Vulnerabilities (CVE)

Filtered by vendor Redhat Subscribe
Total 5530 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-19076 3 Canonical, Linux, Redhat 3 Ubuntu Linux, Linux Kernel, Enterprise Linux 2024-03-21 7.1 HIGH 5.9 MEDIUM
A memory leak in the nfp_abm_u32_knode_replace() function in drivers/net/ethernet/netronome/nfp/abm/cls.c in the Linux kernel before 5.3.6 allows attackers to cause a denial of service (memory consumption), aka CID-78beef629fd9. NOTE: This has been argued as not a valid vulnerability. The upstream commit 78beef629fd9 was reverted
CVE-2019-16229 3 Canonical, Linux, Redhat 3 Ubuntu Linux, Linux Kernel, Enterprise Linux 2024-03-21 4.7 MEDIUM 4.1 MEDIUM
drivers/gpu/drm/amd/amdkfd/kfd_interrupt.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. NOTE: The security community disputes this issues as not being serious enough to be deserving a CVE id
CVE-2019-10143 3 Fedoraproject, Freeradius, Redhat 3 Fedora, Freeradius, Enterprise Linux 2024-03-21 6.9 MEDIUM 7.0 HIGH
It was discovered freeradius up to and including version 3.0.19 does not correctly configure logrotate, allowing a local attacker who already has control of the radiusd user to escalate his privileges to root, by tricking logrotate into writing a radiusd-writable file to a directory normally inaccessible by the radiusd user. NOTE: the upstream software maintainer has stated "there is simply no way for anyone to gain privileges through this alleged issue."
CVE-2018-10683 1 Redhat 1 Wildfly 2024-03-21 7.5 HIGH 9.8 CRITICAL
An issue was discovered in WildFly 10.1.2.Final. In the case of a default installation without a security realm reference, an attacker can successfully access the server without authentication. NOTE: the Security Realms documentation in the product's Admin Guide indicates that "without a security realm reference" implies "effectively unsecured." The vendor explicitly supports these unsecured configurations because they have valid use cases during development
CVE-2015-2877 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2024-03-21 2.1 LOW 3.3 LOW
Kernel Samepage Merging (KSM) in the Linux kernel 2.6.32 through 4.x does not prevent use of a write-timing side channel, which allows guest OS users to defeat the ASLR protection mechanism on other guest OS instances via a Cross-VM ASL INtrospection (CAIN) attack. NOTE: the vendor states "Basically if you care about this attack vector, disable deduplication." Share-until-written approaches for memory conservation among mutually untrusting tenants are inherently detectable for information disclosure, and can be classified as potentially misunderstood behaviors rather than vulnerabilities
CVE-2013-3734 1 Redhat 1 Jboss Application Server 2024-03-21 6.0 MEDIUM 6.6 MEDIUM
The Embedded Jopr component in JBoss Application Server includes the cleartext datasource password in unspecified HTML responses, which might allow (1) man-in-the-middle attackers to obtain sensitive information by leveraging failure to use SSL or (2) attackers to obtain sensitive information by reading the HTML source code. NOTE: the vendor says that this does not cross a trust boundary and that it is recommended best-practice that SSL is configured for the administrative console
CVE-2013-2185 2 Apache, Redhat 3 Tomcat, Jboss Enterprise Application Platform, Jboss Enterprise Portal Platform 2024-03-21 7.5 HIGH N/A
The readObject method in the DiskFileItem class in Apache Tomcat and JBoss Web, as used in Red Hat JBoss Enterprise Application Platform 6.1.0 and Red Hat JBoss Portal 6.0.0, allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance, a similar issue to CVE-2013-2186. NOTE: this issue is reportedly disputed by the Apache Tomcat team, although Red Hat considers it a vulnerability. The dispute appears to regard whether it is the responsibility of applications to avoid providing untrusted data to be deserialized, or whether this class should inherently protect against this issue
CVE-2007-1865 1 Redhat 1 Enterprise Linux 2024-03-21 1.9 LOW N/A
The ipv6_getsockopt_sticky function in the kernel in Red Hat Enterprise Linux (RHEL) Beta 5.1.0 allows local users to obtain sensitive information (kernel memory contents) via a negative value of the len parameter. NOTE: this issue has been disputed in a bug comment, stating that "len is ignored when copying header info to the user's buffer.
CVE-2024-0914 2 Opencryptoki Project, Redhat 2 Opencryptoki, Enterprise Linux 2024-03-19 N/A 5.9 MEDIUM
A timing side-channel vulnerability has been discovered in the opencryptoki package while processing RSA PKCS#1 v1.5 padded ciphertexts. This flaw could potentially enable unauthorized RSA ciphertext decryption or signing, even without access to the corresponding private key.
CVE-2024-0646 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2024-03-19 N/A 7.8 HIGH
An out-of-bounds memory write flaw was found in the Linux kernel’s Transport Layer Security functionality in how a user calls a function splice with a ktls socket as the destination. This flaw allows a local user to crash or potentially escalate their privileges on the system.
CVE-2023-7192 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2024-03-19 N/A 4.4 MEDIUM
A memory leak problem was found in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c in the Linux Kernel. This issue may allow a local attacker with CAP_NET_ADMIN privileges to cause a denial of service (DoS) attack due to a refcount overflow.
CVE-2023-6610 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2024-03-19 N/A 7.1 HIGH
An out-of-bounds read vulnerability was found in smb2_dump_detail in fs/smb/client/smb2ops.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information.
CVE-2023-6606 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2024-03-19 N/A 7.1 HIGH
An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information.
CVE-2023-5633 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2024-03-19 N/A 7.8 HIGH
The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. When running inside a VMware guest with 3D acceleration enabled, a local, unprivileged user could potentially use this flaw to escalate their privileges.
CVE-2023-33952 2 Linux, Redhat 4 Linux Kernel, Enterprise Linux, Enterprise Linux For Real Time and 1 more 2024-03-19 N/A 6.7 MEDIUM
A double-free vulnerability was found in handling vmw_buffer_object objects in the vmwgfx driver in the Linux kernel. This issue occurs due to the lack of validating the existence of an object prior to performing further free operations on the object, which may allow a local privileged user to escalate privileges and execute code in the context of the kernel.
CVE-2023-33951 2 Linux, Redhat 4 Linux Kernel, Enterprise Linux, Enterprise Linux For Real Time and 1 more 2024-03-19 N/A 5.3 MEDIUM
A race condition vulnerability was found in the vmwgfx driver in the Linux kernel. The flaw exists within the handling of GEM objects. The issue results from improper locking when performing operations on an object. This flaw allows a local privileged user to disclose information in the context of the kernel.
CVE-2023-4459 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2024-03-19 N/A 5.5 MEDIUM
A NULL pointer dereference flaw was found in vmxnet3_rq_cleanup in drivers/net/vmxnet3/vmxnet3_drv.c in the networking sub-component in vmxnet3 in the Linux Kernel. This issue may allow a local attacker with normal user privilege to cause a denial of service due to a missing sanity check during cleanup.
CVE-2023-6710 2 Modcluster, Redhat 2 Mod Proxy Cluster, Enterprise Linux 2024-03-18 N/A 5.4 MEDIUM
A flaw was found in the mod_proxy_cluster in the Apache server. This issue may allow a malicious user to add a script in the 'alias' parameter in the URL to trigger the stored cross-site scripting (XSS) vulnerability. By adding a script on the alias parameter on the URL, it adds a new virtual host and adds the script to the cluster-manager page.
CVE-2024-0232 3 Fedoraproject, Redhat, Sqlite 4 Extra Packages For Enterprise Linux, Fedora, Enterprise Linux and 1 more 2024-03-15 N/A 5.5 MEDIUM
A heap use-after-free issue has been identified in SQLite in the jsonParseAddNodeArray() function in sqlite3.c. This flaw allows a local attacker to leverage a victim to pass specially crafted malicious input to the application, potentially causing a crash and leading to a denial of service.
CVE-2016-2143 4 Debian, Linux, Oracle and 1 more 4 Debian Linux, Linux Kernel, Linux and 1 more 2024-03-14 6.9 MEDIUM 7.8 HIGH
The fork implementation in the Linux kernel before 4.5 on s390 platforms mishandles the case of four page-table levels, which allows local users to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted application, related to arch/s390/include/asm/mmu_context.h and arch/s390/include/asm/pgalloc.h.