Vulnerabilities > Redhat > Enterprise Linux Server FOR Power Little Endian Update Services FOR SAP Solutions > 8.4

DATE	CVE	VULNERABILITY TITLE	RISK
2024-01-10	CVE-2023-5455	Cross-Site Request Forgery (CSRF) vulnerability in multiple products A Cross-site request forgery vulnerability exists in ipa/session/login_password in all supported versions of IPA. network low complexity freeipa fedoraproject redhat CWE-352	6.5
2023-11-01	CVE-2023-3972	Exposure of Resource to Wrong Sphere vulnerability in Redhat products A vulnerability was found in insights-client. local low complexity redhat CWE-668	7.8
2023-08-23	CVE-2023-3899	Incorrect Authorization vulnerability in multiple products A vulnerability was found in subscription-manager that allows local privilege escalation due to inadequate authorization. local low complexity redhat fedoraproject CWE-863	7.8
2023-03-27	CVE-2023-0494	Use After Free vulnerability in multiple products A vulnerability was found in X.Org. local low complexity x-org fedoraproject redhat CWE-416	7.8
2023-03-06	CVE-2019-8720	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A vulnerability was found in WebKit. network low complexity webkitgtk wpewebkit redhat CWE-119	8.8
2022-07-06	CVE-2021-3695	Out-of-bounds Write vulnerability in multiple products A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write in the heap area. local high complexity gnu fedoraproject redhat netapp CWE-787	4.5
2022-07-06	CVE-2021-3696	Out-of-bounds Write vulnerability in multiple products A heap out-of-bounds write may heppen during the handling of Huffman tables in the PNG reader. local high complexity gnu redhat netapp CWE-787	4.5
2022-07-06	CVE-2021-3697	Out-of-bounds Write vulnerability in multiple products A crafted JPEG image may lead the JPEG reader to underflow its data pointer, allowing user-controlled data to be written in heap. local high complexity gnu redhat CWE-787	7.0
2022-04-04	CVE-2022-27649	Incorrect Default Permissions vulnerability in multiple products A flaw was found in Podman, where containers were started incorrectly with non-empty default permissions. network high complexity podman-project redhat fedoraproject CWE-276	7.5
2022-03-25	CVE-2022-0330	A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. local low complexity linux redhat fedoraproject netapp	7.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.