Vulnerabilities > Redhat > Enterprise Linux Server AUS > High

DATE CVE VULNERABILITY TITLE RISK
2024-08-12 CVE-2024-7006 A null pointer dereference flaw was found in Libtiff via `tif_dirinfo.c`.
network
low complexity
libtiff redhat
7.5
2024-07-01 CVE-2024-6387 Race Condition vulnerability in multiple products
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd).
8.1
2024-02-07 CVE-2023-6356 A flaw was found in the Linux kernel's NVMe driver.
network
low complexity
redhat linux debian
7.5
2024-02-07 CVE-2023-6535 A flaw was found in the Linux kernel's NVMe driver.
network
low complexity
linux redhat
7.5
2024-02-07 CVE-2023-6536 A flaw was found in the Linux kernel's NVMe driver.
network
low complexity
linux redhat debian
7.5
2023-12-10 CVE-2023-5869 Integer Overflow or Wraparound vulnerability in multiple products
A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification.
network
low complexity
postgresql redhat CWE-190
8.8
2023-12-08 CVE-2023-6606 Out-of-bounds Read vulnerability in multiple products
An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel.
local
low complexity
linux redhat CWE-125
7.1
2023-11-03 CVE-2023-46847 Classic Buffer Overflow vulnerability in multiple products
Squid is vulnerable to a Denial of Service, where a remote attacker can perform buffer overflow attack by writing up to 2 MB of arbitrary data to heap memory when Squid is configured to accept HTTP Digest Authentication.
network
low complexity
squid-cache redhat CWE-120
7.5
2023-11-03 CVE-2023-46848 Incorrect Conversion between Numeric Types vulnerability in multiple products
Squid is vulnerable to Denial of Service, where a remote attacker can perform DoS by sending ftp:// URLs in HTTP Request messages or constructing ftp:// URLs from FTP Native input.
network
low complexity
squid-cache redhat CWE-681
7.5
2023-11-01 CVE-2023-3972 Exposure of Resource to Wrong Sphere vulnerability in Redhat products
A vulnerability was found in insights-client.
local
low complexity
redhat CWE-668
7.8