Redhat

Enterprise Linux

1857 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 2.62%
  • Veröffentlicht 23.11.2021 19:15:07
  • Zuletzt bearbeitet 21.11.2024 06:22:07

A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS (Domain Name Servers) can lead to output of wrong hostnames which might potentially lead to Domain Hijacking. The highest threat from this vulner...

  • EPSS 1.03%
  • Veröffentlicht 22.11.2021 16:15:07
  • Zuletzt bearbeitet 03.11.2025 20:15:50

When PgBouncer is configured to use "cert" authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of TLS certificate verification and encryption. This flaw affects PgBounc...

Exploit
  • EPSS 0.67%
  • Veröffentlicht 04.11.2021 19:15:07
  • Zuletzt bearbeitet 21.11.2024 06:29:08

An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c.

  • EPSS 0.89%
  • Veröffentlicht 19.10.2021 15:15:08
  • Zuletzt bearbeitet 21.11.2024 06:22:19

A flaw was found in the libtpms code that may cause access beyond the boundary of internal buffers. The vulnerability is triggered by specially-crafted TPM2 command packets that then trigger the issue when the state of the TPM2's volatile state is wr...

  • EPSS 1.7%
  • Veröffentlicht 04.10.2021 18:15:08
  • Zuletzt bearbeitet 21.11.2024 06:07:30

Redis is an open source, in-memory database that persists on disk. When using the Redis Lua Debugger, users can send malformed requests that cause the debugger’s protocol parser to read data beyond the actual buffer. This issue affects all versions o...

Exploit
  • EPSS 0.41%
  • Veröffentlicht 29.09.2021 20:15:08
  • Zuletzt bearbeitet 21.11.2024 06:22:04

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the ...

Warnung
  • EPSS 100%
  • Veröffentlicht 16.09.2021 15:15:07
  • Zuletzt bearbeitet 27.10.2025 17:37:06

A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.

  • EPSS 0.42%
  • Veröffentlicht 07.09.2021 15:15:07
  • Zuletzt bearbeitet 02.12.2025 22:16:05

A crafted NTFS image can cause a NULL pointer dereference in ntfs_extent_inode_open in NTFS-3G < 2021.8.22.

  • EPSS 0.42%
  • Veröffentlicht 07.09.2021 14:15:11
  • Zuletzt bearbeitet 03.12.2025 15:15:49

In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute is supplied to the function ntfs_get_attribute_value, a heap buffer overflow can occur allowing for memory disclosure or denial of service. The vulnerability is caused by an out...

  • EPSS 4.68%
  • Veröffentlicht 31.08.2021 17:15:08
  • Zuletzt bearbeitet 21.11.2024 06:22:02

A flaw has been found in libssh in versions prior to 0.9.6. The SSH protocol keeps track of two shared secrets during the lifetime of the session. One of them is called secret_hash and the other session_id. Initially, both of them are the same, but a...