Vulnerabilities > Redhat > Enterprise Linux TUS > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-12 | CVE-2024-3183 | Use of Password Hash With Insufficient Computational Effort vulnerability in Redhat products A vulnerability was found in FreeIPA in a way when a Kerberos TGS-REQ is encrypted using the client’s session key. | 8.1 |
| 2024-02-09 | CVE-2024-0229 | Out-of-bounds Write vulnerability in multiple products An out-of-bounds memory access flaw was found in the X.Org server. | 7.8 |
| 2022-02-18 | CVE-2020-25717 | Improper Input Validation vulnerability in multiple products A flaw was found in the way Samba maps domain users to local users. | 8.1 |
| 2021-07-09 | CVE-2021-3570 | Out-of-bounds Write vulnerability in multiple products A flaw was found in the ptp4l program of the linuxptp package. | 8.8 |
| 2020-09-11 | CVE-2020-1045 | <p>A security feature bypass vulnerability exists in the way Microsoft ASP.NET Core parses encoded cookie names.</p> <p>The ASP.NET Core cookie parser decodes entire cookie strings which could allow a malicious attacker to set a second cookie with the name being percent encoded.</p> <p>The security update addresses the vulnerability by fixing the way the ASP.NET Core cookie parser handles encoded names.</p> | 7.5 |
| 2019-09-20 | CVE-2019-14816 | Heap-based Buffer Overflow vulnerability in multiple products There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code. | 7.8 |
| 2017-10-05 | CVE-2017-15041 | Go before 1.8.4 and 1.9.x before 1.9.1 allows "go get" remote command execution. | 7.5 |
| 2016-11-10 | CVE-2016-5195 | Race Condition vulnerability in multiple products Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW." | 7.0 |