Filtered by vendor Redhat Subscriptions
Filtered by product Enterprise Linux Eus Subscriptions
Total 785 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-5870 2 Postgresql, Redhat 22 Postgresql, Advanced Cluster Security, Codeready Linux Builder Eus and 19 more 2025-08-06 2.2 Low
A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Successful exploitation requires a non-core extension with a less-resilient background worker and would affect that specific background worker only. This issue may allow a remote high privileged user to launch a denial of service (DoS) attack.
CVE-2024-9676 1 Redhat 20 Enterprise Linux, Enterprise Linux Eus, Enterprise Linux For Arm 64 and 17 more 2025-08-06 6.5 Medium
A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running a malicious image using an automatically assigned user namespace (`--userns=auto` in Podman and Buildah). The containers/storage library will read /etc/passwd inside the container, but does not properly validate if that file is a symlink, which can be used to cause the library to read an arbitrary file on the host.
CVE-2024-0229 3 Fedoraproject, Redhat, X.org 13 Fedora, Enterprise Linux, Enterprise Linux Aus and 10 more 2025-08-04 7.8 High
An out-of-bounds memory access flaw was found in the X.Org server. This issue can be triggered when a device frozen by a sync grab is reattached to a different master device. This issue may lead to an application crash, local privilege escalation (if the server runs with extended privileges), or remote code execution in SSH X11 forwarding environments.
CVE-2023-6478 4 Debian, Redhat, Tigervnc and 1 more 11 Debian Linux, Enterprise Linux, Enterprise Linux Eus and 8 more 2025-08-04 7.6 High
A flaw was found in xorg-server. A specially crafted request to RRChangeProviderProperty or RRChangeOutputProperty can trigger an integer overflow which may lead to a disclosure of sensitive information.
CVE-2023-6606 2 Linux, Redhat 8 Linux Kernel, Enterprise Linux, Enterprise Linux Eus and 5 more 2025-08-04 7.1 High
An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information.
CVE-2023-6536 3 Debian, Linux, Redhat 20 Debian Linux, Linux Kernel, Codeready Linux Builder Eus and 17 more 2025-08-04 6.5 Medium
A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service.
CVE-2023-6535 2 Linux, Redhat 19 Linux Kernel, Codeready Linux Builder Eus, Codeready Linux Builder Eus For Power Little Endian Eus and 16 more 2025-08-04 6.5 Medium
A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service.
CVE-2023-6356 3 Debian, Linux, Redhat 20 Debian Linux, Linux Kernel, Codeready Linux Builder Eus and 17 more 2025-08-04 6.5 Medium
A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver and causing kernel panic and a denial of service.
CVE-2023-5868 2 Postgresql, Redhat 22 Postgresql, Advanced Cluster Security, Codeready Linux Builder Eus and 19 more 2025-08-04 4.3 Medium
A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes, potentially revealing notable and confidential information. This issue exists due to excessive data output in aggregate function calls, enabling remote users to read some portion of system memory.
CVE-2023-47038 3 Fedoraproject, Perl, Redhat 5 Fedora, Perl, Enterprise Linux and 2 more 2025-08-03 7 High
A vulnerability was found in perl 5.30.0 through 5.38.0. This issue occurs when a crafted regular expression is compiled by perl, which can allow an attacker controlled byte buffer overflow in a heap allocated buffer.
CVE-2023-5455 3 Fedoraproject, Freeipa, Redhat 25 Fedora, Freeipa, Codeready Linux Builder and 22 more 2025-08-03 6.5 Medium
A Cross-site request forgery vulnerability exists in ipa/session/login_password in all supported versions of IPA. This flaw allows an attacker to trick the user into submitting a request that could perform actions as the user, resulting in a loss of confidentiality and system integrity. During community penetration testing it was found that for certain HTTP end-points FreeIPA does not ensure CSRF protection. Due to implementation details one cannot use this flaw for reflection of a cookie representing already logged-in user. An attacker would always have to go through a new authentication attempt.
CVE-2024-1062 2 Fedoraproject, Redhat 16 Fedora, 389 Directory Server, Directory Server and 13 more 2025-08-03 5.5 Medium
A heap overflow flaw was found in 389-ds-base. This issue leads to a denial of service when writing a value larger than 256 chars in log_entry_attr.
CVE-2024-3183 1 Redhat 9 Enterprise Linux, Enterprise Linux Aus, Enterprise Linux Eus and 6 more 2025-08-01 8.1 High
A vulnerability was found in FreeIPA in a way when a Kerberos TGS-REQ is encrypted using the client’s session key. This key is different for each new session, which protects it from brute force attacks. However, the ticket it contains is encrypted using the target principal key directly. For user principals, this key is a hash of a public per-principal randomly-generated salt and the user’s password. If a principal is compromised it means the attacker would be able to retrieve tickets encrypted to any principal, all of them being encrypted by their own key directly. By taking these tickets and salts offline, the attacker could run brute force attacks to find character strings able to decrypt tickets when combined to a principal salt (i.e. find the principal’s password).
CVE-2024-2698 2 Freeipa, Redhat 4 Freeipa, Enterprise Linux, Enterprise Linux Eus and 1 more 2025-08-01 8.8 High
A vulnerability was found in FreeIPA in how the initial implementation of MS-SFU by MIT Kerberos was missing a condition for granting the "forwardable" flag on S4U2Self tickets. Fixing this mistake required adding a special case for the check_allowed_to_delegate() function: If the target service argument is NULL, then it means the KDC is probing for general constrained delegation rules and not checking a specific S4U2Proxy request. In FreeIPA 4.11.0, the behavior of ipadb_match_acl() was modified to match the changes from upstream MIT Kerberos 1.20. However, a mistake resulting in this mechanism applies in cases where the target service argument is set AND where it is unset. This results in S4U2Proxy requests being accepted regardless of whether or not there is a matching service delegation rule.
CVE-2023-46848 2 Redhat, Squid-cache 6 Enterprise Linux, Enterprise Linux Eus, Enterprise Linux Server Aus and 3 more 2025-08-01 8.6 High
Squid is vulnerable to Denial of Service, where a remote attacker can perform DoS by sending ftp:// URLs in HTTP Request messages or constructing ftp:// URLs from FTP Native input.
CVE-2023-46847 2 Redhat, Squid-cache 15 Enterprise Linux, Enterprise Linux Eus, Enterprise Linux For Arm 64 and 12 more 2025-08-01 8.6 High
Squid is vulnerable to a Denial of Service, where a remote attacker can perform buffer overflow attack by writing up to 2 MB of arbitrary data to heap memory when Squid is configured to accept HTTP Digest Authentication.
CVE-2024-1488 2 Fedoraproject, Redhat 23 Unbound, Codeready Linux Builder, Codeready Linux Builder Eus and 20 more 2025-08-01 8 High
A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. If a process can connect over localhost to port 8953, it can alter the configuration of unbound.service. This flaw allows an unprivileged attacker to manipulate a running instance, potentially altering forwarders, allowing them to track all queries forwarded by the local resolver, and, in some cases, disrupting resolving altogether.
CVE-2023-46846 2 Redhat, Squid-cache 13 Enterprise Linux, Enterprise Linux Eus, Enterprise Linux For Arm 64 and 10 more 2025-08-01 9.3 Critical
SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems.
CVE-2023-5157 3 Fedoraproject, Mariadb, Redhat 17 Fedora, Mariadb, Enterprise Linux and 14 more 2025-08-01 7.5 High
A vulnerability was found in MariaDB. An OpenVAS port scan on ports 3306 and 4567 allows a malicious remote client to cause a denial of service.
CVE-2024-3049 2 Clusterlabs, Redhat 11 Booth, Enterprise Linux, Enterprise Linux Eus and 8 more 2025-08-01 5.9 Medium
A flaw was found in Booth, a cluster ticket manager. If a specially-crafted hash is passed to gcry_md_get_algo_dlen(), it may allow an invalid HMAC to be accepted by the Booth server.