VYPR

Enterprise Linux Server

by Red Hat

CVEs (1,623)

  • CVE-2026-3234Mar 12, 2026
    risk 0.00cvss epss 0.00

    A flaw was found in mod_proxy_cluster. This vulnerability, a Carriage Return Line Feed (CRLF) injection in the decodeenc() function, allows a remote attacker to bypass input validation. By injecting CRLF sequences into the cluster configuration, an attacker can corrupt the…

  • CVE-2026-26104Feb 25, 2026
    risk 0.00cvss epss 0.00

    A flaw was found in the udisks storage management daemon that allows unprivileged users to back up LUKS encryption headers without authorization. The issue occurs because a privileged D-Bus method responsible for exporting encryption metadata does not perform a policy check. As…

  • CVE-2026-26103Feb 25, 2026
    risk 0.00cvss epss 0.00

    A flaw was found in the udisks storage management daemon that exposes a privileged D-Bus API for restoring LUKS encryption headers without proper authorization checks. The issue allows a local unprivileged user to instruct the root-owned udisks daemon to overwrite encryption…

  • CVE-2026-2443Feb 13, 2026
    risk 0.00cvss epss 0.00

    A flaw was identified in libsoup, a widely used HTTP library in GNOME-based systems. When processing specially crafted HTTP Range headers, the library may improperly validate requested byte ranges. In certain build configurations, this could allow a remote attacker to access…

  • CVE-2026-1709Feb 6, 2026
    risk 0.00cvss epss 0.06

    A flaw was found in Keylime. The Keylime registrar, since version 7.12.0, does not enforce client-side Transport Layer Security (TLS) authentication. This authentication bypass vulnerability allows unauthenticated clients with network access to perform administrative operations,…

  • CVE-2026-1801Feb 3, 2026
    risk 0.00cvss epss 0.00

    A flaw was found in libsoup, an HTTP client/server library. This HTTP Request Smuggling vulnerability arises from non-RFC-compliant parsing in the soup_filter_input_stream_read_line() logic, where libsoup accepts malformed chunk headers, such as lone line feed (LF) characters…

  • CVE-2026-1536Jan 28, 2026
    risk 0.00cvss epss 0.00

    A flaw was found in libsoup. An attacker who can control the input for the Content-Disposition header can inject CRLF (Carriage Return Line Feed) sequences into the header value. These sequences are then interpreted verbatim when the HTTP request or response is constructed,…

  • CVE-2026-1467Jan 27, 2026
    risk 0.00cvss epss 0.00

    A flaw was found in libsoup, an HTTP client library. This vulnerability, known as CRLF (Carriage Return Line Feed) Injection, occurs when an HTTP proxy is configured and the library improperly handles URL-decoded input used to create the Host header. A remote attacker can…

  • CVE-2023-7250Mar 18, 2024
    risk 0.00cvss epss 0.01

    A flaw was found in iperf, a utility for testing network performance using TCP, UDP, and SCTP. A malicious or malfunctioning client can send less than the expected amount of data to the iperf server, which can cause the server to hang indefinitely waiting for the remainder or…

  • CVE-2024-1013Mar 18, 2024
    risk 0.00cvss epss 0.00

    An out-of-bounds stack write flaw was found in unixODBC on 64-bit architectures where the caller has 4 bytes and callee writes 8 bytes. This issue may go unnoticed on little-endian architectures, while big-endian architectures can be broken.

  • CVE-2023-6917Feb 28, 2024
    risk 0.00cvss epss 0.00

    A vulnerability has been identified in the Performance Co-Pilot (PCP) package, stemming from the mixed privilege levels utilized by systemd services associated with PCP. While certain services operate within the confines of limited PCP user/group privileges, others are granted…

  • CVE-2023-3966Feb 22, 2024
    risk 0.00cvss epss 0.01

    A flaw was found in Open vSwitch where multiple versions are vulnerable to crafted Geneve packets, which may result in a denial of service and invalid memory accesses. Triggering this issue requires that hardware offloading via the netlink path is enabled.

  • CVE-2023-6681Feb 12, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in JWCrypto. This flaw allows an attacker to cause a denial of service (DoS) attack and possible password brute-force and dictionary attacks to be more resource-intensive. This issue can result in a large amount of computational consumption, causing a…

  • CVE-2024-1151Feb 11, 2024
    risk 0.00cvss epss 0.00

    A vulnerability was reported in the Open vSwitch sub-component in the Linux Kernel. The flaw occurs when a recursive operation of code push recursively calls into the code block. The OVS module does not validate the stack depth, pushing too many frames and causing a stack…

  • CVE-2024-1312Feb 8, 2024
    risk 0.00cvss epss 0.00

    A use-after-free flaw was found in the Linux kernel's Memory Management subsystem when a user wins two races at the same time with a fail in the mas_prev_slot function. This issue could allow a local user to crash the system.

  • CVE-2023-6536Feb 7, 2024
    risk 0.00cvss epss 0.02

    A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial…

  • CVE-2023-6535Feb 7, 2024
    risk 0.00cvss epss 0.02

    A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial…

  • CVE-2023-6356Feb 7, 2024
    risk 0.00cvss epss 0.01

    A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver and causing kernel panic and a…

  • CVE-2023-6200HigJan 28, 2024
    risk 0.00cvss 7.5epss 0.02

    A race condition was found in the Linux Kernel. Under certain conditions, an unauthenticated attacker from an adjacent network could send an ICMPv6 router advertisement packet, causing arbitrary code execution.

  • CVE-2023-6915MedJan 15, 2024
    risk 0.00cvss 6.2epss 0.00

    A Null pointer dereference problem was found in ida_free in lib/idr.c in the Linux Kernel. This issue may allow an attacker using this library to cause a denial of service problem due to a missing check at a function return.

Page 52 of 82