Redhat

Enterprise Linux Server Aus

1054 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2020-14372

  • EPSS 1.21%
  • Published 03.03.2021 17:15:11
  • Last modified 21.11.2024 05:03:07

A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table (SSDT) cont...

8.2

CVE-2020-25632

  • EPSS 0.02%
  • Published 03.03.2021 17:15:11
  • Last modified 21.11.2024 05:18:17

A flaw was found in grub2 in versions prior to 2.06. The rmmod implementation allows the unloading of a module used as a dependency without checking if any other dependent module is still loaded leading to a use-after-free scenario. This could allow ...

7.6

CVE-2020-25647

  • EPSS 0.01%
  • Published 03.03.2021 17:15:11
  • Last modified 21.11.2024 05:18:19

A flaw was found in grub2 in versions prior to 2.06. During USB device initialization, descriptors are read with very little bounds checking and assumes the USB device is providing sane values. If properly exploited, an attacker could trigger memory ...

7.2

CVE-2020-27749

  • EPSS 0.04%
  • Published 03.03.2021 17:15:11
  • Last modified 21.11.2024 05:21:45

A flaw was found in grub2 in versions prior to 2.06. Variable names present are expanded in the supplied command line into their corresponding variable contents, using a 1kB stack buffer for temporary storage, without sufficient bounds checking. If t...

7.5

CVE-2020-27779

  • EPSS 0.02%
  • Published 03.03.2021 17:15:11
  • Last modified 21.11.2024 05:21:49

A flaw was found in grub2 in versions prior to 2.06. The cutmem command does not honor secure boot locking allowing an privileged attacker to remove address ranges from memory creating an opportunity to circumvent SecureBoot protections after proper ...

7.2

CVE-2021-20225

  • EPSS 0.05%
  • Published 03.03.2021 17:15:11
  • Last modified 21.11.2024 05:46:09

A flaw was found in grub2 in versions prior to 2.06. The option parser allows an attacker to write past the end of a heap-allocated buffer by calling certain commands with a large number of specific short forms of options. The highest threat from thi...

7.5

CVE-2020-9490

  • EPSS 75.82%
  • Published 07.08.2020 16:15:12
  • Last modified 21.11.2024 05:40:45

Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would result in a crash when the server actually tries to HTTP/2 PUSH a resource afterwards. Configuring the HTTP/2 feature via ...

6

CVE-2020-14310

  • EPSS 0.05%
  • Published 31.07.2020 22:15:11
  • Last modified 21.11.2024 05:02:58

There is an issue on grub2 before version 2.06 at function read_section_as_string(). It expects a font name to be at max UINT32_MAX - 1 length in bytes but it doesn't verify it before proceed with buffer allocation to read the value from the font val...

6

CVE-2020-14311

  • EPSS 0.03%
  • Published 31.07.2020 22:15:11
  • Last modified 21.11.2024 05:02:58

There is an issue with grub2 before version 2.06 while handling symlink on ext filesystems. A filesystem containing a symbolic link with an inode size of UINT32_MAX causes an arithmetic overflow leading to a zero-sized memory allocation with subseque...

7.5

CVE-2019-15604

Exploit
  • EPSS 4.72%
  • Published 07.02.2020 15:15:11
  • Last modified 21.11.2024 04:29:06

Improper Certificate Validation in Node.js 10, 12, and 13 causes the process to abort when sending a crafted X.509 certificate