Vulnerabilities > Redhat > Enterprise Linux Server EUS > High

DATE CVE VULNERABILITY TITLE RISK
2022-01-28 CVE-2021-4034 Out-of-bounds Write vulnerability in multiple products
A local privilege escalation vulnerability was found on polkit's pkexec utility.
7.8
2021-03-03 CVE-2021-20233 Out-of-bounds Write vulnerability in multiple products
A flaw was found in grub2 in versions prior to 2.06.
local
low complexity
gnu redhat fedoraproject netapp CWE-787
8.2
2021-03-03 CVE-2020-27779 A flaw was found in grub2 in versions prior to 2.06.
local
high complexity
gnu redhat fedoraproject netapp
7.5
2021-03-03 CVE-2020-25647 Out-of-bounds Write vulnerability in multiple products
A flaw was found in grub2 in versions prior to 2.06.
7.6
2021-03-03 CVE-2020-25632 Use After Free vulnerability in multiple products
A flaw was found in grub2 in versions prior to 2.06.
local
low complexity
gnu redhat fedoraproject netapp CWE-416
8.2
2021-03-03 CVE-2020-14372 Incomplete Blacklist vulnerability in multiple products
A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled.
local
high complexity
gnu redhat fedoraproject netapp CWE-184
7.5
2020-02-08 CVE-2012-4512 Type Confusion vulnerability in multiple products
The CSS parser (khtml/css/cssparser.cpp) in Konqueror in KDE 4.7.3 allows remote attackers to cause a denial of service (crash) and possibly read memory via a crafted font face source, related to "type confusion."
network
low complexity
kde redhat CWE-843
8.8
2020-01-31 CVE-2014-8141 Out-of-bounds Write vulnerability in multiple products
Heap-based buffer overflow in the getZip64Data function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.
local
low complexity
unzip-project redhat CWE-787
7.8
2020-01-31 CVE-2014-8140 Out-of-bounds Write vulnerability in multiple products
Heap-based buffer overflow in the test_compr_eb function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.
local
low complexity
unzip-project redhat CWE-787
7.8
2020-01-31 CVE-2014-8139 Out-of-bounds Write vulnerability in multiple products
Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.
local
low complexity
unzip-project redhat CWE-787
7.8