Product:

Enterprise_linux

(Redhat)
Repositories https://github.com/torvalds/linux
https://github.com/Perl/perl5
https://github.com/ceph/ceph
https://github.com/ClusterLabs/pcs
https://github.com/mjg59/linux
#Vulnerabilities 1687
Date Id Summary Products Score Patch Annotated
2024-06-12 CVE-2024-5742 A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a window of opportunity for attackers to escalate privileges through a malicious symlink. Nano, Enterprise_linux N/A
2024-06-21 CVE-2024-6239 A flaw was found in the Poppler's Pdfinfo utility. This issue occurs when using -dests parameter with pdfinfo utility. By using certain malformed input files, an attacker could cause the utility to crash, leading to a denial of service. Poppler, Enterprise_linux 7.5
2024-07-01 CVE-2024-6387 A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period. Linux_2023, Ubuntu_linux, Debian_linux, Freebsd, E\-Series_santricity_os_controller, Ontap_select_deploy_administration_utility, Ontap_tools, Netbsd, Openssh, Enterprise_linux, Enterprise_linux_eus, Enterprise_linux_for_arm_64, Enterprise_linux_for_arm_64_eus, Enterprise_linux_for_ibm_z_systems, Enterprise_linux_for_ibm_z_systems_eus, Enterprise_linux_for_power_little_endian, Enterprise_linux_for_power_little_endian_eus, Enterprise_linux_server_aus, Openshift_container_platform, Linux_enterprise_micro 8.1
2024-07-05 CVE-2024-6505 A flaw was found in the virtio-net device in QEMU. When enabling the RSS feature on the virtio-net network card, the indirections_table data within RSS becomes controllable. Setting excessively large values may cause an index out-of-bounds issue, potentially resulting in heap overflow access. This flaw allows a privileged user in the guest to crash the QEMU process on the host. Qemu, Enterprise_linux N/A
2024-07-09 CVE-2024-6237 A flaw was found in the 389 Directory Server. This flaw allows an unauthenticated user to cause a systematic server crash while sending a specific extended search request, leading to a denial of service. 389_directory_server, Directory_server, Enterprise_linux 6.5
2024-08-12 CVE-2024-7006 A null pointer dereference flaw was found in Libtiff via `tif_dirinfo.c`. This issue may allow an attacker to trigger memory allocation failures through certain means, such as restricting the heap space size or injecting faults, causing a segmentation fault. This can cause an application crash, eventually leading to a denial of service. Libtiff, Enterprise_linux, Enterprise_linux_for_arm_64, Enterprise_linux_for_power_little_endian_eus, Enterprise_linux_server_aus 7.5
2024-09-19 CVE-2024-8354 A flaw was found in QEMU. An assertion failure was present in the usb_ep_get() function in hw/net/core.c when trying to get the USB endpoint from a USB device. This flaw may allow a malicious unprivileged guest user to crash the QEMU process on the host and cause a denial of service condition. Qemu, Enterprise_linux N/A
2024-11-12 CVE-2024-49393 In neomutt and mutt, the To and Cc email headers are not validated by cryptographic signing which allows an attacker that intercepts a message to change their value and include himself as a one of the recipients to compromise message confidentiality. Mutt, Neomutt, Enterprise_linux 5.9
2024-11-12 CVE-2024-49394 In mutt and neomutt the In-Reply-To email header field is not protected by cryptographic signing which allows an attacker to reuse an unencrypted but signed email message to impersonate the original sender. Mutt, Neomutt, Enterprise_linux 5.3
2024-11-12 CVE-2024-49395 In mutt and neomutt, PGP encryption does not use the --hidden-recipient mode which may leak the Bcc email header field by inferring from the recipients info. Mutt, Neomutt, Enterprise_linux 5.3