Vulnerabilities > Redhat > Enterprise Linux Desktop > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-01-31 | CVE-2024-1086 | Use After Free vulnerability in multiple products A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cause a double free vulnerability when NF_DROP is issued with a drop error which resembles NF_ACCEPT. We recommend upgrading past commit f342de4e2f33e0e39165d8639387aa6c19dff660. | 7.8 |
2024-01-18 | CVE-2024-0409 | Out-of-bounds Write vulnerability in multiple products A flaw was found in the X.Org server. | 7.8 |
2023-12-10 | CVE-2023-5869 | Integer Overflow or Wraparound vulnerability in multiple products A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. | 8.8 |
2023-11-01 | CVE-2023-3972 | Exposure of Resource to Wrong Sphere vulnerability in Redhat products A vulnerability was found in insights-client. | 7.8 |
2023-10-25 | CVE-2023-5367 | Out-of-bounds Write vulnerability in multiple products A out-of-bounds write flaw was found in the xorg-x11-server. | 7.8 |
2023-08-23 | CVE-2023-3899 | Incorrect Authorization vulnerability in multiple products A vulnerability was found in subscription-manager that allows local privilege escalation due to inadequate authorization. | 7.8 |
2023-03-27 | CVE-2023-0494 | Use After Free vulnerability in multiple products A vulnerability was found in X.Org. | 7.8 |
2023-03-06 | CVE-2019-8720 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A vulnerability was found in WebKit. | 8.8 |
2023-02-01 | CVE-2022-4254 | sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters | 8.8 |
2022-09-29 | CVE-2014-0144 | Improper Input Validation vulnerability in multiple products QEMU before 2.0.0 block drivers for CLOOP, QCOW2 version 2 and various other image formats are vulnerable to potential memory corruptions, integer/buffer overflows or crash caused by missing input validations which could allow a remote user to execute arbitrary code on the host with the privileges of the QEMU process. | 8.6 |