Redhat

Enterprise Linux For Scientific Computing

71 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2024-0409

  • EPSS 0.02%
  • Veröffentlicht 18.01.2024 16:15:08
  • Zuletzt bearbeitet 29.08.2025 13:42:30

A flaw was found in the X.Org server. The cursor code in both Xephyr and Xwayland uses the wrong type of private at creation. It uses the cursor bits type with the cursor as private, and when initiating the cursor, that overwrites the XSELINUX contex...

5.5

CVE-2024-0408

  • EPSS 0.02%
  • Veröffentlicht 18.01.2024 16:15:08
  • Zuletzt bearbeitet 29.08.2025 13:42:30

A flaw was found in the X.Org server. The GLX PBuffer code does not call the XACE hook when creating the buffer, leaving it unlabeled. When the client issues another request to access that resource (as with a GetGeometry) or when it creates another r...

6.5

CVE-2023-5455

  • EPSS 0.37%
  • Veröffentlicht 10.01.2024 13:15:48
  • Zuletzt bearbeitet 21.11.2024 08:41:47

A Cross-site request forgery vulnerability exists in ipa/session/login_password in all supported versions of IPA. This flaw allows an attacker to trick the user into submitting a request that could perform actions as the user, resulting in a loss of ...

8.8

CVE-2023-5869

  • EPSS 1.61%
  • Veröffentlicht 10.12.2023 18:15:07
  • Zuletzt bearbeitet 21.11.2024 08:42:40

A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remo...

7.8

CVE-2023-3972

  • EPSS 0.01%
  • Veröffentlicht 01.11.2023 16:15:08
  • Zuletzt bearbeitet 21.11.2024 08:18:25

A vulnerability was found in insights-client. This security issue occurs because of insecure file operations or unsafe handling of temporary files and directories that lead to local privilege escalation. Before the insights-client has been registered...

7.8

CVE-2023-5367

  • EPSS 0.06%
  • Veröffentlicht 25.10.2023 20:15:18
  • Zuletzt bearbeitet 04.08.2025 21:15:27

A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset when copying data stored in the heap in the XIChangeDeviceProperty function in Xi/xiproperty.c and in RRChangeOutputProp...

7.8

CVE-2023-3899

  • EPSS 0.03%
  • Veröffentlicht 23.08.2023 11:15:07
  • Zuletzt bearbeitet 21.11.2024 08:18:19

A vulnerability was found in subscription-manager that allows local privilege escalation due to inadequate authorization. The D-Bus interface com.redhat.RHSM1 exposes a significant number of methods to all users that could change the state of the reg...

7.8

CVE-2023-0494

  • EPSS 0.58%
  • Veröffentlicht 27.03.2023 21:15:10
  • Zuletzt bearbeitet 24.02.2025 18:15:16

A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege...

8.8

CVE-2019-8720

Warnung
  • EPSS 8.24%
  • Veröffentlicht 06.03.2023 23:15:10
  • Zuletzt bearbeitet 27.03.2025 14:08:19

A vulnerability was found in WebKit. The flaw is triggered when processing maliciously crafted web content that may lead to arbitrary code execution. Improved memory handling addresses the multiple memory corruption issues.

8.8

CVE-2022-4254

Exploit
  • EPSS 0.09%
  • Veröffentlicht 01.02.2023 17:15:09
  • Zuletzt bearbeitet 27.03.2025 15:15:41

sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters