Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Enterprise_linux
(Redhat)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-12-19 | CVE-2022-3775 | When rendering certain unicode sequences, grub2's font code doesn't proper validate if the informed glyph's width and height is constrained within bitmap size. As consequence an attacker can craft an input which will lead to a out-of-bounds write into grub2's heap, leading to memory corruption and availability issues. Although complex, arbitrary code execution could not be discarded. | Grub2, Enterprise_linux | 7.1 | ||
| 2023-04-25 | CVE-2023-30549 | Apptainer is an open source container platform for Linux. There is an ext4 use-after-free flaw that is exploitable through versions of Apptainer < 1.1.0 and installations that include apptainer-suid < 1.1.8 on older operating systems where that CVE has not been patched. That includes Red Hat Enterprise Linux 7, Debian 10 buster (unless the linux-5.10 package is installed), Ubuntu 18.04 bionic and Ubuntu 20.04 focal. Use-after-free flaws in the kernel can be used to attack the kernel for... | Apptainer, Enterprise_linux, Singularity | 7.8 | ||
| 2023-09-30 | CVE-2023-44488 | VP9 in libvpx before 1.13.1 mishandles widths, leading to a crash related to encoding. | Debian_linux, Fedora, Enterprise_linux, Libvpx | 7.5 | ||
| 2023-11-09 | CVE-2023-5544 | Wiki comments required additional sanitizing and access restrictions to prevent a stored XSS risk and potential IDOR risk. | Fedora, Moodle, Enterprise_linux | 5.4 | ||
| 2023-11-09 | CVE-2023-5546 | ID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS risk. | Fedora, Moodle, Enterprise_linux | 5.4 | ||
| 2023-11-09 | CVE-2023-5547 | The course upload preview contained an XSS risk for users uploading unsafe data. | Fedora, Moodle, Enterprise_linux | 6.1 | ||
| 2022-08-26 | CVE-2022-34303 | A flaw was found in Eurosoft bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader currently in use with this bootloader. Access to the EFI System Partition is required for booting using external media. | Uefi_bootloader, Windows_10, Windows_11, Windows_8\.1, Windows_rt_8\.1, Windows_server_2012, Windows_server_2016, Windows_server_2019, Windows_server_2022, Enterprise_linux | 6.7 | ||
| 2022-08-26 | CVE-2022-34301 | A flaw was found in CryptoPro Secure Disk bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader currently in use with this bootloader. Access to the EFI System Partition is required for booting using external media. | Cryptopro_securedisk_for_bitlocker, Windows_10, Windows_11, Windows_8\.1, Windows_rt_8\.1, Windows_server_2012, Windows_server_2016, Windows_server_2019, Windows_server_2022, Enterprise_linux | 6.7 | ||
| 2022-08-26 | CVE-2022-34302 | A flaw was found in New Horizon Datasys bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader currently in use with this bootloader. Access to the EFI System Partition is required for booting using external media. | Uefi_bootloader, Windows_10, Windows_11, Windows_8\.1, Windows_rt_8\.1, Windows_server_2012, Windows_server_2016, Windows_server_2019, Windows_server_2022, Enterprise_linux | 6.7 | ||
| 2023-11-03 | CVE-2023-1476 | A use-after-free flaw was found in the Linux kernel’s mm/mremap memory address space accounting source code. This issue occurs due to a race condition between rmap walk and mremap, allowing a local user to crash the system or potentially escalate their privileges on the system. | Linux_kernel, Enterprise_linux, Enterprise_linux_eus, Enterprise_linux_for_power_little_endian, Enterprise_linux_for_power_little_endian_eus, Enterprise_linux_server_tus | 7.0 |