Vulnerabilities > Redhat > Enterprise Linux FOR IBM Z Systems > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-02-27 | CVE-2025-1755 | Untrusted Search Path vulnerability in multiple products MongoDB Compass may be susceptible to local privilege escalation under certain conditions potentially enabling unauthorized actions on a user's system with elevated privileges, when a crafted file is stored in C:\node_modules\. | 7.8 |
| 2025-02-27 | CVE-2025-1756 | Untrusted Search Path vulnerability in multiple products mongosh may be susceptible to local privilege escalation under certain conditions potentially enabling unauthorized actions on a user's system with elevated privilege, when a crafted file is stored in C:\node_modules\. | 7.8 |
| 2024-10-09 | CVE-2024-9675 | A vulnerability was found in Buildah. | 7.8 |
| 2024-07-01 | CVE-2024-6387 | Race Condition vulnerability in multiple products A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). | 8.1 |
| 2024-04-16 | CVE-2022-24805 | Classic Buffer Overflow vulnerability in multiple products net-snmp provides various tools relating to the Simple Network Management Protocol. | 8.8 |
| 2024-02-15 | CVE-2024-1488 | A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. | 7.3 |
| 2024-01-31 | CVE-2024-1086 | Use After Free vulnerability in multiple products A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cause a double free vulnerability when NF_DROP is issued with a drop error which resembles NF_ACCEPT. We recommend upgrading past commit f342de4e2f33e0e39165d8639387aa6c19dff660. | 7.8 |
| 2024-01-18 | CVE-2024-0409 | Out-of-bounds Write vulnerability in multiple products A flaw was found in the X.Org server. | 7.8 |
| 2023-12-10 | CVE-2023-5869 | Integer Overflow or Wraparound vulnerability in multiple products A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. | 8.8 |
| 2023-11-03 | CVE-2023-46847 | Classic Buffer Overflow vulnerability in multiple products Squid is vulnerable to a Denial of Service, where a remote attacker can perform buffer overflow attack by writing up to 2 MB of arbitrary data to heap memory when Squid is configured to accept HTTP Digest Authentication. | 7.5 |