Enterprise Linux

DATE	CVE	VULNERABILITY TITLE	RISK
2024-11-12	CVE-2024-49394	Improper Verification of Cryptographic Signature vulnerability in multiple products In mutt and neomutt the In-Reply-To email header field is not protected by cryptographic signing which allows an attacker to reuse an unencrypted but signed email message to impersonate the original sender. network low complexity neomutt mutt redhat CWE-347	5.3
2024-11-12	CVE-2024-49395	In mutt and neomutt, PGP encryption does not use the --hidden-recipient mode which may leak the Bcc email header field by inferring from the recipients info. network low complexity neomutt mutt redhat	5.3
2024-11-12	CVE-2024-49393	Improper Verification of Cryptographic Signature vulnerability in multiple products In neomutt and mutt, the To and Cc email headers are not validated by cryptographic signing which allows an attacker that intercepts a message to change their value and include himself as a one of the recipients to compromise message confidentiality. network high complexity neomutt mutt redhat CWE-347	5.9
2024-10-29	CVE-2024-50074	Out-of-bounds Read vulnerability in multiple products In the Linux kernel, the following vulnerability has been resolved: parport: Proper fix for array out-of-bounds access The recent fix for array out-of-bounds accesses replaced sprintf() calls blindly with snprintf(). local low complexity linux redhat CWE-125	7.8
2024-09-19	CVE-2024-8354	Reachable Assertion vulnerability in multiple products A flaw was found in QEMU. local low complexity redhat qemu CWE-617	5.5
2024-09-10	CVE-2024-8443	Out-of-bounds Write vulnerability in multiple products A heap-based buffer overflow vulnerability was found in the libopensc OpenPGP driver. high complexity opensc-project redhat CWE-787	2.9
2024-09-03	CVE-2024-45615	Use of Uninitialized Resource vulnerability in multiple products A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. high complexity redhat opensc-project CWE-908	3.9
2024-09-03	CVE-2024-45616	Use of Uninitialized Resource vulnerability in multiple products A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. high complexity redhat opensc-project CWE-908	3.9
2024-09-03	CVE-2024-45617	Use of Uninitialized Resource vulnerability in multiple products A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. high complexity redhat opensc-project CWE-908	3.9
2024-09-03	CVE-2024-45618	Use of Uninitialized Resource vulnerability in multiple products A vulnerability was found in pkcs15-init in OpenSC. high complexity redhat opensc-project CWE-908	3.9