Redhat

Enterprise Linux

1709 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.1

CVE-2021-4048

  • EPSS 0.37%
  • Published 08.12.2021 22:15:10
  • Last modified 21.11.2024 06:36:47

An out-of-bounds read flaw was found in the CLARRV, DLARRV, SLARRV, and ZLARRV functions in lapack through version 3.10.0, as also used in OpenBLAS before version 0.3.18. Specially crafted inputs passed to these functions could cause an application u...

6.3

CVE-2021-3802

Exploit
  • EPSS 0.03%
  • Published 29.11.2021 16:15:07
  • Last modified 21.11.2024 06:22:28

A vulnerability found in udisks2. This flaw allows an attacker to input a specially crafted image file/USB leading to kernel panic. The highest threat from this vulnerability is to system availability.

6.8

CVE-2021-3672

Exploit
  • EPSS 0.11%
  • Published 23.11.2021 19:15:07
  • Last modified 21.11.2024 06:22:07

A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS (Domain Name Servers) can lead to output of wrong hostnames which might potentially lead to Domain Hijacking. The highest threat from this vulner...

8.1

CVE-2021-3935

  • EPSS 0.37%
  • Published 22.11.2021 16:15:07
  • Last modified 21.11.2024 06:22:48

When PgBouncer is configured to use "cert" authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of TLS certificate verification and encryption. This flaw affects PgBounc...

5.5

CVE-2021-43389

Exploit
  • EPSS 0.01%
  • Published 04.11.2021 19:15:07
  • Last modified 21.11.2024 06:29:08

An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c.

7.1

CVE-2021-3746

  • EPSS 0.27%
  • Published 19.10.2021 15:15:08
  • Last modified 21.11.2024 06:22:19

A flaw was found in the libtpms code that may cause access beyond the boundary of internal buffers. The vulnerability is triggered by specially-crafted TPM2 command packets that then trigger the issue when the state of the TPM2's volatile state is wr...

4.3

CVE-2021-32672

  • EPSS 0.29%
  • Published 04.10.2021 18:15:08
  • Last modified 21.11.2024 06:07:30

Redis is an open source, in-memory database that persists on disk. When using the Redis Lua Debugger, users can send malformed requests that cause the debugger’s protocol parser to read data beyond the actual buffer. This issue affects all versions o...

8.8

CVE-2021-3653

Exploit
  • EPSS 0.01%
  • Published 29.09.2021 20:15:08
  • Last modified 21.11.2024 06:22:04

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the ...

9

CVE-2021-40438

Warning
  • EPSS 94.43%
  • Published 16.09.2021 15:15:07
  • Last modified 16.05.2025 15:27:13

A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.

7.8

CVE-2021-39251

  • EPSS 0.02%
  • Published 07.09.2021 15:15:07
  • Last modified 21.11.2024 06:19:01

A crafted NTFS image can cause a NULL pointer dereference in ntfs_extent_inode_open in NTFS-3G < 2021.8.22.