Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

redhat enterprise linux tus 8.2 vulnerabilities and exploits

(subscribe to this query)
6.5
CVSSv3
CVE-2023-5455
A Cross-site request forgery vulnerability exists in ipa/session/login_password in all supported versions of IPA. This flaw allows an malicious user to trick the user into submitting a request that could perform actions as the user, resulting in a loss of confidentiality and syst...
Freeipa FreeipaFreeipa Freeipa 4.11.0Fedoraproject Fedora 38Fedoraproject Fedora 39Fedoraproject Fedora 40Redhat Enterprise Linux Desktop 7.0Redhat Enterprise Linux Workstation 7.0Redhat Enterprise Linux For Scientific Computing 7.0Redhat Enterprise Linux 7.0Redhat Enterprise Linux For Power Little Endian 7.0Redhat Enterprise Linux For Power Big Endian 7.0Redhat Enterprise Linux For Ibm Z Systems 7.0Redhat Enterprise Linux 8.0Redhat Enterprise Linux Server Tus 8.2Redhat Enterprise Linux Server Aus 8.2Redhat Enterprise Linux Server Tus 8.4Redhat Enterprise Linux Server Aus 8.4Redhat Enterprise Linux Server Update Services For Sap Solutions 8.2Redhat Enterprise Linux For Power Little Endian 8.0Redhat Enterprise Linux For Ibm Z Systems 8.0Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 8.2Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 8.4
4.3
CVSSv3
CVE-2023-5868
A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type de...
Postgresql Postgresql 16.0Postgresql PostgresqlRedhat Software Collections 1.0Redhat Enterprise Linux 8.0Redhat Enterprise Linux Server Tus 8.2Redhat Enterprise Linux Server Aus 8.2Redhat Enterprise Linux Server Tus 8.4Redhat Enterprise Linux Server Aus 8.4Redhat Enterprise Linux Server Aus 8.6Redhat Enterprise Linux Server Tus 8.6Redhat Enterprise Linux Eus 8.6Redhat Enterprise Linux 9.0Redhat Enterprise Linux Eus 9.0Redhat Enterprise Linux Eus 8.8Redhat Enterprise Linux Server Aus 9.2Redhat Enterprise Linux Eus 9.2Redhat Enterprise Linux For Arm 64 8.0Redhat Enterprise Linux For Power Little Endian Eus 9.2 Ppc64leRedhat Codeready Linux Builder For Arm64 Eus 9.2 Aarch64Redhat Codeready Linux Builder For Ibm Z Systems Eus 9.2 S390xRedhat Codeready Linux Builder Eus For Power Little Endian Eus 9.2 Ppc64leRedhat Codeready Linux Builder Eus 9.2
8.8
CVSSv3
CVE-2023-5869
A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overfl...
Postgresql Postgresql 16.0Postgresql PostgresqlRedhat Enterprise Linux Desktop 7.0Redhat Enterprise Linux Workstation 7.0Redhat Enterprise Linux For Scientific Computing 7.0Redhat Enterprise Linux Server 7.0Redhat Software Collections 1.0Redhat Enterprise Linux 8.0Redhat Enterprise Linux Server Tus 8.2Redhat Enterprise Linux Server Aus 8.2Redhat Enterprise Linux Server Tus 8.4Redhat Enterprise Linux Server Aus 8.4Redhat Enterprise Linux Server Aus 8.6Redhat Enterprise Linux Server Tus 8.6Redhat Enterprise Linux Eus 8.6Redhat Enterprise Linux 9.0Redhat Enterprise Linux Eus 9.0Redhat Enterprise Linux Eus 8.8Redhat Enterprise Linux Server Aus 9.2Redhat Enterprise Linux Eus 9.2Redhat Enterprise Linux For Arm 64 8.0Redhat Enterprise Linux For Power Little Endian Eus 9.2 Ppc64le
4.4
CVSSv3
CVE-2023-5870
A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Successful exploitation requires a non-core extension with a less-resilient background...
Postgresql Postgresql 16.0Postgresql PostgresqlRedhat Software Collections 1.0Redhat Enterprise Linux 8.0Redhat Enterprise Linux Server Tus 8.2Redhat Enterprise Linux Server Aus 8.2Redhat Enterprise Linux Server Tus 8.4Redhat Enterprise Linux Server Aus 8.4Redhat Enterprise Linux Server Aus 8.6Redhat Enterprise Linux Server Tus 8.6Redhat Enterprise Linux Eus 8.6Redhat Enterprise Linux 9.0Redhat Enterprise Linux Eus 9.0Redhat Enterprise Linux Eus 8.8Redhat Enterprise Linux Server Aus 9.2Redhat Enterprise Linux Eus 9.2Redhat Enterprise Linux For Arm 64 8.0Redhat Enterprise Linux For Power Little Endian Eus 9.2 Ppc64leRedhat Codeready Linux Builder For Arm64 Eus 9.2 Aarch64Redhat Codeready Linux Builder For Ibm Z Systems Eus 9.2 S390xRedhat Codeready Linux Builder Eus For Power Little Endian Eus 9.2 Ppc64leRedhat Codeready Linux Builder Eus 9.2
5.3
CVSSv3
CVE-2023-46846
SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote malicious user to perform Request/Response smuggling past firewall and frontend security systems.
Squid-cache SquidRedhat Enterprise Linux 8.0Redhat Enterprise Linux Server Tus 8.2Redhat Enterprise Linux Server Aus 8.2Redhat Enterprise Linux Server Tus 8.4Redhat Enterprise Linux Server Aus 8.4Redhat Enterprise Linux Server Aus 8.6Redhat Enterprise Linux Server Tus 8.6Redhat Enterprise Linux Eus 8.6Redhat Enterprise Linux 9.0Redhat Enterprise Linux Eus 9.0Redhat Enterprise Linux Server Tus 8.8Redhat Enterprise Linux Eus 8.8Redhat Enterprise Linux Server Aus 9.2Redhat Enterprise Linux Eus 9.2Redhat Enterprise Linux For Power Little Endian 8.0 Ppc64leRedhat Enterprise Linux For Ibm Z Systems 8.0 S390xRedhat Enterprise Linux For Arm 64 8.0 Aarch64Redhat Enterprise Linux Server Tus 9.2
7.5
CVSSv3
CVE-2023-46847
Squid is vulnerable to a Denial of Service, where a remote attacker can perform buffer overflow attack by writing up to 2 MB of arbitrary data to heap memory when Squid is configured to accept HTTP Digest Authentication.
Squid-cache SquidRedhat Enterprise Linux Workstation 7.0Redhat Enterprise Linux Server 7.0Redhat Enterprise Linux 8.0Redhat Enterprise Linux Server Tus 8.2Redhat Enterprise Linux Server Aus 8.2Redhat Enterprise Linux Server Tus 8.4Redhat Enterprise Linux Server Aus 8.4Redhat Enterprise Linux Server Aus 8.6Redhat Enterprise Linux Server Tus 8.6Redhat Enterprise Linux Eus 8.6Redhat Enterprise Linux 9.0Redhat Enterprise Linux Eus 9.0Redhat Enterprise Linux Server Tus 8.8Redhat Enterprise Linux Eus 8.8Redhat Enterprise Linux Server Aus 9.2Redhat Enterprise Linux Eus 9.2Redhat Enterprise Linux For Power Little Endian 8.0 Ppc64leRedhat Enterprise Linux For Ibm Z Systems 8.0 S390xRedhat Enterprise Linux For Arm 64 8.0 Aarch64Redhat Enterprise Linux Server Tus 9.2
7.8
CVSSv3
CVE-2023-3972
A vulnerability was found in insights-client. This security issue occurs because of insecure file operations or unsafe handling of temporary files and directories that lead to local privilege escalation. Before the insights-client has been registered on the system by root, an unp...
Redhat Insights-clientRedhat Enterprise Linux Desktop 7.0Redhat Enterprise Linux For Scientific Computing 7.0Redhat Enterprise Linux 7.0Redhat Enterprise Linux Server 7.0Redhat Enterprise Linux For Power Little Endian 7.0Redhat Enterprise Linux For Power Big Endian 7.0Redhat Enterprise Linux For Ibm Z Systems 7.0Redhat Enterprise Linux 8.0Redhat Enterprise Linux Server Tus 8.2Redhat Enterprise Linux Server Aus 8.2Redhat Enterprise Linux Server Tus 8.4Redhat Enterprise Linux Server Aus 8.4Redhat Enterprise Linux For Power Little Endian 8.0Redhat Enterprise Linux For Ibm Z Systems 8.0Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 8.1Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 8.2Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 8.4Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 8.6Redhat Enterprise Linux For Ibm Z Systems Eus 8.6Redhat Enterprise Linux Server Tus 8.6Redhat Enterprise Linux Eus 8.6
7.8
CVSSv3
CVE-2023-3899
A vulnerability was found in subscription-manager that allows local privilege escalation due to inadequate authorization. The D-Bus interface com.redhat.RHSM1 exposes a significant number of methods to all users that could change the state of the registration. By using the com.re...
Redhat Subscription-managerFedoraproject Fedora 37Fedoraproject Fedora 38Redhat Enterprise Linux Desktop 7.0Redhat Enterprise Linux Workstation 7.0Redhat Enterprise Linux For Scientific Computing 7.0Redhat Enterprise Linux Server 7.0Redhat Enterprise Linux For Power Little Endian 7.0Redhat Enterprise Linux For Power Big Endian 7.0Redhat Enterprise Linux For Ibm Z Systems 7.0Redhat Enterprise Linux 8.0Redhat Enterprise Linux Server Tus 8.2Redhat Enterprise Linux Server Aus 8.2Redhat Enterprise Linux Server Tus 8.4Redhat Enterprise Linux Server Aus 8.4Redhat Enterprise Linux For Power Little Endian 8.0Redhat Enterprise Linux For Ibm Z Systems 8.0Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 8.1Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 8.2Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 8.4Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 8.6Redhat Enterprise Linux For Ibm Z Systems Eus 8.6
7.8
CVSSv3
CVE-2023-0494
A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege elevation on systems where th...
X.org X ServerFedoraproject Fedora 36Fedoraproject Fedora 37Redhat Enterprise Linux Desktop 7.0Redhat Enterprise Linux For Scientific Computing 7.0Redhat Enterprise Linux Server 7.0Redhat Enterprise Linux For Power Little Endian 7.0Redhat Enterprise Linux For Power Big Endian 7.0Redhat Enterprise Linux For Ibm Z Systems 7.0Redhat Enterprise Linux 8.0Redhat Enterprise Linux 8.1Redhat Enterprise Linux Server Tus 8.2Redhat Enterprise Linux Server Aus 8.2Redhat Enterprise Linux Server Workstation 7.0Redhat Enterprise Linux Aus 8.4Redhat Enterprise Linux Server Tus 8.4Redhat Enterprise Linux Eus 8.4Redhat Enterprise Linux Server Update Services For Sap Solutions 8.2Redhat Enterprise Linux For Power Little Endian 8.0Redhat Enterprise Linux For Ibm Z Systems Eus 8.4Redhat Enterprise Linux For Ibm Z Systems 8.0Redhat Enterprise Linux For Power Little Endian Eus 8.4
8.8
CVSSv3
CVE-2022-4254
sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters
Fedoraproject SssdRedhat Enterprise Linux Desktop 7.0Redhat Enterprise Linux Workstation 7.0Redhat Enterprise Linux For Scientific Computing 7.0Redhat Enterprise Linux Server 7.0Redhat Enterprise Linux For Power Little Endian 7.0Redhat Enterprise Linux For Power Big Endian 7.0Redhat Enterprise Linux For Ibm Z Systems 7.0Redhat Enterprise Linux 8.0Redhat Enterprise Linux Server Tus 8.2Redhat Enterprise Linux Server Aus 8.2Redhat Enterprise Linux Server Update Services For Sap Solutions 8.1Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 8.1Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 8.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionfirmwareCVE-2006-4304CVE-2024-32878CVE-2024-31502XSSCVE-2024-3059CVE-2024-33692CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook