VYPR

Enterprise Linux Server

by Red Hat

CVEs (1,623)

  • CVE-2023-40546MedJan 29, 2024
    risk 0.40cvss 6.2epss 0.00

    A flaw was found in Shim when an error happened while creating a new ESL variable. If Shim fails to create the new variable, it tries to print an error message to the user; however, the number of parameters used by the logging function doesn't match the format string used by it,…

  • CVE-2022-4900MedNov 2, 2023
    risk 0.40cvss 6.2epss 0.00

    A vulnerability was found in PHP where setting the environment variable PHP_CLI_SERVER_WORKERS to a large value leads to a heap buffer overflow.

  • CVE-2023-39193MedOct 9, 2023
    risk 0.40cvss 6.1epss 0.00

    A flaw was found in the Netfilter subsystem in the Linux kernel. The sctp_mt_check did not validate the flag_count field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure.

  • CVE-2023-3428MedOct 4, 2023
    risk 0.40cvss 6.2epss 0.00

    A heap-based buffer overflow vulnerability was found in coders/tiff.c in ImageMagick. This issue may allow a local attacker to trick the user into opening a specially crafted file, resulting in an application crash and denial of service.

  • CVE-2023-32627MedJul 10, 2023
    risk 0.40cvss 6.2epss 0.00

    A floating point exception vulnerability was found in sox, in the read_samples function at sox/src/voc.c:334:18. This flaw can lead to a denial of service.

  • CVE-2023-26590MedJul 10, 2023
    risk 0.40cvss 6.2epss 0.00

    A floating point exception vulnerability was found in sox, in the lsx_aiffstartwrite function at sox/src/aiff.c:622:58. This flaw can lead to a denial of service.

  • CVE-2017-5069MedOct 27, 2017
    risk 0.40cvss 6.1epss 0.01

    Incorrect MIME type of XSS-Protection reports in Blink in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac, and 58.0.3029.83 for Android, allowed a remote attacker to circumvent Cross-Origin Resource Sharing checks via a crafted HTML page.

  • CVE-2017-10356MedOct 19, 2017
    risk 0.40cvss 6.2epss 0.01

    Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitable vulnerability allows…

  • CVE-2017-5045MedApr 24, 2017
    risk 0.40cvss 6.1epss 0.01

    XSS Auditor in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed detection of a blocked iframe load, which allowed a remote attacker to brute force JavaScript variables via a crafted HTML page.

  • CVE-2016-1682MedJun 5, 2016
    risk 0.40cvss 6.1epss 0.01

    The ServiceWorkerContainer::registerServiceWorkerImpl function in WebKit/Source/modules/serviceworkers/ServiceWorkerContainer.cpp in Blink, as used in Google Chrome before 51.0.2704.63, allows remote attackers to bypass the Content Security Policy (CSP) protection mechanism via…

  • CVE-2016-3717MedMay 5, 2016
    risk 0.40cvss 5.5epss 0.20

    The LABEL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to read arbitrary files via a crafted image.

  • CVE-2016-0640MedApr 21, 2016
    risk 0.40cvss 6.1epss 0.01

    Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect integrity and availability via vectors related to DML.

  • CVE-2014-1530MedApr 30, 2014
    risk 0.40cvss 6.1epss 0.02

    The docshell implementation in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to trigger the loading of a URL with a spoofed baseURI property, and conduct cross-site scripting (XSS) attacks,…

  • CVE-2011-1776MedSep 6, 2011
    risk 0.40cvss 6.1epss 0.01

    The is_gpt_valid function in fs/partitions/efi.c in the Linux kernel before 2.6.39 does not check the size of an Extensible Firmware Interface (EFI) GUID Partition Table (GPT) entry, which allows physically proximate attackers to cause a denial of service (heap-based buffer…

  • CVE-2026-1933HigMay 27, 2026
    risk 0.39cvss 7.1epss 0.01

    A flaw was found in Samba’s handling of NTFS-style reparse points on shares configured with read only = yes. Due to missing SMB-layer access checks, authenticated users with underlying filesystem write permissions may create or delete reparse point metadata through SMB…

  • CVE-2026-42010HigMay 7, 2026
    risk 0.39cvss 7.1epss 0.01

    A flaw was found in gnutls. Servers configured with RSA-PSK (Rivest–Shamir–Adleman – Pre-Shared Key) wrongfully matched usernames containing a NUL character with truncated usernames. A remote attacker could exploit this by sending a specially crafted username, leading to…

  • CVE-2023-48795MedDec 18, 2023
    risk 0.39cvss 5.9epss 0.94

    The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently…

  • CVE-2023-5090MedNov 6, 2023
    risk 0.39cvss 6.0epss 0.00

    A flaw was found in KVM. An improper check in svm_set_x2apic_msr_interception() may allow direct access to host x2apic msrs when the guest resets its apic, potentially leading to a denial of service condition.

  • CVE-2023-4273MedAug 9, 2023
    risk 0.39cvss 6.0epss 0.01

    A flaw was found in the exFAT driver of the Linux kernel. The vulnerability exists in the implementation of the file name reconstruction function, which is responsible for reading file name entries from a directory index and merging file name parts belonging to one file into a…

  • CVE-2023-4135MedAug 4, 2023
    risk 0.39cvss 6.0epss 0.00

    A heap out-of-bounds memory read flaw was found in the virtual nvme device in QEMU. The QEMU process does not validate an offset provided by the guest before computing a host heap pointer, which is used for copying data back to the guest. Arbitrary heap memory relative to an…

Page 31 of 82