VYPR

Enterprise Linux Server

by Red Hat

CVEs (1,624)

  • CVE-2017-14494MedOct 3, 2017
    risk 0.47cvss 5.9epss 0.68

    dnsmasq before 2.78, when configured as a relay, allows remote attackers to obtain sensitive memory information via vectors involving handling DHCPv6 forwarded requests.

  • CVE-2017-0901HigAug 31, 2017
    risk 0.47cvss 7.5epss 0.29

    RubyGems version 2.6.12 and earlier fails to validate specification names, allowing a maliciously crafted gem to potentially overwrite any file on the filesystem.

  • CVE-2026-35091HigApr 1, 2026
    risk 0.46cvss 8.2epss 0.01

    A flaw was found in Corosync. A remote unauthenticated attacker can exploit a wrong return value vulnerability in the Corosync membership commit token sanity check by sending a specially crafted User Datagram Protocol (UDP) packet. This can lead to an out-of-bounds read, causing…

  • CVE-2023-6531HigJan 21, 2024
    risk 0.46cvss 7.0epss 0.00

    A use-after-free flaw was found in the Linux Kernel due to a race problem in the unix garbage collector's deletion of SKB races with unix_stream_read_generic() on the socket that the SKB is queued on.

  • CVE-2023-6270HigJan 4, 2024
    risk 0.46cvss 7.0epss 0.00

    A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel. The aoecmd_cfg_pkts() function improperly updates the refcnt on `struct net_device`, and a use-after-free can be triggered by racing between the free on the struct and the access through the `skbtxq`…

  • CVE-2023-51767HigDec 24, 2023
    risk 0.46cvss 7.0epss 0.01

    OpenSSH through 10.0, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of…

  • CVE-2023-6610HigDec 8, 2023
    risk 0.46cvss 7.1epss 0.00

    An out-of-bounds read vulnerability was found in smb2_dump_detail in fs/smb/client/smb2ops.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information.

  • CVE-2023-6606HigDec 8, 2023
    risk 0.46cvss 7.1epss 0.01

    An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information.

  • CVE-2023-1194HigNov 3, 2023
    risk 0.46cvss 7.1epss 0.01

    An out-of-bounds (OOB) memory read flaw was found in parse_lease_state in the KSMBD implementation of the in-kernel samba server and CIFS in the Linux kernel. When an attacker sends the CREATE command with a malformed payload to KSMBD, due to a missing check of `NameOffset` in…

  • CVE-2023-3397HigNov 1, 2023
    risk 0.46cvss 7.0epss 0.00

    A race condition occurred between the functions lmLogClose and txEnd in JFS, in the Linux Kernel, executed in different threads. This flaw allows a local attacker with normal user privileges to crash the system or leak internal kernel information.

  • CVE-2023-5574HigOct 25, 2023
    risk 0.46cvss 7.0epss 0.01

    A use-after-free flaw was found in xorg-x11-server-Xvfb. This issue occurs in Xvfb with a very specific and legacy configuration (a multi-screen setup with multiple protocol screens, also known as Zaphod mode). If the pointer is warped from a screen 1 to a screen 0, a…

  • CVE-2023-5366HigOct 6, 2023
    risk 0.46cvss 7.1epss 0.00

    A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules. This issue may allow a local attacker to create specially crafted packets with a modified or spoofed target IP address field that can redirect…

  • CVE-2023-42753HigSep 25, 2023
    risk 0.46cvss 7.0epss 0.01

    An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->nets` array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This…

  • CVE-2023-4611HigAug 29, 2023
    risk 0.46cvss 7.0epss 0.00

    A use-after-free flaw was found in mm/mempolicy.c in the memory management subsystem in the Linux Kernel. This issue is caused by a race between mbind() and VMA-locked page fault, and may allow a local attacker to crash the system or lead to a kernel information leak.

  • CVE-2023-4389HigAug 16, 2023
    risk 0.46cvss 7.0epss 0.00

    A flaw was found in btrfs_get_root_ref in fs/btrfs/disk-io.c in the btrfs filesystem in the Linux Kernel due to a double decrement of the reference count. This issue may allow a local attacker with user privilege to crash the system or may lead to leaked internal kernel…

  • CVE-2023-3640HigJul 24, 2023
    risk 0.46cvss 7.0epss 0.01

    A possible unauthorized memory access flaw was found in the Linux kernel's cpu_entry_area mapping of X86 CPU data to memory, where a user may guess the location of exception stacks or other important data. Based on the previous CVE-2023-0597, the 'Randomize per-cpu entry area'…

  • CVE-2023-3567HigJul 24, 2023
    risk 0.46cvss 7.1epss 0.00

    A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel. This issue may allow an attacker with local user access to cause a system crash or leak internal kernel information.

  • CVE-2023-1652HigMar 29, 2023
    risk 0.46cvss 7.1epss 0.00

    A use-after-free flaw was found in nfsd4_ssc_setup_dul in fs/nfsd/nfs4proc.c in the NFS filesystem in the Linux Kernel. This issue could allow a local attacker to crash the system or it may lead to a kernel information leak problem.

  • CVE-2022-3775HigDec 19, 2022
    risk 0.46cvss 7.1epss 0.01

    When rendering certain unicode sequences, grub2's font code doesn't proper validate if the informed glyph's width and height is constrained within bitmap size. As consequence an attacker can craft an input which will lead to a out-of-bounds write into grub2's heap, leading to…

  • CVE-2020-27792HigAug 19, 2022
    risk 0.46cvss 7.1epss 0.00

    A heap-based buffer overwrite vulnerability was found in GhostScript's lp8000_print_page() function in the gdevlp8k.c file. This flaw allows an attacker to trick a user into opening a crafted PDF file, triggering the heap buffer overflow that could lead to memory corruption or a…

Page 23 of 82