Vulnerabilities > Redhat > Enterprise Linux Server TUS > 8.4

DATE	CVE	VULNERABILITY TITLE	RISK
2024-02-15	CVE-2024-1488	A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. local low complexity fedoraproject redhat	7.3
2024-01-10	CVE-2023-5455	Cross-Site Request Forgery (CSRF) vulnerability in multiple products A Cross-site request forgery vulnerability exists in ipa/session/login_password in all supported versions of IPA. network low complexity freeipa fedoraproject redhat CWE-352	6.5
2023-12-10	CVE-2023-5868	A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. network low complexity postgresql redhat	4.3
2023-12-10	CVE-2023-5869	Integer Overflow or Wraparound vulnerability in multiple products A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. network low complexity postgresql redhat CWE-190	8.8
2023-12-10	CVE-2023-5870	A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. network high complexity postgresql redhat	4.4
2023-11-03	CVE-2023-46846	HTTP Request Smuggling vulnerability in multiple products SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems. network low complexity squid-cache redhat CWE-444	5.3
2023-11-03	CVE-2023-46847	Classic Buffer Overflow vulnerability in multiple products Squid is vulnerable to a Denial of Service, where a remote attacker can perform buffer overflow attack by writing up to 2 MB of arbitrary data to heap memory when Squid is configured to accept HTTP Digest Authentication. network low complexity squid-cache redhat CWE-120	7.5
2023-11-01	CVE-2023-3972	Exposure of Resource to Wrong Sphere vulnerability in Redhat products A vulnerability was found in insights-client. local low complexity redhat CWE-668	7.8
2023-09-27	CVE-2023-5157	A vulnerability was found in MariaDB. network low complexity mariadb fedoraproject redhat	7.5
2023-08-23	CVE-2023-3899	Incorrect Authorization vulnerability in multiple products A vulnerability was found in subscription-manager that allows local privilege escalation due to inadequate authorization. local low complexity redhat fedoraproject CWE-863	7.8