Enterprise Linux EUS

DATE	CVE	VULNERABILITY TITLE	RISK
2022-09-29	CVE-2015-1931	Cleartext Storage of Sensitive Information vulnerability in multiple products IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR1 FP10, 7 R1 before SR3 FP10, 7 before SR9 FP10, 6 R1 before SR8 FP7, 6 before SR16 FP7, and 5.0 before SR16 FP13 stores plaintext information in memory dumps, which allows local users to obtain sensitive information by reading a file. local low complexity ibm suse redhat CWE-312	5.5
2022-08-23	CVE-2021-3975	A use-after-free flaw was found in libvirt. network low complexity redhat canonical fedoraproject debian netapp	6.5
2022-08-23	CVE-2021-20316	Race Condition vulnerability in multiple products A flaw was found in the way Samba handled file/directory metadata. network high complexity samba debian redhat CWE-362	6.8
2022-08-23	CVE-2021-23177	An improper link resolution flaw while extracting an archive can lead to changing the access control list (ACL) of the target of the link. local low complexity libarchive fedoraproject redhat debian	7.8
2022-08-23	CVE-2021-31566	An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a file outside of the archive. local low complexity libarchive fedoraproject redhat debian splunk	7.8
2022-07-06	CVE-2021-3695	Out-of-bounds Write vulnerability in multiple products A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write in the heap area. local high complexity gnu fedoraproject redhat netapp CWE-787	4.5
2022-07-06	CVE-2021-3696	Out-of-bounds Write vulnerability in multiple products A heap out-of-bounds write may heppen during the handling of Huffman tables in the PNG reader. local high complexity gnu redhat netapp CWE-787	4.5
2022-07-06	CVE-2021-3697	Out-of-bounds Write vulnerability in multiple products A crafted JPEG image may lead the JPEG reader to underflow its data pointer, allowing user-controlled data to be written in heap. local high complexity gnu redhat CWE-787	7.0
2022-04-29	CVE-2022-1227	Improper Privilege Management vulnerability in multiple products A privilege escalation flaw was found in Podman. network low complexity podman-project psgo-project redhat fedoraproject CWE-269	8.8
2022-04-04	CVE-2022-27649	Incorrect Default Permissions vulnerability in multiple products A flaw was found in Podman, where containers were started incorrectly with non-empty default permissions. network high complexity podman-project redhat fedoraproject CWE-276	7.5