Vulnerabilities > Redhat > Enterprise Linux FOR Power BIG Endian > High

DATE CVE VULNERABILITY TITLE RISK
2024-01-31 CVE-2024-1086 Use After Free vulnerability in multiple products
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cause a double free vulnerability when NF_DROP is issued with a drop error which resembles NF_ACCEPT. We recommend upgrading past commit f342de4e2f33e0e39165d8639387aa6c19dff660.
7.8
2024-01-18 CVE-2024-0409 Out-of-bounds Write vulnerability in multiple products
A flaw was found in the X.Org server.
local
low complexity
x-org tigervnc redhat fedoraproject CWE-787
7.8
2023-12-10 CVE-2023-5869 Integer Overflow or Wraparound vulnerability in multiple products
A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification.
network
low complexity
postgresql redhat CWE-190
8.8
2023-11-01 CVE-2023-3972 Exposure of Resource to Wrong Sphere vulnerability in Redhat products
A vulnerability was found in insights-client.
local
low complexity
redhat CWE-668
7.8
2023-10-25 CVE-2023-5367 Out-of-bounds Write vulnerability in multiple products
A out-of-bounds write flaw was found in the xorg-x11-server.
local
low complexity
x-org redhat fedoraproject debian CWE-787
7.8
2023-08-23 CVE-2023-3899 Incorrect Authorization vulnerability in multiple products
A vulnerability was found in subscription-manager that allows local privilege escalation due to inadequate authorization.
local
low complexity
redhat fedoraproject CWE-863
7.8
2023-03-27 CVE-2023-0494 Use After Free vulnerability in multiple products
A vulnerability was found in X.Org.
local
low complexity
x-org fedoraproject redhat CWE-416
7.8
2023-03-06 CVE-2019-8720 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A vulnerability was found in WebKit.
network
low complexity
webkitgtk wpewebkit redhat CWE-119
8.8
2023-02-01 CVE-2022-4254 LDAP Injection vulnerability in multiple products
sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters
network
low complexity
fedoraproject redhat CWE-90
8.8
2022-03-25 CVE-2022-0330 Improper Preservation of Permissions vulnerability in multiple products
A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU.
local
low complexity
linux redhat fedoraproject netapp CWE-281
7.8