cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-9632,https://securityvulnerability.io/vulnerability/CVE-2024-9632,"X.org Server Flaw Allows Buffer Overflow, Denial of Service or Privilege Escalation","A flaw exists in the X.org server that stems from an improper handling of allocation size in the _XkbSetCompatMap function. This vulnerability allows a local attacker to potentially exploit this issue by sending a specially crafted payload, which could result in a buffer overflow condition. If successfully exploited, this vulnerability may lead to denial of service or enable local privilege escalation in environments where the X.org server operates with elevated permissions, specifically with root access. It is crucial for administrators to review their configurations and apply necessary security updates to mitigate the risks associated with this vulnerability.",Red Hat,",Red Hat Enterprise Linux 7 Extended Lifecycle Support,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8.2 Advanced Update Support,Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support,Red Hat Enterprise Linux 8.4 Telecommunications Update Service,Red Hat Enterprise Linux 8.4 Update Services For SAP Solutions,Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support,Red Hat Enterprise Linux 8.6 Telecommunications Update Service,Red Hat Enterprise Linux 8.6 Update Services For SAP Solutions,Red Hat Enterprise Linux 8.8 Extended Update Support,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9.0 Update Services For SAP Solutions,Red Hat Enterprise Linux 9.2 Extended Update Support,Red Hat Enterprise Linux 9.4 Extended Update Support,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7",7.8,HIGH,0.0004400000034365803,false,false,false,false,,false,false,2024-10-30T07:42:35.320Z,0
CVE-2024-9050,https://securityvulnerability.io/vulnerability/CVE-2024-9050,Networkmanager-libreswan: local privilege escalation via leftupdown,"A security flaw exists in the libreswan client plugin for NetworkManager, specifically within its handling of VPN configurations. This vulnerability arises from improper sanitation of the configuration input provided by local unprivileged users. This key-value format configuration management fails to adequately escape special characters, causing the application to misinterpret values as keys. This misconfiguration could allow malicious actors to manipulate key parameters such as 'leftupdown', which is capable of running executable commands. Because NetworkManager employs Polkit to permit unprivileged users to alter system network settings, an attacker could escalate privileges locally, potentially leading to root-level code execution on the affected system by crafting a malicious configuration.",Red Hat,"Red Hat Enterprise Linux 7.7 Advanced Update Support,Red Hat Enterprise Linux 7 Extended Lifecycle Support,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8.2 Advanced Update Support,Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support,Red Hat Enterprise Linux 8.4 Telecommunications Update Service,Red Hat Enterprise Linux 8.4 Update Services For SAP Solutions,Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support,Red Hat Enterprise Linux 8.6 Telecommunications Update Service,Red Hat Enterprise Linux 8.6 Update Services For SAP Solutions,Red Hat Enterprise Linux 8.8 Extended Update Support,Red Hat Enterprise Linux 9.0 Update Services For SAP Solutions,Red Hat Enterprise Linux 9.2 Extended Update Support,Red Hat Enterprise Linux 9",7.8,HIGH,0.0004600000102072954,false,false,false,false,,false,false,2024-10-22T13:15:00.000Z,0
CVE-2024-9675,https://securityvulnerability.io/vulnerability/CVE-2024-9675,Buildah: buildah allows arbitrary directory mount,"A directory traversal vulnerability exists in Buildah, where cache mounts fail to properly validate user-specified paths against the designated cache directory. This flaw allows malicious users to utilize a 'RUN' instruction within a Container file to mount arbitrary directories from the host system into the container with read/write access. Such exploitation can lead to unauthorized access to host file systems, posing significant security risks for applications depending on Buildah.",Red Hat,"Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support,Red Hat Enterprise Linux 8.6 Telecommunications Update Service,Red Hat Enterprise Linux 8.6 Update Services For SAP Solutions,Red Hat Enterprise Linux 8.8 Extended Update Support,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9.0 Extended Update Support,Red Hat Enterprise Linux 9.2 Extended Update Support,Red Hat Openshift Container Platform 4.13,Red Hat Openshift Container Platform 4.14,Red Hat Openshift Container Platform 4.15,Red Hat Openshift Container Platform 4.16,Red Hat Openshift Container Platform 4.17,Openshift Developer Tools And Services,Red Hat Enterprise Linux 7,Red Hat Openshift Container Platform 4,Red Hat Quay 3",7.8,HIGH,0.0004400000034365803,false,false,false,false,,false,false,2024-10-09T15:15:00.000Z,0
CVE-2024-4467,https://securityvulnerability.io/vulnerability/CVE-2024-4467,QEMU qemu-img Vulnerability: Memory or CPU Consumption Denial of Service,"A vulnerability exists in the QEMU disk image utility related to the 'info' command, where a specially crafted image file containing a specific JSON value can cause the qemu-img process to use an excessive amount of system resources. This behavior may result in resource exhaustion, potentially leading to a denial of service. The exploit can also enable unauthorized read/write access to existing external files on the host system, creating a significant security risk for affected environments.",Red Hat,"Advanced Virtualization For Rhel 8.2.1,Advanced Virtualization For Rhel 8.4.0.eus,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support,Red Hat Enterprise Linux 8.4 Telecommunications Update Service,Red Hat Enterprise Linux 8.4 Update Services For SAP Solutions,Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support,Red Hat Enterprise Linux 8.6 Telecommunications Update Service,Red Hat Enterprise Linux 8.6 Update Services For SAP Solutions,Red Hat Enterprise Linux 8.8 Extended Update Support,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9.0 Update Services For SAP Solutions,Red Hat Enterprise Linux 9.2 Extended Update Support,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8 Advanced Virtualization,Red Hat Openshift Virtualization 4",7.8,HIGH,0.0004400000034365803,false,false,false,false,,false,false,2024-07-02T16:15:00.000Z,0
CVE-2024-5953,https://securityvulnerability.io/vulnerability/CVE-2024-5953,Denial of Service Vulnerability in 389-ds-base LDAP Server,A denial of service vulnerability was found in the 389-ds-base LDAP server. This issue may allow an authenticated user to cause a server denial of service while attempting to log in with a user with a malformed hash in their password.,Red Hat,"Red Hat Directory Server 11.7 For Rhel 8,Red Hat Directory Server 11.9 For Rhel 8,Red Hat Directory Server 12.2 Eus For Rhel 9,Red Hat Directory Server 12.4 For Rhel 9,Red Hat Enterprise Linux 7 Extended Lifecycle Support,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8.8 Extended Update Support,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9.2 Extended Update Support,Red Hat Enterprise Linux 6",5.7,MEDIUM,0.0004400000034365803,false,false,false,false,,false,false,2024-06-18T10:01:56.714Z,0
CVE-2024-3183,https://securityvulnerability.io/vulnerability/CVE-2024-3183,FreeIPA Vulnerability Allows Brute Force Attacks on Principal Passwords,"A vulnerability exists in FreeIPA related to the Kerberos ticket-granting service (TGS) request encryption method used during the authentication process. The issue arises when a TGS-REQ is encrypted with the client's session key, while the contained ticket relies on the target principal key for encryption. This situation exposes user principals to potential compromise, as the target key is derived from a password hash combined with a public, randomly-generated salt. If an attacker manages to compromise any principal, they can potentially decrypt tickets intended for other principals. This opens the door for brute-force attacks, allowing the acquisition of valid credentials by testing character strings against the encrypted tickets and salts offline.",Red Hat,"Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8.2 Advanced Update Support,Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support,Red Hat Enterprise Linux 8.4 Telecommunications Update Service,Red Hat Enterprise Linux 8.4 Update Services For SAP Solutions,Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support,Red Hat Enterprise Linux 8.6 Telecommunications Update Service,Red Hat Enterprise Linux 8.6 Update Services For SAP Solutions,Red Hat Enterprise Linux 8.8 Extended Update Support,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9.0 Extended Update Support,Red Hat Enterprise Linux 9.2 Extended Update Support",8.1,HIGH,0.0010499999625608325,false,false,false,true,true,false,false,2024-06-12T08:18:51.691Z,0
CVE-2024-2698,https://securityvulnerability.io/vulnerability/CVE-2024-2698,Missing condition for granting 'forwardable' flag on S4U2Self tickets,"A flaw exists in FreeIPA concerning the initial implementation of MS-SFU by MIT Kerberos, where the condition for granting the 'forwardable' flag was overlooked in S4U2Self tickets. This flaw necessitated an adjustment in the check_allowed_to_delegate() function: a NULL target service argument indicates that the KDC is investigating general constrained delegation rules instead of a specific S4U2Proxy request. In FreeIPA version 4.11.0, the ipadb_match_acl() functionality was modified to reflect changes from upstream MIT Kerberos 1.20. Nonetheless, an oversight caused this mechanism to apply improperly, allowing S4U2Proxy requests to be granted regardless of the existence of a corresponding service delegation rule.",Red Hat,"Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8.8 Extended Update Support,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9.2 Extended Update Support,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7",8.8,HIGH,0.0005600000149570405,false,false,false,false,,false,false,2024-06-12T08:03:49.013Z,0
CVE-2023-4727,https://securityvulnerability.io/vulnerability/CVE-2023-4727,Ldap Injection Vulnerability in dogtag-pki and pki-core Could Lead to Privilege Escalation,"A vulnerability exists within Red Hat's Dogtag PKI and pki-core products, where an attacker can exploit a flaw in the token authentication mechanism through an LDAP injection. By manipulating the query string parameter 'sessionID=*', the attacker may authenticate using an existing session stored in the LDAP directory server. This could potentially allow unauthorized access and lead to an escalation of privileges, compromising the integrity of the system and sensitive information.",Red Hat,"Red Hat Certificate System 10.4 Eus For Rhel-8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support,Red Hat Enterprise Linux 8.4 Telecommunications Update Service,Red Hat Enterprise Linux 8.4 Update Services For SAP Solutions,Red Hat Enterprise Linux 8.8 Extended Update Support,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9.2 Extended Update Support,Red Hat Certificate System 10,Red Hat Enterprise Linux 6",7.5,HIGH,0.0004400000034365803,false,false,false,false,,false,false,2024-06-11T19:30:25.613Z,0
CVE-2024-3657,https://securityvulnerability.io/vulnerability/CVE-2024-3657,LDAP Query Flaw Leads to Denial of Service on 389-ds-base Directory Server,"A vulnerability exists in the 389-ds-base software, where an attacker can exploit a specially-crafted Lightweight Directory Access Protocol (LDAP) query. This exploitation can lead to a failure of the directory server, resulting in a denial of service (DoS). The flaw presents a significant risk for users relying on the directory service for critical operations and could disrupt network communications. It is crucial for organizations using this product to monitor their systems and apply necessary patches to mitigate the risk.",Red Hat,"Red Hat Directory Server 11.7 For Rhel 8,Red Hat Directory Server 11.8 For Rhel 8,Red Hat Directory Server 11.9 For Rhel 8,Red Hat Directory Server 12.2 Eus For Rhel 9,Red Hat Directory Server 12.4 For Rhel 9,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8.8 Extended Update Support,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9.2 Extended Update Support,Red Hat Enterprise Linux 6",7.5,HIGH,0.00044999999227002263,false,false,false,false,,false,false,2024-05-28T12:53:03.399Z,0
CVE-2023-3758,https://securityvulnerability.io/vulnerability/CVE-2023-3758,Race Condition Flaw in SSSD May Lead to Inconsistent Authorization,"A race condition flaw exists within the System Security Services Daemon (SSSD) that affects the consistent application of Group Policy Object (GPO) policies for authenticated users. This vulnerability may result in improper authorization, which can lead to unintended access to sensitive resources or restrictions where access should be granted, compromising the integrity of access control mechanisms within the affected systems.",Red Hat,"Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8.6 Extended Update Support,Red Hat Enterprise Linux 8.8 Extended Update Support,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9.0 Extended Update Support,Red Hat Enterprise Linux 9.2 Extended Update Support,Red Hat Virtualization 4 For Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7",7.1,HIGH,0.0004400000034365803,false,false,false,false,,false,false,2024-04-18T19:06:44.216Z,0
CVE-2024-31083,https://securityvulnerability.io/vulnerability/CVE-2024-31083,Xorg-x11-server: use-after-free in procrenderaddglyphs,"A vulnerability has been identified in the ProcRenderAddGlyphs() function of Xorg servers, which stems from improper handling of glyphs during message processing. When AllocateGlyph() is invoked to manage new glyphs sent from clients to the X server, it results in multiple pointers pointing to non-refcounted glyphs. This mismanagement can lead to scenarios where ProcRenderAddGlyphs() unintentionally frees a glyph still in use, causing a potential use-after-free condition. An authenticated user may exploit this flaw by crafting specific requests, thereby enabling them to execute arbitrary code on affected systems.",Red Hat,"Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8.2 Advanced Update Support,Red Hat Enterprise Linux 8.2 Telecommunications Update Service,Red Hat Enterprise Linux 8.2 Update Services For SAP Solutions,Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support,Red Hat Enterprise Linux 8.4 Telecommunications Update Service,Red Hat Enterprise Linux 8.4 Update Services For SAP Solutions,Red Hat Enterprise Linux 8.6 Extended Update Support,Red Hat Enterprise Linux 8.8 Extended Update Support,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9.0 Extended Update Support,Red Hat Enterprise Linux 9.2 Extended Update Support,Red Hat Enterprise Linux 6",7.8,HIGH,0.0004400000034365803,false,false,false,false,,false,false,2024-04-05T12:15:00.000Z,0
CVE-2024-31081,https://securityvulnerability.io/vulnerability/CVE-2024-31081,Xorg-x11-server: heap buffer overread/data leakage in procxipassivegrabdevice,"A heap-based buffer over-read vulnerability exists in the X.org server's ProcXIPassiveGrabDevice() function. This vulnerability arises when byte-swapped length values are utilized in replies, which can create memory leakage scenarios and lead to segmentation faults. Specifically, this issue may be triggered by clients operating with differing endianness, allowing an attacker to exploit the X server's ability to read heap memory values and subsequently transmit them back to the client, potentially leading to a crash when an unmapped page is accessed. Although the attacker cannot dictate the precise memory content copied into the replies, small length values, typically represented as 32-bit integers, can prompt significant out-of-bounds read attempts.",Red Hat,"Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8.2 Advanced Update Support,Red Hat Enterprise Linux 8.2 Telecommunications Update Service,Red Hat Enterprise Linux 8.2 Update Services For SAP Solutions,Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support,Red Hat Enterprise Linux 8.4 Telecommunications Update Service,Red Hat Enterprise Linux 8.4 Update Services For SAP Solutions,Red Hat Enterprise Linux 8.6 Extended Update Support,Red Hat Enterprise Linux 8.8 Extended Update Support,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9.0 Extended Update Support,Red Hat Enterprise Linux 9.2 Extended Update Support,Red Hat Enterprise Linux 6",7.3,HIGH,0.0004600000102072954,false,false,false,false,,false,false,2024-04-04T14:15:00.000Z,0
CVE-2024-31080,https://securityvulnerability.io/vulnerability/CVE-2024-31080,Xorg-x11-server: heap buffer overread/data leakage in procxigetselectedevents,"A vulnerability exists within the X.org server's ProcXIGetSelectedEvents() function due to a heap-based buffer over-read caused by improper handling of byte-swapped length values in replies. This issue can lead to unintended memory leakage and potential segmentation faults, especially when a malicious client with a different endianness triggers the condition. Although attackers cannot control the exact memory content being read, they can exploit this flaw to initiate out-of-bounds reads, causing the X server to access and potentially transmit sensitive heap memory values back to the client. This scenario may ultimately lead to a crash due to accessing unmapped memory pages.",Red Hat,"Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8.2 Advanced Update Support,Red Hat Enterprise Linux 8.2 Telecommunications Update Service,Red Hat Enterprise Linux 8.2 Update Services For SAP Solutions,Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support,Red Hat Enterprise Linux 8.4 Telecommunications Update Service,Red Hat Enterprise Linux 8.4 Update Services For SAP Solutions,Red Hat Enterprise Linux 8.6 Extended Update Support,Red Hat Enterprise Linux 8.8 Extended Update Support,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9.0 Extended Update Support,Red Hat Enterprise Linux 9.2 Extended Update Support,Red Hat Enterprise Linux 6",7.3,HIGH,0.0004600000102072954,false,false,false,false,,false,false,2024-04-04T14:15:00.000Z,0
CVE-2024-3019,https://securityvulnerability.io/vulnerability/CVE-2024-3019,Default pmproxy configuration exposes Redis server backend to local network,"A notable flaw has been identified in the Performance Co-Pilot (PCP) system, primarily affecting versions 4.3.4 and higher. The default configuration of the pmproxy service presents a security risk by exposing the underlying Redis server backend to the local network. This exposure enables the potential for remote command execution with the privileges of the Redis user. The vulnerability is particularly concerning since it can be exploited only when the pmproxy service is actively running. By default, pmproxy is not initiated automatically and requires manual activation, typically carried out through the 'Metrics settings' page of the Cockpit web interface. System administrators are advised to review and adjust configurations to mitigate the associated risks.",Red Hat,"Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8.2 Advanced Update Support,Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support,Red Hat Enterprise Linux 8.4 Telecommunications Update Service,Red Hat Enterprise Linux 8.4 Update Services For SAP Solutions,Red Hat Enterprise Linux 8.6 Extended Update Support,Red Hat Enterprise Linux 8.8 Extended Update Support,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9.0 Extended Update Support,Red Hat Enterprise Linux 9.2 Extended Update Support,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7",8.8,HIGH,0.0004400000034365803,false,false,false,false,,false,false,2024-03-28T18:32:43.298Z,0
CVE-2024-28834,https://securityvulnerability.io/vulnerability/CVE-2024-28834,GnuTLS Vulnerability Exposes Timing Side-Channel,"A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In specific scenarios, such as when using the GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE flag, it can result in a noticeable step in nonce size from 513 to 512 bits, exposing a potential timing side-channel.",Red Hat,"Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8.6 Extended Update Support,Red Hat Enterprise Linux 8.8 Extended Update Support,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9.2 Extended Update Support,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7",5.3,MEDIUM,0.0004400000034365803,false,false,false,false,,false,false,2024-03-21T13:29:11.532Z,0
CVE-2024-1753,https://securityvulnerability.io/vulnerability/CVE-2024-1753,Container Escape Vulnerability in Podman Build and Buildah,"A flaw exists within Buildah and Podman that permits containers to mount arbitrary locations from the host filesystem into build containers. This vulnerability can be exploited by utilizing a malicious Containerfile, where a deceptive image with a symbolic link to the root filesystem serves as the mount source. Such an operation can lead to the host's root filesystem being mounted inside the RUN step of the container build process, allowing full read-write access to the host filesystem during execution. This significant risk underscores the potential for complete container escape at build time, representing a serious threat to security and requiring immediate attention.",Red Hat,"Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8.6 Extended Update Support,Red Hat Enterprise Linux 8.8 Extended Update Support,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9.0 Extended Update Support,Red Hat Enterprise Linux 9.2 Extended Update Support,Red Hat Openshift Container Platform 4.12,Red Hat Openshift Container Platform 4.13,Red Hat Openshift Container Platform 4.14,Red Hat Openshift Container Platform 4.15,Red Hat Enterprise Linux 7,Red Hat Openshift Container Platform 3.11",8.6,HIGH,0.0004400000034365803,false,true,false,false,,false,false,2024-03-18T14:23:44.213Z,0
CVE-2024-21886,https://securityvulnerability.io/vulnerability/CVE-2024-21886,Heap Buffer Overflow Flaw in X.Org Server Could Lead to Application Crash or Remote Code Execution,"A heap buffer overflow flaw was found in the DisableDevice function in the X.Org server. This issue may lead to an application crash or, in some circumstances, remote code execution in SSH X11 forwarding environments.",Red Hat,"Xorg-server,Xwayland,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8.2 Advanced Update Support,Red Hat Enterprise Linux 8.2 Telecommunications Update Service,Red Hat Enterprise Linux 8.2 Update Services For SAP Solutions,Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support,Red Hat Enterprise Linux 8.4 Telecommunications Update Service,Red Hat Enterprise Linux 8.4 Update Services For SAP Solutions,Red Hat Enterprise Linux 8.6 Extended Update Support,Red Hat Enterprise Linux 8.8 Extended Update Support,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9.0 Extended Update Support,Red Hat Enterprise Linux 9.2 Extended Update Support,Red Hat Enterprise Linux 6,Fedora",,,0.0004400000034365803,false,false,false,false,,false,false,2024-02-28T12:13:12.555Z,0
CVE-2024-21885,https://securityvulnerability.io/vulnerability/CVE-2024-21885,Heap Buffer Overflow Vulnerability in X.Org Server,"A flaw has been identified in the X.Org Server affecting the XISendDeviceHierarchyEvent function, which handles new device IDs. This flaw allows for the potential exceeding of allocated array lengths within the xXIHierarchyInfo struct, leading to a heap buffer overflow condition. Such overflow can result in critical issues like application crashes or the execution of arbitrary code within SSH X11 forwarding environments, posing significant security risks to affected systems.",Red Hat,"Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8.2 Advanced Update Support,Red Hat Enterprise Linux 8.2 Telecommunications Update Service,Red Hat Enterprise Linux 8.2 Update Services For SAP Solutions,Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support,Red Hat Enterprise Linux 8.4 Telecommunications Update Service,Red Hat Enterprise Linux 8.4 Update Services For SAP Solutions,Red Hat Enterprise Linux 8.6 Extended Update Support,Red Hat Enterprise Linux 8.8 Extended Update Support,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9.0 Extended Update Support,Red Hat Enterprise Linux 9.2 Extended Update Support,Red Hat Enterprise Linux 6",7.8,HIGH,0.0004400000034365803,false,false,false,false,,false,false,2024-02-28T12:11:59.650Z,0
CVE-2024-1488,https://securityvulnerability.io/vulnerability/CVE-2024-1488,Unbound Vulnerability Allows Attackers to Manipulate Resolver Configuration,"A security vulnerability has been identified in Unbound, primarily stemming from incorrect default permissions settings. This flaw allows any process outside the designated unbound group to alter the unbound runtime configuration. If an attacker can connect to the localhost on port 8953, they gain the ability to modify the configuration of the unbound service. Such manipulation can lead to unauthorized tracking of all queries dispatched from the local resolver and may also disrupt the resolution process entirely, posing significant risks to system integrity and data confidentiality.",Red Hat,"Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8.2 Advanced Update Support,Red Hat Enterprise Linux 8.2 Telecommunications Update Service,Red Hat Enterprise Linux 8.2 Update Services For SAP Solutions,Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support,Red Hat Enterprise Linux 8.4 Telecommunications Update Service,Red Hat Enterprise Linux 8.4 Update Services For SAP Solutions,Red Hat Enterprise Linux 8.6 Extended Update Support,Red Hat Enterprise Linux 8.8 Extended Update Support,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9.0 Extended Update Support,Red Hat Enterprise Linux 9.2 Extended Update Support,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7",8,HIGH,0.0004400000034365803,false,false,false,false,,false,false,2024-02-15T05:04:13.994Z,0
CVE-2024-1062,https://securityvulnerability.io/vulnerability/CVE-2024-1062,Heap Overflow Flaw Leads to Denial of Service in 389-ds-base,A heap overflow flaw was found in 389-ds-base. This issue leads to a denial of service when writing a value larger than 256 chars in log_entry_attr.,Red Hat,"Red Hat Directory Server 11.7 For Rhel 8,Red Hat Directory Server 11.8 For Rhel 8,Red Hat Directory Server 12.2 Eus For Rhel 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8.6 Extended Update Support,Red Hat Enterprise Linux 8.8 Extended Update Support,Red Hat Enterprise Linux 9.2 Extended Update Support,Red Hat Directory Server 12,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 9",5.5,MEDIUM,0.0004600000102072954,false,false,false,false,,false,false,2024-02-12T13:04:39.944Z,0
CVE-2024-0229,https://securityvulnerability.io/vulnerability/CVE-2024-0229,"X.Org Server Vulnerability Could Lead to Application Crash, Privilege Escalation, or Remote Code Execution","The vulnerability arises from an out-of-bounds memory access flaw present in the X.Org server, a software that handles graphical displays in Unix-like operating systems. This flaw is triggered when a device that has been 'frozen' by a sync grab is subsequently reattached to a new master device, creating a condition where improper memory access can occur. Exploitation of this vulnerability may lead to application crashes, and in scenarios where the server operates with elevated privileges, it could enable local privilege escalation. Additionally, in environments that utilize SSH X11 forwarding, this defect poses a risk of remote code execution, presenting significant security challenges for users relying on this system.",Red Hat,"xorg-server,xwayland,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8.2 Advanced Update Support,Red Hat Enterprise Linux 8.2 Telecommunications Update Service,Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions,Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support,Red Hat Enterprise Linux 8.4 Telecommunications Update Service,Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions,Red Hat Enterprise Linux 8.6 Extended Update Support,Red Hat Enterprise Linux 8.8 Extended Update Support,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9.0 Extended Update Support,Red Hat Enterprise Linux 9.2 Extended Update Support,Red Hat Enterprise Linux 6,Fedora",7.8,HIGH,0.0012499999720603228,false,false,false,false,,false,false,2024-02-09T06:29:51.542Z,0
CVE-2023-6536,https://securityvulnerability.io/vulnerability/CVE-2023-6536,Linux Kernel NVMe Driver Vulnerability Leads to Kernel Panic and Denial of Service,"A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service.",Red Hat,"Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8.6 Extended Update Support,Red Hat Enterprise Linux 8.8 Extended Update Support,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9.2 Extended Update Support,Red Hat Virtualization 4 For Red Hat Enterprise Linux 8,Rhol-5.8-rhel-9,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7",6.5,MEDIUM,0.0014600000577047467,false,false,false,false,,false,false,2024-02-07T21:05:13.716Z,0
CVE-2023-6535,https://securityvulnerability.io/vulnerability/CVE-2023-6535,Linux Kernel NVMe Driver Vulnerability Leads to Kernel Panic and Denial of Service,"A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service.",Red Hat,"Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8.6 Extended Update Support,Red Hat Enterprise Linux 8.8 Extended Update Support,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9.2 Extended Update Support,Red Hat Virtualization 4 For Red Hat Enterprise Linux 8,Rhol-5.8-rhel-9,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7",6.5,MEDIUM,0.001180000021122396,false,false,false,false,,false,false,2024-02-07T21:04:21.409Z,0
CVE-2023-6356,https://securityvulnerability.io/vulnerability/CVE-2023-6356,Linux Kernel NVMe Driver Vulnerability Could Lead to Kernel Panic and Denial of Service,"A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver and causing kernel panic and a denial of service.",Red Hat,"Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8.6 Extended Update Support,Red Hat Enterprise Linux 8.8 Extended Update Support,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9.2 Extended Update Support,Red Hat Virtualization 4 For Red Hat Enterprise Linux 8,Rhol-5.8-rhel-9,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7",6.5,MEDIUM,0.0014600000577047467,false,false,false,false,,false,false,2024-02-07T21:04:20.684Z,0
CVE-2024-0914,https://securityvulnerability.io/vulnerability/CVE-2024-0914,Opencryptoki: timing side-channel in handling of rsa pkcs#1 v1.5 padded ciphertexts (marvin),"A timing side-channel vulnerability has been discovered in the opencryptoki package while processing RSA PKCS#1 v1.5 padded ciphertexts. This flaw could potentially enable unauthorized RSA ciphertext decryption or signing, even without access to the corresponding private key.",Red Hat,"Opencryptoki,Red Hat Enterprise Linux 8.8 Extended Update Support,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Fedora",5.9,MEDIUM,0.0011099999537691474,false,false,false,false,,false,false,2024-01-31T04:53:28.508Z,0