Linux Enterprise

DATE	CVE	VULNERABILITY TITLE	RISK
2024-01-12	CVE-2024-23301	Relax-and-Recover (aka ReaR) through 2.7 creates a world-readable initrd when using GRUB_RESCUE=y. local low complexity relax-and-recover suse redhat fedoraproject	5.5
2023-05-31	CVE-2023-34256	Out-of-bounds Read vulnerability in multiple products An issue was discovered in the Linux kernel before 6.3.3. local low complexity linux suse debian CWE-125	5.5
2022-08-24	CVE-2021-4028	A flaw in the Linux kernel's implementation of RDMA communications manager listener code allowed an attacker with local access to setup a socket to listen on a high port allowing for a list element to be used after free. local low complexity linux suse	7.8
2022-01-01	CVE-2021-41819	Reliance on Cookies without Validation and Integrity Checking vulnerability in multiple products CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in cookie names. network low complexity ruby-lang redhat debian suse opensuse fedoraproject CWE-565	7.5
2022-01-01	CVE-2021-41817	Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS (regular expression Denial of Service) via a long string. network low complexity ruby-lang redhat fedoraproject debian suse opensuse	7.5
2021-12-25	CVE-2021-4166	vim is vulnerable to Out-of-bounds Read local low complexity vim redhat suse opensuse debian fedoraproject apple	7.1
2020-06-15	CVE-2020-14147	Integer Overflow or Wraparound vulnerability in multiple products An integer overflow in the getnum function in lua_struct.c in Redis before 6.0.3 allows context-dependent attackers with permission to run Lua code in a Redis session to cause a denial of service (memory corruption and application crash) or possibly bypass intended sandbox restrictions via a large number, which triggers a stack-based buffer overflow. network low complexity redislabs oracle suse debian CWE-190	7.7
2018-07-23	CVE-2018-14523	Out-of-bounds Read vulnerability in multiple products An issue was discovered in aubio 0.4.6. network low complexity aubio opensuse suse CWE-125	8.8
2018-07-23	CVE-2018-14522	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in aubio 0.4.6. network low complexity aubio opensuse suse CWE-119	8.8
2017-04-12	CVE-2016-9959	Out-of-bounds Write vulnerability in multiple products game-music-emu before 0.6.1 allows remote attackers to generate out of bounds 8-bit values. local low complexity opensuse-project suse opensuse game-music-emu-project CWE-787	7.8