Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
RedhatEnterprise Linux

15 matches found

CVE
CVEadded 2023/08/23 11:15 a.m.513 views

CVE-2023-3899

A vulnerability was found in subscription-manager that allows local privilege escalation due to inadequate authorization. The D-Bus interface com.redhat.RHSM1 exposes a significant number of methods to all users that could change the state of the registration. By using the com.redhat.RHSM1.Config.S...

7.8CVSS7.7AI score0.00034EPSS
CVE
CVEadded 2023/08/01 5:15 p.m.506 views

CVE-2023-38559

A buffer overflow flaw was found in base/gdevdevn.c:1973 in devn_pcx_write_rle() in ghostscript. This issue may allow a local attacker to cause a denial of service via outputting a crafted PDF file for a DEVN device with gs.

5.5CVSS6.3AI score0.00013EPSS
CVE
CVEadded 2023/08/07 2:15 p.m.501 views

CVE-2023-4194

A flaw was found in the Linux kernel's TUN/TAP functionality. This issue could allow a local user to bypass network filters and gain unauthorized access to some resources. The original patches fixing CVE-2023-1076 are incorrect or incomplete. The problem is that the following upstream commits - a09...

5.5CVSS6.7AI score0.00009EPSS
CVE
CVEadded 2023/08/11 3:15 a.m.473 views

CVE-2022-40982

Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

6.5CVSS6.9AI score0.00377EPSS
CVE
CVEadded 2023/08/03 3:15 p.m.347 views

CVE-2023-4133

A use-after-free vulnerability was found in the cxgb4 driver in the Linux kernel. The bug occurs when the cxgb4 device is detaching due to a possible rearming of the flower_stats_timer from the work queue. This flaw allows a local user to crash the system, causing a denial of service condition.

5.5CVSS5.9AI score0.00009EPSS
CVE
CVEadded 2023/08/11 1:15 p.m.293 views

CVE-2023-39417

IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct (dollar quoting, '', or ""). If an administrator has installed files of a vulnerable, trusted, non-bundled extension, an attacker with dat...

8.8CVSS8.8AI score0.00509EPSS
CVE
CVEadded 2023/08/03 3:15 p.m.279 views

CVE-2023-4132

A use-after-free vulnerability was found in the siano smsusb module in the Linux kernel. The bug occurs during device initialization when the siano device is plugged in. This flaw allows a local user to crash the system, causing a denial of service condition.

5.5CVSS6.3AI score0.00011EPSS
CVE
CVEadded 2023/08/21 7:15 p.m.277 views

CVE-2023-4459

A NULL pointer dereference flaw was found in vmxnet3_rq_cleanup in drivers/net/vmxnet3/vmxnet3_drv.c in the networking sub-component in vmxnet3 in the Linux Kernel. This issue may allow a local attacker with normal user privilege to cause a denial of service due to a missing sanity check during cle...

5.5CVSS6.1AI score0.00009EPSS
CVE
CVEadded 2023/08/11 1:15 p.m.274 views

CVE-2023-39418

A vulnerability was found in PostgreSQL with the use of the MERGE command, which fails to test new rows against row security policies defined for UPDATE and SELECT. If UPDATE and SELECT policies forbid some rows that INSERT policies do not forbid, a user could store such rows.

4.3CVSS6AI score0.00439EPSS
CVE
CVEadded 2023/08/09 3:15 p.m.265 views

CVE-2023-4273

A flaw was found in the exFAT driver of the Linux kernel. The vulnerability exists in the implementation of the file name reconstruction function, which is responsible for reading file name entries from a directory index and merging file name parts belonging to one file into a single long file name...

6.7CVSS6.6AI score0.00043EPSS
CVE
CVEadded 2023/08/07 2:15 p.m.204 views

CVE-2023-4147

A use-after-free flaw was found in the Linux kernel’s Netfilter functionality when adding a rule with NFTA_RULE_CHAIN_ID. This flaw allows a local user to crash or escalate their privileges on the system.

7.8CVSS7.7AI score0.00161EPSS
CVE
CVEadded 2023/08/16 7:15 p.m.201 views

CVE-2023-4387

A use-after-free flaw was found in vmxnet3_rq_alloc_rx_buf in drivers/net/vmxnet3/vmxnet3_drv.c in VMware's vmxnet3 ethernet NIC driver in the Linux Kernel. This issue could allow a local attacker to crash the system due to a double-free while cleaning up vmxnet3_rq_cleanup_all, which could also le...

7.1CVSS6.5AI score0.00015EPSS
CVE
CVEadded 2023/08/28 10:15 p.m.172 views

CVE-2023-4569

A memory leak flaw was found in nft_set_catchall_flush in net/netfilter/nf_tables_api.c in the Linux Kernel. This issue may allow a local attacker to cause double-deactivations of catchall elements, which can result in a memory leak.

5.5CVSS5.9AI score0.00008EPSS
CVE
CVEadded 2023/08/23 1:15 p.m.165 views

CVE-2023-4042

A flaw was found in ghostscript. The fix for CVE-2020-16305 in ghostscript was not included in RHSA-2021:1852-06 advisory as it was claimed to be. This issue only affects the ghostscript package as shipped with Red Hat Enterprise Linux 8.

5.5CVSS6.4AI score0.00483EPSS
CVE
CVEadded 2023/08/25 5:15 p.m.101 views

CVE-2023-38201

A flaw was found in the Keylime registrar that could allow a bypass of the challenge-response protocol during agent registration. This issue may allow an attacker to impersonate an agent and hide the true status of a monitored machine if the fake agent is added to the verifier list by a legitimate ...

6.5CVSS6.4AI score0.00019EPSS