A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead to sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
Source: Red Hat, Inc.
Max CVSS
8.1
EPSS Score
36.87%
Published
2024-07-01
Updated
2024-07-11
A vulnerability was found in libndp. This flaw allows a local malicious user to cause a buffer overflow in NetworkManager, triggered by sending a malformed IPv6 router advertisement packet. This issue occurred as libndp was not correctly validating the route length information.
Source: Red Hat, Inc.
Max CVSS
8.1
EPSS Score
0.05%
Published
2024-05-31
Updated
2024-06-28
A flaw was found in cri-o. A malicious container can create a symbolic link pointing to an arbitrary directory or file on the host via directory traversal (“../“). This flaw allows the container to read and write to arbitrary files on the host system.
Source: Red Hat, Inc.
Max CVSS
8.1
EPSS Score
0.05%
Published
2024-06-12
Updated
2024-06-27
A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks.
Source: Red Hat, Inc.
Max CVSS
8.3
EPSS Score
0.05%
Published
2024-05-09
Updated
2024-07-03
A flaw was found when using mirror-registry to install Quay. It uses a default database secret key, which is stored in plain-text format in one of the configuration template files. This issue may lead to all instances of Quay deployed using mirror-registry to have the same database secret key. This flaw allows a malicious actor to access sensitive information from Quay's database.
Source: Red Hat, Inc.
Max CVSS
8.1
EPSS Score
0.04%
Published
2024-04-25
Updated
2024-04-26
A flaw was found when using mirror-registry to install Quay. It uses a default secret, which is stored in plain-text format in one of the configuration template files. This issue may lead to all instances of Quay deployed using mirror-registry to have the same secret key. This flaw allows a malicious actor to craft session cookies and as a consequence, it may lead to gaining access to the affected Quay instance.
Source: Red Hat, Inc.
Max CVSS
8.8
EPSS Score
0.04%
Published
2024-04-25
Updated
2024-04-26
A double free vulnerability was found in QEMU virtio devices (virtio-gpu, virtio-serial-bus, virtio-crypto), where the mem_reentrancy_guard flag insufficiently protects against DMA reentrancy issues. This issue could allow a malicious privileged guest user to crash the QEMU process on the host, resulting in a denial of service or allow arbitrary code execution within the context of the QEMU process on the host.
Source: Red Hat, Inc.
Max CVSS
8.2
EPSS Score
0.05%
Published
2024-04-09
Updated
2024-04-18
A flaw was found in PCP. The default pmproxy configuration exposes the Redis server backend to the local network, allowing remote command execution with the privileges of the Redis user. This issue can only be exploited when pmproxy is running. By default, pmproxy is not running and needs to be started manually. The pmproxy service is usually started from the 'Metrics settings' page of the Cockpit web interface. This flaw affects PCP versions 4.3.4 and newer.
Source: Red Hat, Inc.
Max CVSS
8.8
EPSS Score
0.04%
Published
2024-03-28
Updated
2024-05-28
A flaw was found in Buildah (and subsequently Podman Build) which allows containers to mount arbitrary locations on the host filesystem into build containers. A malicious Containerfile can use a dummy image with a symbolic link to the root filesystem as a mount source and cause the mount operation to mount the host root filesystem inside the RUN step. The commands inside the RUN step will then have read-write access to the host filesystem, allowing for full container escape at build time.
Source: Red Hat, Inc.
Max CVSS
8.6
EPSS Score
0.05%
Published
2024-03-18
Updated
2024-05-24
A flaw was found in the ansible automation platform. An insecure WebSocket connection was being used in installation from the Ansible rulebook EDA server. An attacker that has access to any machine in the CIDR block could download all rulebook data from the WebSocket, resulting in loss of confidentiality and integrity of the system.
Source: Red Hat, Inc.
Max CVSS
8.1
EPSS Score
0.05%
Published
2024-04-25
Updated
2024-04-25
A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. If a process can connect over localhost to port 8953, it can alter the configuration of unbound.service. This flaw allows an unprivileged attacker to manipulate a running instance, potentially altering forwarders, allowing them to track all queries forwarded by the local resolver, and, in some cases, disrupting resolving altogether.
Source: Red Hat, Inc.
Max CVSS
8.0
EPSS Score
0.05%
Published
2024-02-15
Updated
2024-05-08
A flaw was found in the decompression function of registry-support. This issue can be triggered if an unauthenticated remote attacker tricks a user into parsing a devfile which uses the `parent` or `plugin` keywords. This could download a malicious archive and cause the cleanup process to overwrite or delete files outside of the archive, which should not be allowed.
Source: Red Hat, Inc.
Max CVSS
8.0
EPSS Score
0.05%
Published
2024-02-14
Updated
2024-02-22
A flaw was found in Keycloak, where it does not properly validate URLs included in a redirect. This issue could allow an attacker to construct a malicious request to bypass validation and access other URLs and sensitive information within the domain or conduct further attacks. This flaw affects any client that utilizes a wildcard in the Valid Redirect URIs field, and requires user interaction within the malicious URL.
Source: Red Hat, Inc.
Max CVSS
8.1
EPSS Score
0.05%
Published
2024-04-17
Updated
2024-07-03
Squid is vulnerable to Denial of Service, where a remote attacker can perform DoS by sending ftp:// URLs in HTTP Request messages or constructing ftp:// URLs from FTP Native input.
Source: Red Hat, Inc.
Max CVSS
8.6
EPSS Score
1.36%
Published
2023-11-03
Updated
2023-12-14
Squid is vulnerable to a Denial of Service, where a remote attacker can perform buffer overflow attack by writing up to 2 MB of arbitrary data to heap memory when Squid is configured to accept HTTP Digest Authentication.
Source: Red Hat, Inc.
Max CVSS
8.6
EPSS Score
3.03%
Published
2023-11-03
Updated
2024-02-16
A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete system compromise. This flaw is only exploitable during the early boot phase, an attacker needs to perform a Man-in-the-Middle or compromise the boot server to be able to exploit this vulnerability successfully.
Source: Red Hat, Inc.
Max CVSS
8.3
EPSS Score
2.52%
Published
2024-01-25
Updated
2024-06-10
IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct (dollar quoting, '', or ""). If an administrator has installed files of a vulnerable, trusted, non-bundled extension, an attacker with database-level CREATE privilege can execute arbitrary code as the bootstrap superuser.
Source: Red Hat, Inc.
Max CVSS
8.8
EPSS Score
0.18%
Published
2023-08-11
Updated
2024-02-16
An improper input validation flaw was found in the eBPF subsystem in the Linux kernel. The issue occurs due to a lack of proper validation of dynamic pointers within user-supplied eBPF programs prior to executing them. This may allow an attacker with CAP_BPF privileges to escalate privileges and execute arbitrary code in the context of the kernel.
Source: Red Hat, Inc.
Max CVSS
8.2
EPSS Score
0.05%
Published
2023-10-04
Updated
2024-01-25

CVE-2023-32373

Known exploited
A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, Safari 16.5, iOS 16.5 and iPadOS 16.5. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
Source: Apple Inc.
Max CVSS
8.8
EPSS Score
0.12%
Published
2023-06-23
Updated
2024-06-27
CISA KEV Added
2023-05-22
A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing specially crafted data. This enables the execution of arbitrary code on the target system, allowing users to write arbitrary bytes to memory and extensively read the server's memory.
Source: Red Hat, Inc.
Max CVSS
8.8
EPSS Score
1.45%
Published
2023-12-10
Updated
2024-01-25
A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe/TCP subsystem in the Linux kernel. This issue may allow a malicious user to cause a use-after-free and double-free problem, which may permit remote code execution or lead to local privilege escalation.
Source: Red Hat, Inc.
Max CVSS
8.8
EPSS Score
2.43%
Published
2023-11-01
Updated
2024-06-18
A flaw was found in the Keycloak package, more specifically org.keycloak.userprofile. When a user registers itself through registration flow, the "password" and "password-confirm" field from the form will occur as regular user attributes. All users and clients with proper rights and roles are able to read users attributes, allowing a malicious user with minimal access to retrieve the users passwords in clear text, jeopardizing their environment.
Source: Red Hat, Inc.
Max CVSS
8.8
EPSS Score
0.06%
Published
2023-09-12
Updated
2023-09-15
A flaw was found in Quarkus where HTTP security policies are not sanitizing certain character permutations correctly when accepting requests, resulting in incorrect evaluation of permissions. This issue could allow an attacker to bypass the security policy altogether, resulting in unauthorized endpoint access and possibly a denial of service.
Source: Red Hat, Inc.
Max CVSS
8.1
EPSS Score
0.21%
Published
2023-09-20
Updated
2023-12-21
A vulnerability was found in quarkus-core. This vulnerability occurs because the TLS protocol configured with quarkus.http.ssl.protocols is not enforced, and the client can force the selection of the weaker supported TLS protocol.
Source: Red Hat, Inc.
Max CVSS
8.1
EPSS Score
0.10%
Published
2023-07-04
Updated
2023-07-11
This CVE exists because of an incomplete fix for CVE-2021-3750. More specifically, the qemu-kvm package as released for Red Hat Enterprise Linux 9.1 via RHSA-2022:7967 included a version of qemu-kvm that was actually missing the fix for CVE-2021-3750.
Source: Red Hat, Inc.
Max CVSS
8.2
EPSS Score
0.04%
Published
2023-09-13
Updated
2023-12-28
512 vulnerabilities found
1 2 3 4 5 6 ...... 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!