Vulnerabilities > Redhat > Enterprise Linux > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-24 | CVE-2023-3640 | Information Exposure Through Discrepancy vulnerability in multiple products A possible unauthorized memory access flaw was found in the Linux kernel's cpu_entry_area mapping of X86 CPU data to memory, where a user may guess the location of exception stacks or other important data. | 7.8 |
| 2023-07-24 | CVE-2023-3812 | Use After Free vulnerability in multiple products An out-of-bounds memory access flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user generates a malicious (too big) networking packet when napi frags is enabled. | 7.8 |
| 2023-07-20 | CVE-2023-34966 | Infinite Loop vulnerability in multiple products An infinite loop vulnerability was found in Samba's mdssvc RPC service for Spotlight. | 7.5 |
| 2023-07-11 | CVE-2023-3354 | NULL Pointer Dereference vulnerability in multiple products A flaw was found in the QEMU built-in VNC server. | 7.5 |
| 2023-07-11 | CVE-2023-3269 | Use After Free vulnerability in multiple products A vulnerability exists in the memory management subsystem of the Linux kernel. | 7.8 |
| 2023-07-10 | CVE-2023-34432 | Out-of-bounds Write vulnerability in multiple products A heap buffer overflow vulnerability was found in sox, in the lsx_readbuf function at sox/src/formats_i.c:98:16. | 7.8 |
| 2023-07-10 | CVE-2023-34318 | Out-of-bounds Write vulnerability in multiple products A heap buffer overflow vulnerability was found in sox, in the startread function at sox/src/hcom.c:160:41. | 7.8 |
| 2023-06-28 | CVE-2023-3138 | Out-of-bounds Write vulnerability in multiple products A vulnerability was found in libX11. | 7.5 |
| 2023-06-23 | CVE-2023-32373 | Use After Free vulnerability in multiple products A use-after-free issue was addressed with improved memory management. | 8.8 |
| 2023-06-09 | CVE-2023-2454 | schema_element defeats protective search_path changes; It was found that certain database calls in PostgreSQL could permit an authed attacker with elevated database-level privileges to execute arbitrary code. | 7.2 |