Enterprise_linux - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Enterprise_linux
(Redhat)

Repositories

• https://github.com/torvalds/linux
• https://github.com/Perl/perl5
• https://github.com/ceph/ceph
• https://github.com/ClusterLabs/pcs
• https://github.com/mjg59/linux

• https://github.com/apache/httpd
• https://github.com/opencontainers/runc
• https://github.com/bonzini/qemu
• https://github.com/codehaus-plexus/plexus-archiver
• https://github.com/openssh/openssh-portable
• https://github.com/kyz/libmspack
• https://github.com/git/git
• https://github.com/mysql/mysql-server
• https://github.com/neomutt/neomutt
• https://github.com/php/php-src
• https://github.com/vadz/libtiff
• https://github.com/numpy/numpy
• https://github.com/bagder/curl
• https://github.com/ClusterLabs/pacemaker
• https://github.com/hercules-team/augeas

#Vulnerabilities

1677

Date	Id	Summary	Products	Score	Patch	Annotated
2023-11-01	CVE-2023-5178	A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe/TCP subsystem in the Linux kernel. This issue may allow a malicious user to cause a use-after-free and double-free problem, which may permit remote code execution or lead to local privilege escalation.	Linux_kernel, Active_iq_unified_manager, Solidfire_\&_hci_management_node, Solidfire_\&_hci_storage_node, Enterprise_linux	8.8
2023-11-01	CVE-2023-1192	A use-after-free flaw was found in smb2_is_status_io_timeout() in CIFS in the Linux Kernel. After CIFS transfers response data to a system call, there are still local variable points to the memory region, and if the system call frees it faster than CIFS uses it, CIFS will access a free memory region, leading to a denial of service.	Linux_kernel, Enterprise_linux	6.5
2023-11-02	CVE-2023-3164	A heap-buffer-overflow vulnerability was found in LibTIFF, in extractImageSection() at tools/tiffcrop.c:7916 and tools/tiffcrop.c:7801. This flaw allows attackers to cause a denial of service via a crafted tiff file.	Libtiff, Enterprise_linux	5.5
2023-11-02	CVE-2023-38469	A vulnerability was found in Avahi, where a reachable assertion exists in avahi_dns_packet_append_record.	Avahi, Enterprise_linux	5.5
2023-11-02	CVE-2023-38470	A vulnerability was found in Avahi. A reachable assertion exists in the avahi_escape_label() function.	Avahi, Enterprise_linux	5.5
2023-11-02	CVE-2023-38471	A vulnerability was found in Avahi. A reachable assertion exists in the dbus_set_host_name function.	Avahi, Enterprise_linux	5.5
2023-11-02	CVE-2023-38472	A vulnerability was found in Avahi. A reachable assertion exists in the avahi_rdata_parse() function.	Avahi, Enterprise_linux	5.5
2023-11-02	CVE-2023-38473	A vulnerability was found in Avahi. A reachable assertion exists in the avahi_alternative_host_name() function.	Avahi, Enterprise_linux	5.5
2023-11-03	CVE-2023-46847	Squid is vulnerable to a Denial of Service, where a remote attacker can perform buffer overflow attack by writing up to 2 MB of arbitrary data to heap memory when Squid is configured to accept HTTP Digest Authentication.	Enterprise_linux, Enterprise_linux_eus, Enterprise_linux_for_arm_64, Enterprise_linux_for_ibm_z_systems, Enterprise_linux_for_power_little_endian, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Squid	7.5
2023-11-03	CVE-2023-46848	Squid is vulnerable to Denial of Service, where a remote attacker can perform DoS by sending ftp:// URLs in HTTP Request messages or constructing ftp:// URLs from FTP Native input.	Enterprise_linux, Enterprise_linux_eus, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Squid	7.5