Vulnerabilities (CVE)

Filtered by vendor Redhat Subscribe
Filtered by product Enterprise Linux
Total 1999 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-41819 6 Debian, Fedoraproject, Opensuse and 3 more 9 Debian Linux, Fedora, Factory and 6 more 2025-05-22 5.0 MEDIUM 7.5 HIGH
CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in cookie names. This also affects the CGI gem through 0.3.0 for Ruby.
CVE-2025-26601 3 Redhat, Tigervnc, X.org 4 Enterprise Linux, Tigervnc, X Server and 1 more 2025-05-16 N/A 7.8 HIGH
A use-after-free flaw was found in X.Org and Xwayland. When changing an alarm, the values of the change mask are evaluated one after the other, changing the trigger values as requested, and eventually, SyncInitTrigger() is called. If one of the changes triggers an error, the function will return early, not adding the new sync object, possibly causing a use-after-free when the alarm eventually triggers.
CVE-2025-26600 3 Redhat, Tigervnc, X.org 4 Enterprise Linux, Tigervnc, X Server and 1 more 2025-05-16 N/A 7.8 HIGH
A use-after-free flaw was found in X.Org and Xwayland. When a device is removed while still frozen, the events queued for that device remain while the device is freed. Replaying the events will cause a use-after-free.
CVE-2021-40438 11 Apache, Broadcom, Debian and 8 more 40 Http Server, Brocade Fabric Operating System Firmware, Debian Linux and 37 more 2025-05-16 6.8 MEDIUM 9.0 CRITICAL
A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.
CVE-2022-2963 3 Fedoraproject, Jasper Project, Redhat 3 Fedora, Jasper, Enterprise Linux 2025-05-15 N/A 7.5 HIGH
A vulnerability found in jasper. This security vulnerability happens because of a memory leak bug in function cmdopts_parse that can cause a crash or segmentation fault.
CVE-2022-2850 4 Debian, Fedoraproject, Port389 and 1 more 5 Debian Linux, Fedora, 389-ds-base and 2 more 2025-05-15 N/A 6.5 MEDIUM
A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service. This CVE is assigned against an incomplete fix of CVE-2021-3514.
CVE-2025-26599 3 Redhat, Tigervnc, X.org 4 Enterprise Linux, Tigervnc, X Server and 1 more 2025-05-13 N/A 7.8 HIGH
An access to an uninitialized pointer flaw was found in X.Org and Xwayland. The function compCheckRedirect() may fail if it cannot allocate the backing pixmap. In that case, compRedirectWindow() will return a BadAlloc error without validating the window tree marked just before, which leaves the validated data partly initialized and the use of an uninitialized pointer later.
CVE-2025-26598 3 Redhat, Tigervnc, X.org 4 Enterprise Linux, Tigervnc, X Server and 1 more 2025-05-13 N/A 7.8 HIGH
An out-of-bounds write flaw was found in X.Org and Xwayland. The function GetBarrierDevice() searches for the pointer device based on its device ID and returns the matching value, or supposedly NULL, if no match was found. However, the code will return the last element of the list if no matching device ID is found, which can lead to out-of-bounds memory access.
CVE-2025-26597 3 Redhat, Tigervnc, X.org 4 Enterprise Linux, Tigervnc, X Server and 1 more 2025-05-13 N/A 7.8 HIGH
A buffer overflow flaw was found in X.Org and Xwayland. If XkbChangeTypesOfKey() is called with a 0 group, it will resize the key symbols table to 0 but leave the key actions unchanged. If the same function is later called with a non-zero value of groups, this will cause a buffer overflow because the key actions are of the wrong size.
CVE-2025-26596 3 Redhat, Tigervnc, X.org 4 Enterprise Linux, Tigervnc, X Server and 1 more 2025-05-13 N/A 7.8 HIGH
A heap overflow flaw was found in X.Org and Xwayland. The computation of the length in XkbSizeKeySyms() differs from what is written in XkbWriteKeySyms(), which may lead to a heap-based buffer overflow.
CVE-2025-26595 3 Redhat, Tigervnc, X.org 4 Enterprise Linux, Tigervnc, X Server and 1 more 2025-05-13 N/A 7.8 HIGH
A buffer overflow flaw was found in X.Org and Xwayland. The code in XkbVModMaskText() allocates a fixed-sized buffer on the stack and copies the names of the virtual modifiers to that buffer. The code fails to check the bounds of the buffer and would copy the data regardless of the size.
CVE-2025-26594 3 Redhat, Tigervnc, X.org 4 Enterprise Linux, Tigervnc, X Server and 1 more 2025-05-13 N/A 7.8 HIGH
A use-after-free flaw was found in X.Org and Xwayland. The root cursor is referenced in the X server as a global variable. If a client frees the root cursor, the internal reference points to freed memory and causes a use-after-free.
CVE-2018-1000180 5 Bouncycastle, Debian, Netapp and 2 more 21 Bc-java, Fips Java Api, Debian Linux and 18 more 2025-05-12 5.0 MEDIUM 7.5 HIGH
Bouncy Castle BC 1.54 - 1.59, BC-FJA 1.0.0, BC-FJA 1.0.1 and earlier have a flaw in the Low-level interface to RSA key pair generator, specifically RSA Key Pairs generated in low-level API with added certainty may have less M-R tests than expected. This appears to be fixed in versions BC 1.60 beta 4 and later, BC-FJA 1.0.2 and later.
CVE-2023-50387 8 Fedoraproject, Isc, Microsoft and 5 more 13 Fedora, Bind, Windows Server 2008 and 10 more 2025-05-12 N/A 7.5 HIGH
Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG records, the protocol specification implies that an algorithm must evaluate all combinations of DNSKEY and RRSIG records.
CVE-2015-0240 4 Canonical, Novell, Redhat and 1 more 6 Ubuntu Linux, Suse Linux Enterprise Desktop, Suse Linux Enterprise Server and 3 more 2025-05-09 10.0 HIGH N/A
The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x before 3.6.25, 4.0.x before 4.0.25, 4.1.x before 4.1.17, and 4.2.x before 4.2.0rc5 performs a free operation on an uninitialized stack pointer, which allows remote attackers to execute arbitrary code via crafted Netlogon packets that use the ServerPasswordSet RPC API, as demonstrated by packets reaching the _netr_ServerPasswordSet function in rpc_server/netlogon/srv_netlog_nt.c.
CVE-2023-4911 6 Canonical, Debian, Fedoraproject and 3 more 38 Ubuntu Linux, Debian Linux, Fedora and 35 more 2025-05-06 N/A 7.8 HIGH
A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.
CVE-2024-3567 2 Qemu, Redhat 2 Qemu, Enterprise Linux 2025-05-06 N/A 5.5 MEDIUM
A flaw was found in QEMU. An assertion failure was present in the update_sctp_checksum() function in hw/net/net_tx_pkt.c when trying to calculate the checksum of a short-sized fragmented packet. This flaw allows a malicious guest to crash QEMU and cause a denial of service condition.
CVE-2023-6693 3 Fedoraproject, Qemu, Redhat 3 Fedora, Qemu, Enterprise Linux 2025-05-06 N/A 4.9 MEDIUM
A stack based buffer overflow was found in the virtio-net device of QEMU. This issue occurs when flushing TX in the virtio_net_flush_tx function if guest features VIRTIO_NET_F_HASH_REPORT, VIRTIO_F_VERSION_1 and VIRTIO_NET_F_MRG_RXBUF are enabled. This could allow a malicious user to overwrite local variables allocated on the stack. Specifically, the `out_sg` variable could be used to read a part of process memory and send it to the wire, causing an information leak.
CVE-2020-11868 5 Debian, Netapp, Ntp and 2 more 24 Debian Linux, All Flash Fabric-attached Storage 8300, All Flash Fabric-attached Storage 8300 Firmware and 21 more 2025-05-05 5.0 MEDIUM 7.5 HIGH
ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofed source IP address, because transmissions are rescheduled even when a packet lacks a valid origin timestamp.
CVE-2023-33203 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2025-05-05 N/A 6.4 MEDIUM
The Linux kernel before 6.2.9 has a race condition and resultant use-after-free in drivers/net/ethernet/qualcomm/emac/emac.c if a physically proximate attacker unplugs an emac based device.