Lucene search

K
RedhatEnterprise Linux

325 matches found

CVE
CVE
added 2019/01/31 6:29 p.m.13294 views

CVE-2019-6111

An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented)...

5.9CVSS6.3AI score0.57154EPSS
CVE
CVE
added 2019/01/10 9:29 p.m.5438 views

CVE-2018-20685

In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side.

5.3CVSS6.3AI score0.03744EPSS
CVE
CVE
added 2023/12/18 4:15 p.m.3808 views

CVE-2023-48795

The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connecti...

5.9CVSS6.7AI score0.67991EPSS
CVE
CVE
added 2018/03/26 3:29 p.m.3481 views

CVE-2018-1283

In Apache httpd 2.4.0 to 2.4.29, when mod_session is configured to forward its session data to CGI applications (SessionEnv on, not the default), a remote user may influence their content by using a "Session" header. This comes from the "HTTP_SESSION" variable name used by mod_session to forward it...

5.3CVSS7AI score0.02852EPSS
CVE
CVE
added 2011/02/22 7:0 p.m.1811 views

CVE-2011-1002

avahi-core/socket.c in avahi-daemon in Avahi before 0.6.29 allows remote attackers to cause a denial of service (infinite loop) via an empty mDNS (1) IPv4 or (2) IPv6 UDP packet to port 5353. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-2244.

5CVSS7.8AI score0.75281EPSS
CVE
CVE
added 2021/05/20 1:15 p.m.1722 views

CVE-2021-3426

There's a flaw in Python 3's pydoc. A local or adjacent attacker who discovers or is able to convince another local or adjacent user to start a pydoc server could access the server and use it to disclose sensitive information belonging to the other user that they would not normally be able to acces...

5.7CVSS5.6AI score0.00101EPSS
CVE
CVE
added 2018/09/25 9:29 p.m.1475 views

CVE-2018-11763

In Apache HTTP Server 2.4.17 to 2.4.34, by sending continuous, large SETTINGS frames a client can occupy a connection, server thread and CPU time without any connection timeout coming to effect. This affects only HTTP/2 connections. A possible mitigation is to not enable the h2 protocol.

5.9CVSS5.6AI score0.18884EPSS
CVE
CVE
added 2018/03/26 3:29 p.m.1101 views

CVE-2018-1301

A specially crafted request could have crashed the Apache HTTP Server prior to version 2.4.30, due to an out of bound access after a size limit is reached by reading the HTTP header. This vulnerability is considered very hard if not impossible to trigger in non-debug mode (both log and build level)...

5.9CVSS7.5AI score0.07833EPSS
CVE
CVE
added 2019/04/23 7:32 p.m.733 views

CVE-2019-2684

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...

5.9CVSS5.7AI score0.01345EPSS
CVE
CVE
added 2022/08/24 4:15 p.m.699 views

CVE-2021-4189

A flaw was found in Python, specifically in the FTP (File Transfer Protocol) client library in PASV (passive) mode. The issue is how the FTP client trusts the host from the PASV response by default. This flaw allows an attacker to set up a malicious FTP server that can trick FTP clients into connec...

5.3CVSS6.2AI score0.00442EPSS
CVE
CVE
added 2023/06/09 7:15 p.m.695 views

CVE-2023-2455

Row security policies disregard user ID changes after inlining; PostgreSQL could permit incorrect policies to be applied in certain cases where role-specific policies are used and a given query is planned under one role and then executed under other roles. This scenario can happen under security de...

5.4CVSS6.3AI score0.00212EPSS
CVE
CVE
added 2019/02/04 8:29 a.m.688 views

CVE-2019-7317

png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.

5.3CVSS6.3AI score0.00576EPSS
CVE
CVE
added 2022/02/18 6:15 p.m.616 views

CVE-2016-2124

A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the plaintext password sent over the wire even if Kerberos authentication was required.

5.9CVSS7.2AI score0.00681EPSS
CVE
CVE
added 2020/05/22 3:15 p.m.616 views

CVE-2020-10711

A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. This flaw occurs while importing the Commercial IP Security Option (CIPSO) protocol's category bitmap into the SELinux extensible bitmap via the' ebitmap_netlbl_import' routine. While processin...

5.9CVSS6.5AI score0.00671EPSS
CVE
CVE
added 2019/06/19 12:15 a.m.615 views

CVE-2019-11038

When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized var...

5.3CVSS5.5AI score0.08292EPSS
CVE
CVE
added 2023/09/18 5:15 p.m.573 views

CVE-2023-4806

A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the nss _gethostbyname2_r and nss _getcanonname_r hooks without implementing...

5.9CVSS6.8AI score0.01106EPSS
CVE
CVE
added 2020/08/31 6:15 p.m.571 views

CVE-2020-14364

An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice 'setup_len' exceeds its 'data_buf[4096]' in the do_token_in, do_token_out routines. This flaw allows a guest user to...

5CVSS6.6AI score0.11636EPSS
CVE
CVE
added 2019/04/09 4:29 p.m.539 views

CVE-2019-3880

A flaw was found in the way samba implemented an RPC endpoint emulating the Windows registry service API. An unprivileged attacker could use this flaw to create a new registry hive file anywhere they have unix permissions which could lead to creation of a new file in the Samba share. Versions befor...

5.5CVSS5.6AI score0.03009EPSS
CVE
CVE
added 2021/05/14 8:15 p.m.529 views

CVE-2021-3537

A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference. If an untrusted XML document was parsed in recovery mode and post-validated, the flaw could be used to crash the application. The highest th...

5.9CVSS7AI score0.00127EPSS
CVE
CVE
added 2023/09/12 10:15 p.m.523 views

CVE-2023-4813

A flaw was found in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with SUCCESS=continue ...

5.9CVSS6.9AI score0.00304EPSS
CVE
CVE
added 2023/06/30 10:15 p.m.513 views

CVE-2023-1206

A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel’s IPv6 functionality when a user makes a new kind of SYN flood attack. A user located in the local network or with a high bandwidth connection can increase the CPU usage of the server that accepts IPV6 connectio...

5.7CVSS6.3AI score0.00021EPSS
CVE
CVE
added 2023/10/10 1:15 p.m.508 views

CVE-2023-43788

A vulnerability was found in libXpm due to a boundary condition within the XpmCreateXpmImageFromBuffer() function. This flaw allows a local attacker to trigger an out-of-bounds read error and read the contents of memory on the system.

5.5CVSS5.7AI score0.00023EPSS
CVE
CVE
added 2023/10/05 7:15 p.m.507 views

CVE-2023-42754

A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer (skb) was assumed to be associated with a device before calling __ip_options_compile, which is not always the case if the skb is re-routed by ipvs. This issue may allow a local user with CAP_NET_ADMIN privil...

5.5CVSS6.8AI score0.00009EPSS
CVE
CVE
added 2023/08/01 5:15 p.m.505 views

CVE-2023-38559

A buffer overflow flaw was found in base/gdevdevn.c:1973 in devn_pcx_write_rle() in ghostscript. This issue may allow a local attacker to cause a denial of service via outputting a crafted PDF file for a DEVN device with gs.

5.5CVSS6.3AI score0.00013EPSS
CVE
CVE
added 2023/08/07 2:15 p.m.500 views

CVE-2023-4194

A flaw was found in the Linux kernel's TUN/TAP functionality. This issue could allow a local user to bypass network filters and gain unauthorized access to some resources. The original patches fixing CVE-2023-1076 are incorrect or incomplete. The problem is that the following upstream commits - a09...

5.5CVSS6.7AI score0.00009EPSS
CVE
CVE
added 2023/10/10 1:15 p.m.498 views

CVE-2023-43786

A vulnerability was found in libX11 due to an infinite loop within the PutSubImage() function. This flaw allows a local user to consume all available system resources and cause a denial of service condition.

5.5CVSS6.5AI score0.00056EPSS
CVE
CVE
added 2023/03/23 8:15 p.m.493 views

CVE-2023-1289

A vulnerability was discovered in ImageMagick where a specially created SVG file loads itself and causes a segmentation fault. This flaw allows a remote attacker to pass a specially crafted SVG file that leads to a segmentation fault, generating many trash files in "/tmp," resulting in a denial of ...

5.5CVSS5.5AI score0.001EPSS
CVE
CVE
added 2019/10/09 4:15 p.m.485 views

CVE-2019-6465

Controls for zone transfers may not be properly applied to Dynamically Loadable Zones (DLZs) if the zones are writable Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.5-P2, 9.12.0 -> 9.12.3-P2, and versions 9.9.3-S1 -> 9.11.5-S3 of BIND 9 Supported Preview Edition. Versions 9...

5.3CVSS6.3AI score0.00602EPSS
CVE
CVE
added 2023/09/13 5:15 p.m.481 views

CVE-2023-4155

A flaw was found in KVM AMD Secure Encrypted Virtualization (SEV) in the Linux kernel. A KVM guest using SEV-ES or SEV-SNP with multiple vCPUs can trigger a double fetch race condition vulnerability and invoke the VMGEXIT handler recursively. If an attacker manages to call the handler multiple time...

5.6CVSS6.2AI score0.00008EPSS
CVE
CVE
added 2023/10/25 6:17 p.m.472 views

CVE-2023-4693

An out-of-bounds read flaw was found on grub2's NTFS filesystem driver. This issue may allow a physically present attacker to present a specially crafted NTFS file system image to read arbitrary memory locations. A successful attack allows sensitive data cached in memory or EFI variable values to b...

5.3CVSS6.1AI score0.0001EPSS
CVE
CVE
added 2023/10/12 12:15 p.m.466 views

CVE-2023-43789

A vulnerability was found in libXpm where a vulnerability exists due to a boundary condition, a local user can trigger an out-of-bounds read error and read contents of memory on the system.

5.5CVSS5.8AI score0.00036EPSS
CVE
CVE
added 2021/06/09 8:15 p.m.416 views

CVE-2021-0129

Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access.

5.7CVSS6.3AI score0.00123EPSS
CVE
CVE
added 2019/03/21 4:1 p.m.404 views

CVE-2019-6454

An issue was discovered in sd-bus in systemd 239. bus_process_object() in libsystemd/sd-bus/bus-objects.c allocates a variable-length stack buffer for temporarily storing the object path of incoming D-Bus messages. An unprivileged local user can exploit this by sending a specially crafted message t...

5.5CVSS5.5AI score0.00154EPSS
CVE
CVE
added 2019/04/22 10:29 p.m.388 views

CVE-2019-11459

The tiff_document_render() and tiff_document_get_thumbnail() functions in the TIFF document backend in GNOME Evince through 3.32.0 did not handle errors from TIFFReadRGBAImageOriented(), leading to uninitialized memory use when processing certain TIFF image files.

5.5CVSS5.5AI score0.00451EPSS
CVE
CVE
added 2021/05/11 11:15 p.m.382 views

CVE-2021-3504

A flaw was found in the hivex library in versions before 1.3.20. It is caused due to a lack of bounds check within the hivex_open function. An attacker could input a specially crafted Windows Registry (hive) file which would cause hivex to read memory beyond its normal bounds or cause the program t...

5.8CVSS5.3AI score0.00121EPSS
CVE
CVE
added 2019/10/16 6:15 p.m.378 views

CVE-2019-2975

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Scripting). Supported versions that are affected are Java SE: 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple proto...

5.8CVSS4.8AI score0.0028EPSS
CVE
CVE
added 2022/08/23 8:15 p.m.375 views

CVE-2021-3997

A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial of service at boot time when too many nested directories are created in /tmp.

5.5CVSS5.4AI score0.00038EPSS
CVE
CVE
added 2022/08/26 4:15 p.m.373 views

CVE-2021-3669

A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with large shared memory segment counts which could lead to resource exhaustion and DoS.

5.5CVSS6.3AI score0.00008EPSS
CVE
CVE
added 2019/05/15 1:29 p.m.369 views

CVE-2019-11833

fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem.

5.5CVSS6.4AI score0.00017EPSS
CVE
CVE
added 2022/08/29 3:15 p.m.360 views

CVE-2022-1016

A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_chain, which can cause a use-after-free. This issue needs to handle 'return' with proper preconditions, as it can lead to a kernel information leak problem caused by a local, unprivileged attacker.

5.5CVSS6AI score0.0001EPSS
CVE
CVE
added 2023/07/25 4:15 p.m.359 views

CVE-2023-3772

A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer in xfrm_update_ae_params(), leading to a possible kernel crash and denial of service.

5.5CVSS6.1AI score0.0001EPSS
CVE
CVE
added 2020/06/26 4:15 p.m.357 views

CVE-2020-10769

A buffer over-read flaw was found in RH kernel versions before 5.0 in crypto_authenc_extractkeys in crypto/authenc.c in the IPsec Cryptographic algorithm's module, authenc. When a payload longer than 4 bytes, and is not following 4-byte alignment boundary guidelines, it causes a buffer over-read th...

5.5CVSS5.8AI score0.00084EPSS
CVE
CVE
added 2024/01/18 4:15 p.m.357 views

CVE-2024-0408

A flaw was found in the X.Org server. The GLX PBuffer code does not call the XACE hook when creating the buffer, leaving it unlabeled. When the client issues another request to access that resource (as with a GetGeometry) or when it creates another resource that needs to access that buffer, such as...

5.5CVSS6.4AI score0.00019EPSS
CVE
CVE
added 2023/09/13 5:15 p.m.355 views

CVE-2023-3301

A flaw was found in QEMU. The async nature of hot-unplug enables a race scenario where the net device backend is cleared before the virtio-net pci frontend has been unplugged. A malicious guest could use this time window to trigger an assertion and cause a denial of service.

5.6CVSS5.9AI score0.00006EPSS
CVE
CVE
added 2020/10/06 2:15 p.m.353 views

CVE-2020-25641

A flaw was found in the Linux kernel's implementation of biovecs in versions before 5.9-rc7. A zero-length biovec request issued by the block subsystem could cause the kernel to enter an infinite loop, causing a denial of service. This flaw allows a local attacker with basic privileges to issue req...

5.5CVSS5.8AI score0.0005EPSS
CVE
CVE
added 2023/12/19 12:15 a.m.349 views

CVE-2023-6918

A flaw was found in the libssh implements abstract layer for message digest (MD) operations implemented by different supported crypto backends. The return values from these were not properly checked, which could cause low-memory situations failures, NULL dereferences, crashes, or usage of the unini...

5.3CVSS5.7AI score0.00363EPSS
CVE
CVE
added 2023/05/30 10:15 p.m.347 views

CVE-2023-34151

A vulnerability was found in ImageMagick. This security flaw ouccers as an undefined behaviors of casting double to size_t in svg, mvg and other coders (recurring bugs of CVE-2022-32546).

5.5CVSS6.4AI score0.001EPSS
CVE
CVE
added 2023/08/03 3:15 p.m.347 views

CVE-2023-4133

A use-after-free vulnerability was found in the cxgb4 driver in the Linux kernel. The bug occurs when the cxgb4 device is detaching due to a possible rearming of the flower_stats_timer from the work queue. This flaw allows a local user to crash the system, causing a denial of service condition.

5.5CVSS5.9AI score0.00009EPSS
CVE
CVE
added 2021/08/05 8:15 p.m.336 views

CVE-2021-3679

A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service...

5.5CVSS6.1AI score0.01289EPSS
CVE
CVE
added 2022/02/09 11:15 p.m.336 views

CVE-2022-0530

A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution.

5.5CVSS5.3AI score0.00123EPSS
Total number of security vulnerabilities325