Vulnerabilities > Redhat > Enterprise Linux FOR ARM 64 > High

DATE CVE VULNERABILITY TITLE RISK
2024-08-12 CVE-2024-7006 A null pointer dereference flaw was found in Libtiff via `tif_dirinfo.c`.
network
low complexity
libtiff redhat
7.5
2024-07-01 CVE-2024-6387 Race Condition vulnerability in multiple products
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd).
8.1
2023-12-10 CVE-2023-5869 Integer Overflow or Wraparound vulnerability in multiple products
A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification.
network
low complexity
postgresql redhat CWE-190
8.8
2023-11-03 CVE-2023-46847 Classic Buffer Overflow vulnerability in multiple products
Squid is vulnerable to a Denial of Service, where a remote attacker can perform buffer overflow attack by writing up to 2 MB of arbitrary data to heap memory when Squid is configured to accept HTTP Digest Authentication.
network
low complexity
squid-cache redhat CWE-120
7.5
2023-11-01 CVE-2023-3972 Exposure of Resource to Wrong Sphere vulnerability in Redhat products
A vulnerability was found in insights-client.
local
low complexity
redhat CWE-668
7.8
2023-10-23 CVE-2023-5633 Use After Free vulnerability in multiple products
The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface.
local
low complexity
linux redhat CWE-416
7.8
2023-09-27 CVE-2023-5157 A vulnerability was found in MariaDB.
network
low complexity
mariadb fedoraproject redhat
7.5
2023-08-23 CVE-2023-3899 Incorrect Authorization vulnerability in multiple products
A vulnerability was found in subscription-manager that allows local privilege escalation due to inadequate authorization.
local
low complexity
redhat fedoraproject CWE-863
7.8
2019-07-17 CVE-2019-13272 In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops privileges and calls execve (potentially allowing control by an attacker). 7.8
2019-04-08 CVE-2019-0211 Use After Free vulnerability in multiple products
In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard.
7.8