Vulnerabilities > Redhat > Enterprise Linux Server
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-01-31 | CVE-2024-1086 | Use After Free vulnerability in multiple products A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cause a double free vulnerability when NF_DROP is issued with a drop error which resembles NF_ACCEPT. We recommend upgrading past commit f342de4e2f33e0e39165d8639387aa6c19dff660. | 7.8 |
2024-01-18 | CVE-2024-0408 | A flaw was found in the X.Org server. | 5.5 |
2024-01-18 | CVE-2024-0409 | Out-of-bounds Write vulnerability in multiple products A flaw was found in the X.Org server. | 7.8 |
2024-01-18 | CVE-2023-6816 | Out-of-bounds Write vulnerability in multiple products A flaw was found in X.Org server. | 9.8 |
2024-01-10 | CVE-2023-5455 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products A Cross-site request forgery vulnerability exists in ipa/session/login_password in all supported versions of IPA. | 6.5 |
2023-12-10 | CVE-2023-5869 | Integer Overflow or Wraparound vulnerability in multiple products A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. | 8.8 |
2023-11-03 | CVE-2023-46847 | Classic Buffer Overflow vulnerability in multiple products Squid is vulnerable to a Denial of Service, where a remote attacker can perform buffer overflow attack by writing up to 2 MB of arbitrary data to heap memory when Squid is configured to accept HTTP Digest Authentication. | 7.5 |
2023-11-01 | CVE-2023-3972 | Exposure of Resource to Wrong Sphere vulnerability in Redhat products A vulnerability was found in insights-client. | 7.8 |
2023-10-25 | CVE-2023-5367 | Out-of-bounds Write vulnerability in multiple products A out-of-bounds write flaw was found in the xorg-x11-server. | 7.8 |
2023-08-23 | CVE-2023-3899 | Incorrect Authorization vulnerability in multiple products A vulnerability was found in subscription-manager that allows local privilege escalation due to inadequate authorization. | 7.8 |