Filtered by vendor Redhat Subscriptions
Filtered by product Enterprise Linux For Ibm Z Systems Subscriptions
Total 90 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-6681 3 Fedoraproject, Latchset, Redhat 7 Fedora, Jwcrypto, Ansible Automation Platform and 4 more 2024-11-12 5.3 Medium
A vulnerability was found in JWCrypto. This flaw allows an attacker to cause a denial of service (DoS) attack and possible password brute-force and dictionary attacks to be more resource-intensive. This issue can result in a large amount of computational consumption, causing a denial of service attack.
CVE-2024-1062 2 Fedoraproject, Redhat 15 Fedora, 389 Directory Server, Directory Server and 12 more 2024-11-06 5.5 Medium
A heap overflow flaw was found in 389-ds-base. This issue leads to a denial of service when writing a value larger than 256 chars in log_entry_attr.
CVE-2023-46847 2 Redhat, Squid-cache 15 Enterprise Linux, Enterprise Linux Eus, Enterprise Linux For Arm 64 and 12 more 2024-11-06 8.6 High
Squid is vulnerable to a Denial of Service, where a remote attacker can perform buffer overflow attack by writing up to 2 MB of arbitrary data to heap memory when Squid is configured to accept HTTP Digest Authentication.
CVE-2023-46846 2 Redhat, Squid-cache 12 Enterprise Linux, Enterprise Linux Eus, Enterprise Linux For Arm 64 and 9 more 2024-11-06 9.3 Critical
SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems.
CVE-2023-42669 2 Redhat, Samba 10 Enterprise Linux, Enterprise Linux Eus, Enterprise Linux For Ibm Z Systems and 7 more 2024-11-06 6.5 Medium
A vulnerability was found in Samba's "rpcecho" development server, a non-Windows RPC server used to test Samba's DCE/RPC stack elements. This vulnerability stems from an RPC function that can be blocked indefinitely. The issue arises because the "rpcecho" service operates with only one worker in the main RPC task, allowing calls to the "rpcecho" server to be blocked for a specified time, causing service disruptions. This disruption is triggered by a "sleep()" call in the "dcesrv_echo_TestSleep()" function under specific conditions. Authenticated users or attackers can exploit this vulnerability to make calls to the "rpcecho" server, requesting it to block for a specified duration, effectively disrupting most services and leading to a complete denial of service on the AD DC. The DoS affects all other services as "rpcecho" runs in the main RPC task.
CVE-2021-4034 7 Canonical, Oracle, Polkit Project and 4 more 37 Ubuntu Linux, Http Server, Zfs Storage Appliance Kit and 34 more 2024-11-05 7.8 High
A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.
CVE-2023-5870 2 Postgresql, Redhat 22 Postgresql, Advanced Cluster Security, Codeready Linux Builder Eus and 19 more 2024-10-29 2.2 Low
A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Successful exploitation requires a non-core extension with a less-resilient background worker and would affect that specific background worker only. This issue may allow a remote high privileged user to launch a denial of service (DoS) attack.
CVE-2016-2818 6 Canonical, Debian, Mozilla and 3 more 22 Ubuntu Linux, Debian Linux, Firefox and 19 more 2024-10-22 N/A
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVE-2019-7317 11 Canonical, Debian, Hp and 8 more 35 Ubuntu Linux, Debian Linux, Xp7 Command View and 32 more 2024-10-21 5.3 Medium
png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.
CVE-2013-1675 5 Canonical, Debian, Mozilla and 2 more 20 Ubuntu Linux, Debian Linux, Firefox and 17 more 2024-10-21 6.5 Medium
Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 do not properly initialize data structures for the nsDOMSVGZoomEvent::mPreviousScale and nsDOMSVGZoomEvent::mNewScale functions, which allows remote attackers to obtain sensitive information from process memory via a crafted web site.
CVE-2021-3672 6 C-ares Project, Fedoraproject, Nodejs and 3 more 19 C-ares, Fedora, Node.js and 16 more 2024-10-15 5.6 Medium
A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS (Domain Name Servers) can lead to output of wrong hostnames which might potentially lead to Domain Hijacking. The highest threat from this vulnerability is to confidentiality and integrity as well as system availability.
CVE-2023-5992 2 Opensc Project, Redhat 11 Opensc, Enterprise Linux, Enterprise Linux Eus and 8 more 2024-10-09 5.6 Medium
A vulnerability was found in OpenSC where PKCS#1 encryption padding removal is not implemented as side-channel resistant. This issue may result in the potential leak of private data.
CVE-2023-5633 2 Linux, Redhat 23 Linux Kernel, Codeready Linux Builder, Codeready Linux Builder Eus and 20 more 2024-10-09 7.8 High
The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. When running inside a VMware guest with 3D acceleration enabled, a local, unprivileged user could potentially use this flaw to escalate their privileges.
CVE-2024-3049 2 Clusterlabs, Redhat 11 Booth, Enterprise Linux, Enterprise Linux Eus and 8 more 2024-09-24 5.9 Medium
A flaw was found in Booth, a cluster ticket manager. If a specially-crafted hash is passed to gcry_md_get_algo_dlen(), it may allow an invalid HMAC to be accepted by the Booth server.
CVE-2017-12615 4 Apache, Microsoft, Netapp and 1 more 24 Tomcat, Windows, 7-mode Transition Tool and 21 more 2024-09-17 8.1 High
When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.
CVE-2017-12617 6 Apache, Canonical, Debian and 3 more 60 Tomcat, Ubuntu Linux, Debian Linux and 57 more 2024-09-16 8.1 High
When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.
CVE-2019-11043 6 Canonical, Debian, Fedoraproject and 3 more 26 Ubuntu Linux, Debian Linux, Fedora and 23 more 2024-09-16 8.7 High
In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.
CVE-2021-44142 6 Canonical, Debian, Fedoraproject and 3 more 28 Ubuntu Linux, Debian Linux, Fedora and 25 more 2024-09-16 8.8 High
The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide "...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver." Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via specially crafted extended file attributes. A remote attacker with write access to extended file attributes can execute arbitrary code with the privileges of smbd, typically root.
CVE-2024-0409 4 Fedoraproject, Redhat, Tigervnc and 1 more 12 Fedora, Enterprise Linux, Enterprise Linux Desktop and 9 more 2024-09-16 7.8 High
A flaw was found in the X.Org server. The cursor code in both Xephyr and Xwayland uses the wrong type of private at creation. It uses the cursor bits type with the cursor as private, and when initiating the cursor, that overwrites the XSELINUX context.
CVE-2024-0408 4 Fedoraproject, Redhat, Tigervnc and 1 more 12 Fedora, Enterprise Linux, Enterprise Linux Desktop and 9 more 2024-09-16 5.5 Medium
A flaw was found in the X.Org server. The GLX PBuffer code does not call the XACE hook when creating the buffer, leaving it unlabeled. When the client issues another request to access that resource (as with a GetGeometry) or when it creates another resource that needs to access that buffer, such as a GC, the XSELINUX code will try to use an object that was never labeled and crash because the SID is NULL.