS6.1AI score0.00164EPSS
CVE
CVE
added 2024/06/12 9:15 a.m.93 views

CVE-2024-3183

A vulnerability was found in FreeIPA in a way when a Kerberos TGS-REQ is encrypted using the client’s session key. This key is different for each new session, which protects it from brute force attacks. However, the ticket it contains is encrypted using the target principal key directly. For user p...

8.1CVSS7.8AI score0.1679EPSS