Vulnerabilities > Redhat > Enterprise Linux Server AUS > 8.6

DATE CVE VULNERABILITY TITLE RISK
2023-11-03 CVE-2023-46847 Classic Buffer Overflow vulnerability in multiple products
Squid is vulnerable to a Denial of Service, where a remote attacker can perform buffer overflow attack by writing up to 2 MB of arbitrary data to heap memory when Squid is configured to accept HTTP Digest Authentication.
network
low complexity
squid-cache redhat CWE-120
7.5
2023-10-03 CVE-2023-4911 Out-of-bounds Write vulnerability in multiple products
A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable.
7.8
2023-09-27 CVE-2023-5157 A vulnerability was found in MariaDB.
network
low complexity
mariadb fedoraproject redhat
7.5
2023-08-23 CVE-2023-3899 Incorrect Authorization vulnerability in multiple products
A vulnerability was found in subscription-manager that allows local privilege escalation due to inadequate authorization.
local
low complexity
redhat fedoraproject CWE-863
7.8
2023-03-06 CVE-2019-8720 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A vulnerability was found in WebKit.
network
low complexity
webkitgtk wpewebkit redhat CWE-119
8.8
2022-08-26 CVE-2021-3669 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
A flaw was found in the Linux kernel.
local
low complexity
linux ibm debian fedoraproject redhat CWE-770
5.5
2022-08-23 CVE-2021-23177 An improper link resolution flaw while extracting an archive can lead to changing the access control list (ACL) of the target of the link.
local
low complexity
libarchive fedoraproject redhat debian
7.8
2022-08-23 CVE-2021-31566 An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a file outside of the archive. 7.8
2022-08-22 CVE-2021-3659 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference flaw was found in the Linux kernel’s IEEE 802.15.4 wireless networking subsystem in the way the user closes the LR-WPAN connection.
local
low complexity
linux fedoraproject redhat CWE-476
5.5
2022-07-06 CVE-2021-3695 Out-of-bounds Write vulnerability in multiple products
A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write in the heap area.
local
high complexity
gnu fedoraproject redhat netapp CWE-787
4.5