Vulnerabilities > Redhat > Enterprise Linux AUS > High

DATE CVE VULNERABILITY TITLE RISK
2024-06-12 CVE-2024-3183 Unspecified vulnerability in Redhat products
A vulnerability was found in FreeIPA in a way when a Kerberos TGS-REQ is encrypted using the client’s session key.
network
low complexity
redhat
8.1
2024-02-09 CVE-2024-0229 An out-of-bounds memory access flaw was found in the X.Org server.
local
low complexity
x-org fedoraproject redhat
7.8
2023-11-01 CVE-2023-3972 Exposure of Resource to Wrong Sphere vulnerability in Redhat products
A vulnerability was found in insights-client.
local
low complexity
redhat CWE-668
7.8
2023-03-27 CVE-2023-0494 Use After Free vulnerability in multiple products
A vulnerability was found in X.Org.
local
low complexity
x-org fedoraproject redhat CWE-416
7.8
2022-03-03 CVE-2021-3609 .A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges.
local
high complexity
linux redhat netapp
7.0
2021-07-09 CVE-2021-3570 Out-of-bounds Write vulnerability in multiple products
A flaw was found in the ptp4l program of the linuxptp package.
8.8
2019-08-14 CVE-2019-9506 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation.
8.1
2019-06-19 CVE-2019-11478 Resource Exhaustion vulnerability in multiple products
Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences.
network
low complexity
linux f5 canonical redhat pulsesecure ivanti CWE-400
7.5
2019-06-19 CVE-2019-11477 Integer Overflow or Wraparound vulnerability in multiple products
Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs).
network
low complexity
linux f5 canonical redhat pulsesecure ivanti CWE-190
7.5
2019-05-07 CVE-2019-11811 Use After Free vulnerability in multiple products
An issue was discovered in the Linux kernel before 5.0.4.
local
high complexity
linux redhat opensuse CWE-416
7.0