Redhat

Enterprise Linux Server Aus

1054 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2023-6536

  • EPSS 0.03%
  • Published 07.02.2024 21:15:08
  • Last modified 21.11.2024 08:44:03

A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, caus...

5.9

CVE-2023-5992

Exploit
  • EPSS 0.21%
  • Published 31.01.2024 14:15:48
  • Last modified 21.11.2024 08:42:56

A vulnerability was found in OpenSC where PKCS#1 encryption padding removal is not implemented as side-channel resistant. This issue may result in the potential leak of private data.

6.5

CVE-2023-5455

  • EPSS 0.37%
  • Published 10.01.2024 13:15:48
  • Last modified 21.11.2024 08:41:47

A Cross-site request forgery vulnerability exists in ipa/session/login_password in all supported versions of IPA. This flaw allows an attacker to trick the user into submitting a request that could perform actions as the user, resulting in a loss of ...

4.3

CVE-2023-5868

  • EPSS 2.72%
  • Published 10.12.2023 18:15:07
  • Last modified 21.11.2024 08:42:40

A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals witho...

8.8

CVE-2023-5869

  • EPSS 1.61%
  • Published 10.12.2023 18:15:07
  • Last modified 21.11.2024 08:42:40

A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remo...

4.4

CVE-2023-5870

  • EPSS 0.65%
  • Published 10.12.2023 18:15:07
  • Last modified 21.11.2024 08:42:40

A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Successful exploitation requires a non-core extension wi...

7.1

CVE-2023-6606

Exploit
  • EPSS 0.01%
  • Published 08.12.2023 17:15:07
  • Last modified 21.11.2024 08:44:11

An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information.

7.5

CVE-2023-46847

  • EPSS 50.11%
  • Published 03.11.2023 08:15:08
  • Last modified 21.11.2024 08:29:25

Squid is vulnerable to a Denial of Service, where a remote attacker can perform buffer overflow attack by writing up to 2 MB of arbitrary data to heap memory when Squid is configured to accept HTTP Digest Authentication.

7.5

CVE-2023-46848

  • EPSS 8.23%
  • Published 03.11.2023 08:15:08
  • Last modified 21.11.2024 08:29:25

Squid is vulnerable to Denial of Service, where a remote attacker can perform DoS by sending ftp:// URLs in HTTP Request messages or constructing ftp:// URLs from FTP Native input.

5.3

CVE-2023-46846

  • EPSS 9.62%
  • Published 03.11.2023 08:15:07
  • Last modified 18.12.2024 01:15:06

SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems.