Enterprise_linux_for_scientific_computing - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Enterprise_linux_for_scientific_computing
(Redhat)

Repositories	• https://github.com/torvalds/linux • https://github.com/ceph/ceph
#Vulnerabilities	55

Date	Id	Summary	Products	Score	Patch	Annotated
2023-03-27	CVE-2023-0494	A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege elevation on systems where the X server runs privileged and remote code execution for ssh X forwarding sessions.	Fedora, Enterprise_linux, Enterprise_linux_aus, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_for_ibm_z_systems, Enterprise_linux_for_ibm_z_systems_eus, Enterprise_linux_for_power_big_endian, Enterprise_linux_for_power_little_endian, Enterprise_linux_for_power_little_endian_eus, Enterprise_linux_for_scientific_computing, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions, Enterprise_linux_server_tus, Enterprise_linux_server_update_services_for_sap_solutions, Enterprise_linux_server_workstation, X_server	7.8
2023-02-01	CVE-2022-4254	sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters	Sssd, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_for_ibm_z_systems, Enterprise_linux_for_power_big_endian, Enterprise_linux_for_power_little_endian, Enterprise_linux_for_scientific_computing, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions, Enterprise_linux_server_tus, Enterprise_linux_server_update_services_for_sap_solutions, Enterprise_linux_workstation	8.8
2022-02-18	CVE-2021-4091	A double-free was found in the way 389-ds-base handles virtual attributes context in persistent searches. An attacker could send a series of search requests, forcing the server to behave unexpectedly, and crash.	389\-Ds\-Base, Enterprise_linux_desktop, Enterprise_linux_for_ibm_z_systems, Enterprise_linux_for_power_big_endian, Enterprise_linux_for_power_little_endian, Enterprise_linux_for_scientific_computing, Enterprise_linux_server, Enterprise_linux_workstation	7.5
2023-03-06	CVE-2019-8720	A vulnerability was found in WebKit. The flaw is triggered when processing maliciously crafted web content that may lead to arbitrary code execution. Improved memory handling addresses the multiple memory corruption issues.	Codeready_linux_builder, Codeready_linux_builder_eus, Codeready_linux_builder_for_arm64_eus, Codeready_linux_builder_for_ibm_z_systems_eus, Codeready_linux_builder_for_power_little_endian_eus, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_for_arm64, Enterprise_linux_for_arm64_eus, Enterprise_linux_for_ibm_z_systems, Enterprise_linux_for_ibm_z_systems_eus, Enterprise_linux_for_power_big_endian, Enterprise_linux_for_power_little_endian, Enterprise_linux_for_power_little_endian_eus, Enterprise_linux_for_scientific_computing, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions, Enterprise_linux_server_tus, Enterprise_linux_server_update_services_for_sap_solutions, Enterprise_linux_workstation, Webkitgtk, Wpe_webkit	8.8
2019-12-10	CVE-2019-13742	Incorrect security UI in Omnibox in Google Chrome on iOS prior to 79.0.3945.79 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.	Debian_linux, Fedora, Chrome, Enterprise_linux_desktop, Enterprise_linux_for_scientific_computing, Enterprise_linux_server, Enterprise_linux_workstation	6.5
2019-12-10	CVE-2019-13747	Uninitialized data in rendering in Google Chrome on Android prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	Debian_linux, Fedora, Chrome, Enterprise_linux_desktop, Enterprise_linux_for_scientific_computing, Enterprise_linux_server, Enterprise_linux_workstation	8.8
2019-12-10	CVE-2019-13758	Insufficient policy enforcement in navigation in Google Chrome on Android prior to 79.0.3945.79 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.	Debian_linux, Fedora, Chrome, Enterprise_linux_desktop, Enterprise_linux_for_scientific_computing, Enterprise_linux_server, Enterprise_linux_workstation	4.3
2019-12-10	CVE-2019-13761	Incorrect security UI in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.	Debian_linux, Fedora, Chrome, Enterprise_linux_desktop, Enterprise_linux_for_scientific_computing, Enterprise_linux_server, Enterprise_linux_workstation	4.3
2019-12-10	CVE-2019-13762	Insufficient policy enforcement in downloads in Google Chrome on Windows prior to 79.0.3945.79 allowed a local attacker to spoof downloaded files via local code.	Debian_linux, Fedora, Chrome, Enterprise_linux_desktop, Enterprise_linux_for_scientific_computing, Enterprise_linux_server, Enterprise_linux_workstation	3.3
2019-12-10	CVE-2019-13763	Insufficient policy enforcement in payments in Google Chrome prior to 79.0.3945.79 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page.	Debian_linux, Fedora, Chrome, Enterprise_linux_desktop, Enterprise_linux_for_scientific_computing, Enterprise_linux_server, Enterprise_linux_workstation	4.3