Filtered by vendor Redhat Subscriptions
Filtered by product Enterprise Linux Server Aus Subscriptions
Total 1057 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-4527 4 Fedoraproject, Gnu, Netapp and 1 more 32 Fedora, Glibc, H300s and 29 more 2025-08-21 6.5 Medium
A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data, and may cause a crash.
CVE-2023-4911 6 Canonical, Debian, Fedoraproject and 3 more 40 Ubuntu Linux, Debian Linux, Fedora and 37 more 2025-08-21 7.8 High
A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.
CVE-2023-4813 4 Fedoraproject, Gnu, Netapp and 1 more 23 Fedora, Glibc, Active Iq Unified Manager and 20 more 2025-08-18 5.9 Medium
A flaw was found in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with SUCCESS=continue or SUCCESS=merge.
CVE-2023-4806 3 Fedoraproject, Gnu, Redhat 24 Fedora, Glibc, Codeready Linux Builder Eus and 21 more 2025-08-18 5.9 Medium
A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the _nss_*_gethostbyname2_r and _nss_*_getcanonname_r hooks without implementing the _nss_*_gethostbyname3_r hook. The resolved name should return a large number of IPv6 and IPv4, and the call to the getaddrinfo function should have the AF_INET6 address family with AI_CANONNAME, AI_ALL and AI_V4MAPPED as flags.
CVE-2025-3155 3 Debian, Gnome, Redhat 25 Debian Linux, Yelp, Codeready Linux Builder and 22 more 2025-08-13 7.4 High
A flaw was found in Yelp. The Gnome user help application allows the help document to execute arbitrary scripts. This vulnerability allows malicious users to input help documents, which may exfiltrate user files to an external environment.
CVE-2024-12088 8 Almalinux, Archlinux, Gentoo and 5 more 21 Almalinux, Arch Linux, Linux and 18 more 2025-08-13 6.5 Medium
A flaw was found in rsync. When using the `--safe-links` option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary file write outside the desired directory.
CVE-2024-12087 8 Almalinux, Archlinux, Gentoo and 5 more 20 Almalinux, Arch Linux, Linux and 17 more 2025-08-13 6.5 Medium
A path traversal vulnerability exists in rsync. It stems from behavior enabled by the `--inc-recursive` option, a default-enabled option for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the `--inc-recursive` option, a lack of proper symlink verification coupled with deduplication checks occurring on a per-file-list basis could allow a server to write files outside of the client's intended destination directory. A malicious server could write malicious files to arbitrary locations named after valid directories/paths on the client.
CVE-2024-12085 8 Almalinux, Archlinux, Gentoo and 5 more 28 Almalinux, Arch Linux, Linux and 25 more 2025-08-13 7.5 High
A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time.
CVE-2016-9401 3 Debian, Gnu, Redhat 9 Debian Linux, Bash, Enterprise Linux and 6 more 2025-08-07 6.2 Medium
popd in bash might allow local users to bypass the restricted shell and cause a use-after-free via a crafted address.
CVE-2023-5870 2 Postgresql, Redhat 22 Postgresql, Advanced Cluster Security, Codeready Linux Builder Eus and 19 more 2025-08-06 2.2 Low
A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Successful exploitation requires a non-core extension with a less-resilient background worker and would affect that specific background worker only. This issue may allow a remote high privileged user to launch a denial of service (DoS) attack.
CVE-2024-9676 1 Redhat 20 Enterprise Linux, Enterprise Linux Eus, Enterprise Linux For Arm 64 and 17 more 2025-08-06 6.5 Medium
A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running a malicious image using an automatically assigned user namespace (`--userns=auto` in Podman and Buildah). The containers/storage library will read /etc/passwd inside the container, but does not properly validate if that file is a symlink, which can be used to cause the library to read an arbitrary file on the host.
CVE-2023-6606 2 Linux, Redhat 8 Linux Kernel, Enterprise Linux, Enterprise Linux Eus and 5 more 2025-08-04 7.1 High
An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information.
CVE-2023-6536 3 Debian, Linux, Redhat 20 Debian Linux, Linux Kernel, Codeready Linux Builder Eus and 17 more 2025-08-04 6.5 Medium
A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service.
CVE-2023-6535 2 Linux, Redhat 19 Linux Kernel, Codeready Linux Builder Eus, Codeready Linux Builder Eus For Power Little Endian Eus and 16 more 2025-08-04 6.5 Medium
A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service.
CVE-2023-6356 3 Debian, Linux, Redhat 20 Debian Linux, Linux Kernel, Codeready Linux Builder Eus and 17 more 2025-08-04 6.5 Medium
A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver and causing kernel panic and a denial of service.
CVE-2023-5868 2 Postgresql, Redhat 22 Postgresql, Advanced Cluster Security, Codeready Linux Builder Eus and 19 more 2025-08-04 4.3 Medium
A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes, potentially revealing notable and confidential information. This issue exists due to excessive data output in aggregate function calls, enabling remote users to read some portion of system memory.
CVE-2023-5455 3 Fedoraproject, Freeipa, Redhat 25 Fedora, Freeipa, Codeready Linux Builder and 22 more 2025-08-03 6.5 Medium
A Cross-site request forgery vulnerability exists in ipa/session/login_password in all supported versions of IPA. This flaw allows an attacker to trick the user into submitting a request that could perform actions as the user, resulting in a loss of confidentiality and system integrity. During community penetration testing it was found that for certain HTTP end-points FreeIPA does not ensure CSRF protection. Due to implementation details one cannot use this flaw for reflection of a cookie representing already logged-in user. An attacker would always have to go through a new authentication attempt.
CVE-2024-1062 2 Fedoraproject, Redhat 16 Fedora, 389 Directory Server, Directory Server and 13 more 2025-08-03 5.5 Medium
A heap overflow flaw was found in 389-ds-base. This issue leads to a denial of service when writing a value larger than 256 chars in log_entry_attr.
CVE-2023-46848 2 Redhat, Squid-cache 6 Enterprise Linux, Enterprise Linux Eus, Enterprise Linux Server Aus and 3 more 2025-08-01 8.6 High
Squid is vulnerable to Denial of Service, where a remote attacker can perform DoS by sending ftp:// URLs in HTTP Request messages or constructing ftp:// URLs from FTP Native input.
CVE-2023-46847 2 Redhat, Squid-cache 15 Enterprise Linux, Enterprise Linux Eus, Enterprise Linux For Arm 64 and 12 more 2025-08-01 8.6 High
Squid is vulnerable to a Denial of Service, where a remote attacker can perform buffer overflow attack by writing up to 2 MB of arbitrary data to heap memory when Squid is configured to accept HTTP Digest Authentication.