Redhat

Enterprise Linux

1714 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2023-40745

  • EPSS 0.26%
  • Veröffentlicht 05.10.2023 19:15:11
  • Zuletzt bearbeitet 21.11.2024 08:20:03

LibTIFF is vulnerable to an integer overflow. This flaw allows remote attackers to cause a denial of service (application crash) or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow.

6.5

CVE-2023-41175

  • EPSS 0.26%
  • Veröffentlicht 05.10.2023 19:15:11
  • Zuletzt bearbeitet 04.12.2024 08:15:05

A vulnerability was found in libtiff due to multiple potential integer overflows in raw2tiff.c. This flaw allows remote attackers to cause a denial of service or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based...

5.5

CVE-2023-42754

Exploit
  • EPSS 0.01%
  • Veröffentlicht 05.10.2023 19:15:11
  • Zuletzt bearbeitet 21.11.2024 08:23:06

A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer (skb) was assumed to be associated with a device before calling __ip_options_compile, which is not always the case if the skb is re-routed by ipvs. This issue...

5.5

CVE-2023-42755

Exploit
  • EPSS 0.01%
  • Veröffentlicht 05.10.2023 19:15:11
  • Zuletzt bearbeitet 21.11.2024 08:23:06

A flaw was found in the IPv4 Resource Reservation Protocol (RSVP) classifier in the Linux kernel. The xprt pointer may go beyond the linear part of the skb, leading to an out-of-bounds read in the `rsvp_classify` function. This issue may allow a loca...

8.2

CVE-2023-39191

  • EPSS 0.01%
  • Veröffentlicht 04.10.2023 19:15:10
  • Zuletzt bearbeitet 21.11.2024 08:14:52

An improper input validation flaw was found in the eBPF subsystem in the Linux kernel. The issue occurs due to a lack of proper validation of dynamic pointers within user-supplied eBPF programs prior to executing them. This may allow an attacker with...

5.5

CVE-2023-3576

  • EPSS 0.03%
  • Veröffentlicht 04.10.2023 19:15:10
  • Zuletzt bearbeitet 21.11.2024 08:17:35

A memory leak flaw was found in Libtiff's tiffcrop utility. This issue occurs when tiffcrop operates on a TIFF image file, allowing an attacker to pass a crafted TIFF image file to tiffcrop utility, which causes this memory leak issue, resulting an a...

5.9

CVE-2022-4132

  • EPSS 0.07%
  • Veröffentlicht 04.10.2023 12:15:10
  • Zuletzt bearbeitet 21.11.2024 07:34:38

A flaw was found in JSS. A memory leak in JSS requires non-standard configuration but is a low-effort DoS vector if configured that way (repeatedly hitting the login page).

7.8

CVE-2023-4911

Warnung Exploit
  • EPSS 69.79%
  • Veröffentlicht 03.10.2023 18:15:10
  • Zuletzt bearbeitet 06.11.2025 14:50:50

A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launch...

4.7

CVE-2023-4732

  • EPSS 0.01%
  • Veröffentlicht 03.10.2023 17:15:09
  • Zuletzt bearbeitet 21.11.2024 08:35:51

A flaw was found in pfn_swap_entry_to_page in memory management subsystem in the Linux Kernel. In this flaw, an attacker with a local user privilege may cause a denial of service problem due to a BUG statement referencing pmd_t x.

7.5

CVE-2023-44488

  • EPSS 1.45%
  • Veröffentlicht 30.09.2023 20:15:10
  • Zuletzt bearbeitet 21.11.2024 08:25:59

VP9 in libvpx before 1.13.1 mishandles widths, leading to a crash related to encoding.