Vulnerabilities > Redhat > Enterprise Linux FOR IBM Z Systems

DATE CVE VULNERABILITY TITLE RISK
2024-07-01 CVE-2024-6387 Race Condition vulnerability in multiple products
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). 		8.1
8.1
2024-06-06 CVE-2024-3049 Insufficient Verification of Data Authenticity vulnerability in multiple products
A flaw was found in Booth, a cluster ticket manager.
network
high complexity
clusterlabs redhat CWE-345
5.9
5.9
2024-02-12 CVE-2023-6681 Resource Exhaustion vulnerability in multiple products
A vulnerability was found in JWCrypto.
network
low complexity
latchset redhat fedoraproject CWE-400
5.3
5.3
2024-01-31 CVE-2023-5992 Information Exposure Through Discrepancy vulnerability in multiple products
A vulnerability was found in OpenSC where PKCS#1 encryption padding removal is not implemented as side-channel resistant.
network
high complexity
opensc-project redhat CWE-203
5.9
5.9
2024-01-31 CVE-2024-1086 Use After Free vulnerability in multiple products
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cause a double free vulnerability when NF_DROP is issued with a drop error which resembles NF_ACCEPT. We recommend upgrading past commit f342de4e2f33e0e39165d8639387aa6c19dff660. 		7.8
7.8
2024-01-18 CVE-2024-0408 A flaw was found in the X.Org server.
local
low complexity
x-org tigervnc redhat fedoraproject
5.5
5.5
2024-01-18 CVE-2024-0409 Out-of-bounds Write vulnerability in multiple products
A flaw was found in the X.Org server.
local
low complexity
x-org tigervnc redhat fedoraproject CWE-787
7.8
7.8
2024-01-10 CVE-2023-5455 Cross-Site Request Forgery (CSRF) vulnerability in multiple products
A Cross-site request forgery vulnerability exists in ipa/session/login_password in all supported versions of IPA.
network
low complexity
freeipa fedoraproject redhat CWE-352
6.5
6.5
2023-12-27 CVE-2023-4641 Improper Authentication vulnerability in multiple products
A flaw was found in shadow-utils.
local
low complexity
shadow-maint redhat CWE-287
5.5
5.5
2023-12-10 CVE-2023-5868 A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments.
network
low complexity
postgresql redhat
4.3
4.3