Filtered by vendor Redhat
Subscriptions
Total
20646 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-28120 | 1 Redhat | 1 Logging | 2023-03-15 | 6.1 Medium |
| A Cross-Site-Scripting vulnerability was found in rubygem ActiveSupport. If the new bytesplice method is called on a SafeBuffer with untrusted user input, malicious code could be executed. | ||||
| CVE-2022-31631 | 1 Redhat | 1 Enterprise Linux | 2023-01-05 | 5.9 Medium |
| A flaw was found in PHP. This issue occurs due to an uncaught integer overflow in PDO::quote() of PDO_SQLite returning an improperly quoted string. With the implementation of sqlite3_snprintf(), it is possible to force the function to return a single apostrophe if the function is called on user-supplied input without any length restrictions in place. | ||||
| CVE-2022-21505 | 1 Redhat | 1 Enterprise Linux | 2022-07-19 | 6.7 Medium |
| An authentication bypass flaw was found in the Linux kernel’s IMA policy when a user performs lockdown. This flaw allows a local user to crash or potentially escalate their privileges on the system. | ||||
| CVE-2022-28693 | 1 Redhat | 4 Enterprise Linux, Rhel Eus, Rhel Extras Rt and 1 more | 2022-07-13 | 4.7 Medium |
| A flaw was found in hw. The unprotected alternative channel of return branch target prediction in some Intel(R) Processors may allow an authorized user to enable information disclosure via local access. | ||||
| CVE-2021-25635 | 1 Redhat | 1 Enterprise Linux | 2021-10-11 | 6.3 Medium |
| A flaw was found in LibreOffice, where it improperly validated signatures for algorithms that were not verified. This flaw leads to LibreOffice presenting a valid signature when the validity of the signature was not verified. The highest threat from this vulnerability is to confidentiality and integrity. | ||||
| CVE-2019-15690 | 1 Redhat | 2 Enterprise Linux, Rhel E4s | 2019-12-20 | 9.8 Critical |
| A flaw was found in libvncserver. An integer overflow within the HandleCursorShape() function can be exploited to cause a heap-based buffer overflow by tricking a user or application using libvncserver to connect to an unstrusted server and subsequently send cursor shapes with specially crafted dimensions. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | ||||