Redhat

Enterprise Linux Server Aus

1059 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.4

CVE-2023-5870

  • EPSS 0.62%
  • Veröffentlicht 10.12.2023 18:15:07
  • Zuletzt bearbeitet 04.11.2025 20:17:14

A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Successful exploitation requires a non-core extension wi...

7.1

CVE-2023-6606

Exploit
  • EPSS 0.01%
  • Veröffentlicht 08.12.2023 17:15:07
  • Zuletzt bearbeitet 21.11.2024 08:44:11

An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information.

7.5

CVE-2023-46847

  • EPSS 38.21%
  • Veröffentlicht 03.11.2023 08:15:08
  • Zuletzt bearbeitet 21.11.2024 08:29:25

Squid is vulnerable to a Denial of Service, where a remote attacker can perform buffer overflow attack by writing up to 2 MB of arbitrary data to heap memory when Squid is configured to accept HTTP Digest Authentication.

7.5

CVE-2023-46848

  • EPSS 7.16%
  • Veröffentlicht 03.11.2023 08:15:08
  • Zuletzt bearbeitet 21.11.2024 08:29:25

Squid is vulnerable to Denial of Service, where a remote attacker can perform DoS by sending ftp:// URLs in HTTP Request messages or constructing ftp:// URLs from FTP Native input.

5.3

CVE-2023-46846

  • EPSS 9.58%
  • Veröffentlicht 03.11.2023 08:15:07
  • Zuletzt bearbeitet 18.12.2024 01:15:06

SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems.

7.8

CVE-2023-3972

  • EPSS 0.01%
  • Veröffentlicht 01.11.2023 16:15:08
  • Zuletzt bearbeitet 21.11.2024 08:18:25

A vulnerability was found in insights-client. This security issue occurs because of insecure file operations or unsafe handling of temporary files and directories that lead to local privilege escalation. Before the insights-client has been registered...

7.8

CVE-2023-5633

  • EPSS 0.02%
  • Veröffentlicht 23.10.2023 22:15:09
  • Zuletzt bearbeitet 25.02.2026 19:29:20

The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. When running inside a VMware guest with 3D acce...

7.8

CVE-2023-4911

Warnung Exploit
  • EPSS 71.53%
  • Veröffentlicht 03.10.2023 18:15:10
  • Zuletzt bearbeitet 12.05.2026 16:24:45

A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launch...

7.5

CVE-2023-5157

  • EPSS 0.6%
  • Veröffentlicht 27.09.2023 15:19:41
  • Zuletzt bearbeitet 01.10.2025 15:15:41

A vulnerability was found in MariaDB. An OpenVAS port scan on ports 3306 and 4567 allows a malicious remote client to cause a denial of service.

6.5

CVE-2023-4527

Exploit
  • EPSS 0.11%
  • Veröffentlicht 18.09.2023 17:15:55
  • Zuletzt bearbeitet 12.05.2026 11:16:15

A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack con...