Redhat

Enterprise Linux For Arm 64

43 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.3

CVE-2024-1488

  • EPSS 0.07%
  • Veröffentlicht 15.02.2024 05:15:10
  • Zuletzt bearbeitet 30.01.2025 22:15:09

A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. If a process can connect over localhost to port 8953, it can alter the configuratio...

5.3

CVE-2023-6681

  • EPSS 0.03%
  • Veröffentlicht 12.02.2024 14:15:08
  • Zuletzt bearbeitet 21.11.2024 08:44:20

A vulnerability was found in JWCrypto. This flaw allows an attacker to cause a denial of service (DoS) attack and possible password brute-force and dictionary attacks to be more resource-intensive. This issue can result in a large amount of computati...

5.9

CVE-2023-5992

Exploit
  • EPSS 0.28%
  • Veröffentlicht 31.01.2024 14:15:48
  • Zuletzt bearbeitet 03.11.2025 22:16:32

A vulnerability was found in OpenSC where PKCS#1 encryption padding removal is not implemented as side-channel resistant. This issue may result in the potential leak of private data.

5.5

CVE-2023-4641

  • EPSS 0.02%
  • Veröffentlicht 27.12.2023 16:15:13
  • Zuletzt bearbeitet 03.11.2025 20:16:05

A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails in cleaning the buffer used to store the first entry. This may allow an attacker w...

4.4

CVE-2023-5870

  • EPSS 0.5%
  • Veröffentlicht 10.12.2023 18:15:07
  • Zuletzt bearbeitet 04.11.2025 20:17:14

A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Successful exploitation requires a non-core extension wi...

8.8

CVE-2023-5869

  • EPSS 1.24%
  • Veröffentlicht 10.12.2023 18:15:07
  • Zuletzt bearbeitet 04.11.2025 20:17:13

A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remo...

4.3

CVE-2023-5868

  • EPSS 2.1%
  • Veröffentlicht 10.12.2023 18:15:07
  • Zuletzt bearbeitet 04.11.2025 20:17:13

A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals witho...

7.5

CVE-2023-46847

  • EPSS 45.33%
  • Veröffentlicht 03.11.2023 08:15:08
  • Zuletzt bearbeitet 21.11.2024 08:29:25

Squid is vulnerable to a Denial of Service, where a remote attacker can perform buffer overflow attack by writing up to 2 MB of arbitrary data to heap memory when Squid is configured to accept HTTP Digest Authentication.

5.3

CVE-2023-46846

  • EPSS 9.85%
  • Veröffentlicht 03.11.2023 08:15:07
  • Zuletzt bearbeitet 18.12.2024 01:15:06

SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems.

7.8

CVE-2023-3972

  • EPSS 0.01%
  • Veröffentlicht 01.11.2023 16:15:08
  • Zuletzt bearbeitet 21.11.2024 08:18:25

A vulnerability was found in insights-client. This security issue occurs because of insecure file operations or unsafe handling of temporary files and directories that lead to local privilege escalation. Before the insights-client has been registered...