Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

redhat enterprise linux server update services for sap solutions 8.1 vulnerabilities and exploits

(subscribe to this query)
8.6
CVSSv3
CVE-2022-2601
A buffer overflow was found in grub_font_construct_glyph(). A malicious crafted pf2 font can lead to an overflow when calculating the max_glyph_size value, allocating a smaller than needed buffer for the glyph, this further leads to a buffer overflow and a heap based out-of-bound...
Gnu Grub2Redhat Enterprise Linux Server Tus 8.2Redhat Enterprise Linux Server Aus 8.2Redhat Enterprise Linux Server Update Services For Sap Solutions 8.2Redhat Enterprise Linux Server Update Services For Sap Solutions 8.1Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 8.1Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 8.2Fedoraproject Fedora 37Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 9.0Redhat Enterprise Linux For Power Little Endian Eus 9.0Redhat Enterprise Linux Eus 9.0Redhat Enterprise Linux Server Update Services For Sap Solutions 9.0
8.8
CVSSv3
CVE-2022-4254
sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters
Fedoraproject SssdRedhat Enterprise Linux Desktop 7.0Redhat Enterprise Linux Workstation 7.0Redhat Enterprise Linux For Scientific Computing 7.0Redhat Enterprise Linux Server 7.0Redhat Enterprise Linux For Power Little Endian 7.0Redhat Enterprise Linux For Power Big Endian 7.0Redhat Enterprise Linux For Ibm Z Systems 7.0Redhat Enterprise Linux 8.0Redhat Enterprise Linux Server Tus 8.2Redhat Enterprise Linux Server Aus 8.2Redhat Enterprise Linux Server Update Services For Sap Solutions 8.1Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 8.1Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 8.2
4.4
CVSSv3
CVE-2019-15718
In systemd 240, bus_open_system_watch_bind_with_description in shared/bus-util.c (as used by systemd-resolved to connect to the system D-Bus instance), calls sd_bus_set_trusted, which disables access controls for incoming D-Bus messages. An unprivileged user can exploit this by e...
Systemd Project Systemd 240Fedoraproject Fedora 29Fedoraproject Fedora 30Fedoraproject Fedora 31Redhat Enterprise Linux 8.0Redhat Openshift Container Platform 4.1Redhat Enterprise Linux Eus 8.1Redhat Enterprise Linux Eus 8.2Redhat Enterprise Linux Server Tus 8.2Redhat Enterprise Linux Server Aus 8.2Redhat Enterprise Linux Server Tus 8.4Redhat Enterprise Linux Eus 8.4Redhat Enterprise Linux Server Aus 8.4Redhat Enterprise Linux Server Update Services For Sap Solutions 8.2Redhat Enterprise Linux Server Update Services For Sap Solutions 8.4Redhat Enterprise Linux Server Update Services For Sap Solutions 8.1Redhat Enterprise Linux For Power Little Endian Eus 8.2Redhat Enterprise Linux For Ibm Z Systems Eus 8.2Redhat Enterprise Linux For Ibm Z Systems Eus 8.1Redhat Enterprise Linux For Power Little Endian Eus 8.1Redhat Enterprise Linux For Power Little Endian 8.0Redhat Enterprise Linux For Ibm Z Systems Eus 8.4
7.8
CVSSv3
CVE-2023-3899
A vulnerability was found in subscription-manager that allows local privilege escalation due to inadequate authorization. The D-Bus interface com.redhat.RHSM1 exposes a significant number of methods to all users that could change the state of the registration. By using the com.re...
Redhat Subscription-managerFedoraproject Fedora 37Fedoraproject Fedora 38Redhat Enterprise Linux Desktop 7.0Redhat Enterprise Linux Workstation 7.0Redhat Enterprise Linux For Scientific Computing 7.0Redhat Enterprise Linux Server 7.0Redhat Enterprise Linux For Power Little Endian 7.0Redhat Enterprise Linux For Power Big Endian 7.0Redhat Enterprise Linux For Ibm Z Systems 7.0Redhat Enterprise Linux 8.0Redhat Enterprise Linux Server Tus 8.2Redhat Enterprise Linux Server Aus 8.2Redhat Enterprise Linux Server Tus 8.4Redhat Enterprise Linux Server Aus 8.4Redhat Enterprise Linux For Power Little Endian 8.0Redhat Enterprise Linux For Ibm Z Systems 8.0Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 8.1Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 8.2Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 8.4Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 8.6Redhat Enterprise Linux For Ibm Z Systems Eus 8.6
7.8
CVSSv3
CVE-2023-3972
A vulnerability was found in insights-client. This security issue occurs because of insecure file operations or unsafe handling of temporary files and directories that lead to local privilege escalation. Before the insights-client has been registered on the system by root, an unp...
Redhat Insights-clientRedhat Enterprise Linux Desktop 7.0Redhat Enterprise Linux For Scientific Computing 7.0Redhat Enterprise Linux 7.0Redhat Enterprise Linux Server 7.0Redhat Enterprise Linux For Power Little Endian 7.0Redhat Enterprise Linux For Power Big Endian 7.0Redhat Enterprise Linux For Ibm Z Systems 7.0Redhat Enterprise Linux 8.0Redhat Enterprise Linux Server Tus 8.2Redhat Enterprise Linux Server Aus 8.2Redhat Enterprise Linux Server Tus 8.4Redhat Enterprise Linux Server Aus 8.4Redhat Enterprise Linux For Power Little Endian 8.0Redhat Enterprise Linux For Ibm Z Systems 8.0Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 8.1Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 8.2Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 8.4Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 8.6Redhat Enterprise Linux For Ibm Z Systems Eus 8.6Redhat Enterprise Linux Server Tus 8.6Redhat Enterprise Linux Eus 8.6
5.5
CVSSv3
CVE-2019-6454
An issue exists in sd-bus in systemd 239. bus_process_object() in libsystemd/sd-bus/bus-objects.c allocates a variable-length stack buffer for temporarily storing the object path of incoming D-Bus messages. An unprivileged local user can exploit this by sending a specially crafte...
Systemd Project Systemd 239Opensuse Leap 15.0Netapp Active Iq Performance Analytics Services -Debian Debian Linux 8.0Debian Debian Linux 9.0Fedoraproject Fedora 29Canonical Ubuntu Linux 16.04Canonical Ubuntu Linux 18.04Canonical Ubuntu Linux 18.10Redhat Enterprise Linux Desktop 7.0Redhat Enterprise Linux Workstation 7.0Redhat Enterprise Linux Server 7.0Redhat Enterprise Linux Server Tus 7.3Redhat Enterprise Linux Server Aus 7.3Redhat Enterprise Linux Server Aus 7.4Redhat Enterprise Linux Server Tus 7.4Redhat Enterprise Linux Eus 7.4Redhat Enterprise Linux Eus 7.5Redhat Enterprise Linux Server Tus 7.6Redhat Enterprise Linux Server Eus 7.6Redhat Enterprise Linux Server Aus 7.6Redhat Enterprise Linux 8.0
8.8
CVSSv3
CVE-2021-3656
A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "virt_ext" fiel...
Linux Linux Kernel 5.14Linux Linux KernelFedoraproject Fedora 33Fedoraproject Fedora 34Redhat Software Collections -Redhat Enterprise Linux Desktop 7.0Redhat Enterprise Linux Workstation 7.0Redhat Enterprise Linux For Scientific Computing 7.0Redhat Enterprise Linux Server 7.0Redhat Enterprise Linux For Power Little Endian 7.0Redhat Enterprise Linux For Real Time 7Redhat Enterprise Linux For Real Time For Nfv 7Redhat Enterprise Linux For Power Big Endian 7.0Redhat Enterprise Linux For Ibm Z Systems 7.0Redhat Enterprise Linux Server Tus 7.6Redhat Enterprise Linux Server Aus 7.6Redhat Enterprise Linux 8.0Redhat Enterprise Linux Server Aus 7.7Redhat Enterprise Linux Server Tus 7.7Redhat Enterprise Linux Eus 8.1Redhat Enterprise Linux Eus 8.2Redhat Enterprise Linux Server Tus 8.2
7.5
CVSSv3
CVE-2020-9490
Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would result in a crash when the server actually tries to HTTP/2 PUSH a resource afterwards. Configuring the HTTP/2 feature via "H2Push off&quo...
Apache Http ServerOracle Instantis Enterprisetrack 17.1Oracle Instantis Enterprisetrack 17.2Oracle Instantis Enterprisetrack 17.3Oracle Hyperion Infrastructure Technology 11.1.2.4Oracle Enterprise Manager Ops Center 12.4.0.0Oracle Communications Session Route ManagerOracle Communications Session Report ManagerOracle Communications Element ManagerOracle Zfs Storage Appliance Kit 8.8Opensuse Leap 15.1Opensuse Leap 15.2Debian Debian Linux 10.0Fedoraproject Fedora 31Fedoraproject Fedora 32Canonical Ubuntu Linux 18.04Canonical Ubuntu Linux 20.04Canonical Ubuntu Linux 16.04Redhat Software Collections 1.0Redhat Enterprise Linux 8.0Redhat Enterprise Linux Eus 8.1Redhat Enterprise Linux Eus 8.2
7
CVSSv3
CVE-2021-3697
A crafted JPEG image may lead the JPEG reader to underflow its data pointer, allowing user-controlled data to be written in heap. To a successful to be performed the attacker needs to perform some triage over the heap layout and craft an image with a malicious format and payload....
Gnu Grub2Redhat Openshift 3.0Redhat Enterprise Linux 8.0Redhat Developer Tools 1.0Redhat Enterprise Linux 8.1Redhat Enterprise Linux Eus 8.2Redhat Enterprise Linux Server Tus 8.2Redhat Enterprise Linux Server Aus 8.2Redhat Enterprise Linux Server Tus 8.4Redhat Enterprise Linux Eus 8.4Redhat Enterprise Linux Server Aus 8.4Redhat Enterprise Linux For Power Little Endian Eus 8.2Redhat Enterprise Linux For Power Little Endian 8.0Redhat Enterprise Linux For Power Little Endian Eus 8.4Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 8.1Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 8.2Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 8.4Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 8.6Redhat Enterprise Linux Server Aus 8.6Redhat Enterprise Linux Server Tus 8.6Redhat Enterprise Linux Eus 8.6Redhat Enterprise Linux For Power Little Endian Eus 8.6
7.8
CVSSv3
CVE-2023-0494
A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege elevation on systems where th...
X.org X ServerFedoraproject Fedora 36Fedoraproject Fedora 37Redhat Enterprise Linux Desktop 7.0Redhat Enterprise Linux For Scientific Computing 7.0Redhat Enterprise Linux Server 7.0Redhat Enterprise Linux For Power Little Endian 7.0Redhat Enterprise Linux For Power Big Endian 7.0Redhat Enterprise Linux For Ibm Z Systems 7.0Redhat Enterprise Linux 8.0Redhat Enterprise Linux 8.1Redhat Enterprise Linux Server Tus 8.2Redhat Enterprise Linux Server Aus 8.2Redhat Enterprise Linux Server Workstation 7.0Redhat Enterprise Linux Aus 8.4Redhat Enterprise Linux Server Tus 8.4Redhat Enterprise Linux Eus 8.4Redhat Enterprise Linux Server Update Services For Sap Solutions 8.2Redhat Enterprise Linux For Power Little Endian 8.0Redhat Enterprise Linux For Ibm Z Systems Eus 8.4Redhat Enterprise Linux For Ibm Z Systems 8.0Redhat Enterprise Linux For Power Little Endian Eus 8.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
deserializationCVE-2024-4040cross-site scriptingCVE-2023-25790CVE-2024-2961XML external entityCVE-2024-26926CVE-2024-32806CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook