Redhat

Enterprise Linux

1709 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7

CVE-2023-27561

Exploit
  • EPSS 0.12%
  • Published 03.03.2023 19:15:11
  • Last modified 06.12.2024 14:15:19

runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to ru...

3.7

CVE-2022-41862

  • EPSS 0.2%
  • Published 03.03.2023 16:15:09
  • Last modified 07.03.2025 16:15:36

In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. In certain conditions a server can cause a libpq client to over-read and report an error message containing u...

5.5

CVE-2023-1095

  • EPSS 0.02%
  • Published 28.02.2023 23:15:11
  • Last modified 18.03.2025 16:15:16

In nf_tables_updtable, if nf_tables_table_enable returns an error, nft_trans_destroy is called to free the transaction object. nft_trans_destroy() calls list_del(), but the transaction was never placed on a list -- the list head is all zeroes, this r...

7.4

CVE-2023-0361

Exploit
  • EPSS 1.2%
  • Published 15.02.2023 18:15:11
  • Last modified 19.03.2025 18:15:18

A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a s...

5.5

CVE-2022-3560

  • EPSS 0.02%
  • Published 02.02.2023 21:22:38
  • Last modified 26.03.2025 19:15:18

A flaw was found in pesign. The pesign package provides a systemd service used to start the pesign daemon. This service unit runs a script to set ACLs for /etc/pki/pesign and /run/pesign directories to grant access privileges to users in the 'pesign'...

8.8

CVE-2022-4254

Exploit
  • EPSS 0.09%
  • Published 01.02.2023 17:15:09
  • Last modified 27.03.2025 15:15:41

sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters

5.5

CVE-2022-4285

Exploit
  • EPSS 0.03%
  • Published 27.01.2023 18:15:15
  • Last modified 28.03.2025 16:15:25

An illegal memory access flaw was found in the binutils package. Parsing an ELF file containing corrupt symbol version information may result in a denial of service. This issue is the result of an incomplete fix for CVE-2020-16599.

7.5

CVE-2022-4743

  • EPSS 0.05%
  • Published 12.01.2023 19:15:24
  • Last modified 08.04.2025 14:15:29

A potential memory leak issue was discovered in SDL2 in GLES_CreateTexture() function in SDL_render_gles.c. The vulnerability allows an attacker to cause a denial of service attack. The vulnerability affects SDL2 v2.0.4 and above. SDL-1.x are not aff...

7.8

CVE-2022-3715

Exploit
  • EPSS 0.05%
  • Published 05.01.2023 15:15:10
  • Last modified 10.04.2025 15:15:50

A flaw was found in the bash package, where a heap-buffer overflow can occur in valid parameter_transform. This issue may lead to memory problems.

7.1

CVE-2022-3775

  • EPSS 0.07%
  • Published 19.12.2022 20:15:11
  • Last modified 21.11.2024 07:20:13

When rendering certain unicode sequences, grub2's font code doesn't proper validate if the informed glyph's width and height is constrained within bitmap size. As consequence an attacker can craft an input which will lead to a out-of-bounds write int...