Enterprise Linux Server AUS

DATE	CVE	VULNERABILITY TITLE	RISK
2023-12-08	CVE-2023-6606	Out-of-bounds Read vulnerability in multiple products An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. local low complexity linux redhat CWE-125	7.1
2023-11-03	CVE-2023-46846	HTTP Request Smuggling vulnerability in multiple products SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems. network low complexity squid-cache redhat CWE-444	5.3
2023-11-03	CVE-2023-46847	Classic Buffer Overflow vulnerability in multiple products Squid is vulnerable to a Denial of Service, where a remote attacker can perform buffer overflow attack by writing up to 2 MB of arbitrary data to heap memory when Squid is configured to accept HTTP Digest Authentication. network low complexity squid-cache redhat CWE-120	7.5
2023-11-03	CVE-2023-46848	Incorrect Conversion between Numeric Types vulnerability in multiple products Squid is vulnerable to Denial of Service, where a remote attacker can perform DoS by sending ftp:// URLs in HTTP Request messages or constructing ftp:// URLs from FTP Native input. network low complexity squid-cache redhat CWE-681	7.5
2023-11-01	CVE-2023-3972	Exposure of Resource to Wrong Sphere vulnerability in Redhat products A vulnerability was found in insights-client. local low complexity redhat CWE-668	7.8
2023-10-23	CVE-2023-5633	Use After Free vulnerability in multiple products The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. local low complexity linux redhat CWE-416	7.8
2023-10-03	CVE-2023-4911	Out-of-bounds Write vulnerability in multiple products A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. local low complexity gnu fedoraproject redhat debian canonical CWE-787	7.8
2023-09-27	CVE-2023-5157	A vulnerability was found in MariaDB. network low complexity mariadb fedoraproject redhat	7.5
2023-09-18	CVE-2023-4527	Out-of-bounds Read vulnerability in multiple products A flaw was found in glibc. network high complexity gnu redhat fedoraproject netapp CWE-125	6.5
2023-09-18	CVE-2023-4806	Use After Free vulnerability in multiple products A flaw was found in glibc. network high complexity gnu redhat fedoraproject CWE-416	5.9