VYPR

Enterprise Linux Server

by Red Hat

CVEs (1,623)

  • CVE-2026-5745MedApr 7, 2026
    risk 0.36cvss 5.5epss 0.00

    A flaw was found in libarchive. A NULL pointer dereference vulnerability exists in the ACL parsing logic, specifically within the archive_acl_from_text_nl() function. When processing a malformed ACL string (such as a bare "d" or "default" tag without subsequent fields), the…

  • CVE-2026-4948MedMar 27, 2026
    risk 0.36cvss 5.5epss 0.00

    A flaw was found in firewalld. A local unprivileged user can exploit this vulnerability by mis-authorizing two runtime D-Bus (Desktop Bus) setters, setZoneSettings2 and setPolicySettings. This mis-authorization allows the user to modify the runtime firewall state without proper…

  • CVE-2026-0967MedMar 26, 2026
    risk 0.36cvss 5.5epss 0.00

    A flaw was found in libssh. A remote attacker, by controlling client configuration files or known_hosts files, could craft specific hostnames that when processed by the `match_pattern()` function can lead to inefficient regular expression backtracking. This can cause timeouts…

  • CVE-2026-4897MedMar 26, 2026
    risk 0.36cvss 5.5epss 0.00

    A flaw was found in polkit. A local user can exploit this by providing a specially crafted, excessively long input to the `polkit-agent-helper-1` setuid binary via standard input (stdin). This unbounded input can lead to an out-of-memory (OOM) condition, resulting in a Denial of…

  • CVE-2023-5992MedJan 31, 2024
    risk 0.36cvss 5.6epss 0.01

    A vulnerability was found in OpenSC where PKCS#1 encryption padding removal is not implemented as side-channel resistant. This issue may result in the potential leak of private data.

  • CVE-2023-40550MedJan 29, 2024
    risk 0.36cvss 5.5epss 0.00

    An out-of-bounds read flaw was found in Shim when it tried to validate the SBAT information. This issue may expose sensitive data during the system's boot phase.

  • CVE-2023-6679MedDec 11, 2023
    risk 0.36cvss 5.5epss 0.00

    A null pointer dereference vulnerability was found in dpll_pin_parent_pin_set() in drivers/dpll/dpll_netlink.c in the Digital Phase Locked Loop (DPLL) subsystem in the Linux kernel. This issue could be exploited to trigger a denial of service.

  • CVE-2023-6560MedDec 9, 2023
    risk 0.36cvss 5.5epss 0.00

    An out-of-bounds memory access flaw was found in the io_uring SQ/CQ rings functionality in the Linux kernel. This issue could allow a local user to crash the system.

  • CVE-2023-42754MedOct 5, 2023
    risk 0.36cvss 5.5epss 0.00

    A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer (skb) was assumed to be associated with a device before calling __ip_options_compile, which is not always the case if the skb is re-routed by ipvs. This issue may allow a local user with…

  • CVE-2023-3576MedOct 4, 2023
    risk 0.36cvss 5.5epss 0.00

    A memory leak flaw was found in Libtiff's tiffcrop utility. This issue occurs when tiffcrop operates on a TIFF image file, allowing an attacker to pass a crafted TIFF image file to tiffcrop utility, which causes this memory leak issue, resulting an application crash, eventually…

  • CVE-2023-32665MedSep 14, 2023
    risk 0.36cvss 5.5epss 0.00

    A flaw was found in GLib. GVariant deserialization is vulnerable to an exponential blowup issue where a crafted GVariant can cause excessive processing, leading to denial of service.

  • CVE-2023-32611MedSep 14, 2023
    risk 0.36cvss 5.5epss 0.00

    A flaw was found in GLib. GVariant deserialization is vulnerable to a slowdown issue where a crafted GVariant can cause excessive processing, leading to denial of service.

  • CVE-2023-29499MedSep 14, 2023
    risk 0.36cvss 5.5epss 0.01

    A flaw was found in GLib. GVariant deserialization fails to validate that the input conforms to the expected format, leading to denial of service.

  • CVE-2023-4569MedAug 28, 2023
    risk 0.36cvss 5.5epss 0.00

    A memory leak flaw was found in nft_set_catchall_flush in net/netfilter/nf_tables_api.c in the Linux Kernel. This issue may allow a local attacker to cause double-deactivations of catchall elements, which can result in a memory leak.

  • CVE-2023-4042MedAug 23, 2023
    risk 0.36cvss 5.5epss 0.00

    A flaw was found in ghostscript. The fix for CVE-2020-16305 in ghostscript was not included in RHSA-2021:1852-06 advisory as it was claimed to be. This issue only affects the ghostscript package as shipped with Red Hat Enterprise Linux 8.

  • CVE-2023-4194MedAug 7, 2023
    risk 0.36cvss 5.5epss 0.00

    A flaw was found in the Linux kernel's TUN/TAP functionality. This issue could allow a local user to bypass network filters and gain unauthorized access to some resources. The original patches fixing CVE-2023-1076 are incorrect or incomplete. The problem is that the following…

  • CVE-2023-4133MedAug 3, 2023
    risk 0.36cvss 5.5epss 0.00

    A use-after-free vulnerability was found in the cxgb4 driver in the Linux kernel. The bug occurs when the cxgb4 device is detaching due to a possible rearming of the flower_stats_timer from the work queue. This flaw allows a local user to crash the system, causing a denial of…

  • CVE-2023-4132MedAug 3, 2023
    risk 0.36cvss 5.5epss 0.00

    A use-after-free vulnerability was found in the siano smsusb module in the Linux kernel. The bug occurs during device initialization when the siano device is plugged in. This flaw allows a local user to crash the system, causing a denial of service condition.

  • CVE-2023-38560MedAug 1, 2023
    risk 0.36cvss 5.5epss 0.00

    An integer overflow flaw was found in pcl/pl/plfont.c:418 in pl_glyph_name in ghostscript. This issue may allow a local attacker to cause a denial of service via transforming a crafted PCL file to PDF format.

  • CVE-2023-38559MedAug 1, 2023
    risk 0.36cvss 5.5epss 0.00

    A buffer overflow flaw was found in base/gdevdevn.c:1973 in devn_pcx_write_rle() in ghostscript. This issue may allow a local attacker to cause a denial of service via outputting a crafted PDF file for a DEVN device with gs.

Page 34 of 82