threat
engine
.sh
Back
·
··:··
Home
/
Product
/
redhat enterprise linux aus
Product
redhat enterprise linux aus
44 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2024-3183
all versions
A vulnerability was found in FreeIPA in a way when a Kerberos TGS-REQ is encrypted using the client’s session key. This key is d
8.1
HIGH
CVE-2024-0229
all versions
An out-of-bounds memory access flaw was found in the X.Org server. This issue can be triggered when a device frozen by a sync grab
7.8
HIGH
CVE-2023-47038
all versions
A vulnerability was found in perl 5.30.0 through 5.38.0. This issue occurs when a crafted regular expression is compiled by perl,
7.0
HIGH
CVE-2023-3972
all versions
A vulnerability was found in insights-client. This security issue occurs because of insecure file operations or unsafe handling of
7.8
HIGH
CVE-2023-0494
all versions
A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by
7.8
HIGH
CVE-2021-3669
all versions
A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with large shared memory segment counts
5.5
MEDIUM
CVE-2021-20316
all versions
A flaw was found in the way Samba handled file/directory metadata. This flaw allows an authenticated attacker with permissions to
6.8
MEDIUM
CVE-2021-3609
all versions
.A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsy
7.0
HIGH
CVE-2021-3570
all versions
A flaw was found in the ptp4l program of the linuxptp package. A missing length check when forwarding a PTP message between ports
8.8
HIGH
CVE-2020-14355
all versions
Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system, before
6.6
MEDIUM
CVE-2020-1045
all versions
<p>A security feature bypass vulnerability exists in the way Microsoft ASP.NET Core parses encoded cookie names.</p> <p>The ASP.NE
7.5
HIGH
CVE-2020-10711
all versions
A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. This flaw occurs while i
5.9
MEDIUM
CVE-2019-9506
all versions
The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not pre
8.1
HIGH
CVE-2019-11478
all versions
Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmente
5.3
MEDIUM
CVE-2019-11477
all versions
Jonathan Looney discovered that the TCP_SKB_CB(skb)-tcp_gso_segs value was subject to an integer overflow in the Linux kernel when
7.5
HIGH
CVE-2019-10126
all versions
A flaw was found in the Linux kernel. A heap based buffer overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/
9.8
CRITICAL
CVE-2019-11811
all versions
An issue was discovered in the Linux kernel before 5.0.4. There is a use-after-free upon attempted read access to /proc/ioports af
7.0
HIGH
CVE-2018-16878
all versions
A flaw was found in pacemaker up to and including version 2.0.1. An insufficient verification inflicted preference of uncontrolled
5.5
MEDIUM
CVE-2018-14638
all versions
A flaw was found in 389-ds-base before version 1.3.8.4-13. The process ns-slapd crashes in delete_passwdPolicy function when persi
7.5
HIGH
CVE-2018-13405
all versions
The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended
7.8
HIGH
CVE-2017-7847
all versions
Crafted CSS in an RSS feed can leak and reveal local path strings, which may contain user name. This vulnerability affects Thunder
4.3
MEDIUM
CVE-2017-7829
all versions
It is possible to spoof the sender's email address and display an arbitrary sender address to the email recipient. The real sender
5.3
MEDIUM
CVE-2017-7824
all versions
A buffer overflow occurs when drawing and validating elements with the ANGLE graphics library, used for WebGL content. This is due
9.8
CRITICAL
CVE-2016-9901
all versions
HTML tags received from the Pocket server will be processed without sanitization and any JavaScript code executed will be run in t
9.8
CRITICAL
CVE-2018-1049
all versions
In systemd prior to 234 a race condition exists between .mount and .automount units such that automount requests from kernel may n
5.9
MEDIUM
CVE-2017-10661
all versions
Race condition in fs/timerfd.c in the Linux kernel before 4.10.15 allows local users to gain privileges or cause a denial of servi
7.0
HIGH
CVE-2016-5195
all versions
Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging in
7.0
HIGH
CVE-2014-9585
all versions
The vdso_addr function in arch/x86/vdso/vma.c in the Linux kernel through 3.18.2 does not properly choose memory locations for the
CVE-2014-9584
all versions
The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel before 3.18.2 does not validate a length value
CVE-2011-1182
all versions
kernel/signal.c in the Linux kernel before 2.6.39 allows local users to spoof the uid and pid of a signal sender via a sigqueueinf
CVE-2013-0783
all versions
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunder
CVE-2013-0782
all versions
Heap-based buffer overflow in the nsSaveAsCharset::DoCharsetConversion function in Mozilla Firefox before 19.0, Firefox ESR 17.x b
CVE-2013-0780
all versions
Use-after-free vulnerability in the nsOverflowContinuationTracker::Finish function in Mozilla Firefox before 19.0, Firefox ESR 17.
CVE-2013-0776
all versions
Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and Se
CVE-2013-0775
all versions
Use-after-free vulnerability in the nsImageLoadingContent::OnStopContainer function in Mozilla Firefox before 19.0, Firefox ESR 17
CVE-2013-0772
all versions
The RasterImage::DrawFrameTo function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows
CVE-2012-0260
all versions
The JPEGWarningHandler function in coders/jpeg.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of servic
6.5
MEDIUM
CVE-2011-2213
all versions
The inet_diag_bc_audit function in net/ipv4/inet_diag.c in the Linux kernel before 2.6.39.3 does not properly audit INET_DIAG byte
CVE-2011-2492
all versions
The bluetooth subsystem in the Linux kernel before 3.0-rc4 does not properly initialize certain data structures, which allows loca
CVE-2011-1093
all versions
The dccp_rcv_state_process function in net/dccp/input.c in the Datagram Congestion Control Protocol (DCCP) implementation in the L
CVE-2011-2022
all versions
The agp_generic_remove_memory function in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 does not validate a certa
CVE-2011-1746
all versions
Multiple integer overflows in the (1) agp_allocate_memory and (2) agp_create_user_memory functions in drivers/char/agp/generic.c i
CVE-2011-1745
all versions
Integer overflow in the agp_generic_insert_memory function in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 allow
CVE-2011-1593
all versions
Multiple integer overflows in the next_pidmap function in kernel/pid.c in the Linux kernel before 2.6.38.4 allow local users to ca
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin