|
211
|
7.5
-
|
HIGH
Network
|
A flaw was found in the GNU C Library. A recent fix for CVE-2023-4806 introduced the potential for a memory leak, which may result in an application crash.
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2023-5156
|
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 17:41
2023-09-26
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212
|
5.9
-
|
MEDIUM
Network
|
A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS…
|
CWE-416
Use After Free
|
CVE-2023-4806
|
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux…
|
|
|
|
|
2024-11-21 17:36
2023-09-19
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213
|
6.5
-
|
MEDIUM
Network
|
A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger…
|
CWE-125
Out-of-bounds Read
|
CVE-2023-4527
|
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 17:35
2023-09-19
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214
|
5.6
-
|
MEDIUM
Local
|
A flaw was found in QEMU. The async nature of hot-unplug enables a race scenario where the net device backend is cleared before the virtio-net pci frontend has been unplugged. A malicious guest could…
|
CWE-362
Race Condition
|
CVE-2023-3301
|
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 17:16
2023-09-14
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215
|
5.6
-
|
MEDIUM
Local
|
A flaw was found in KVM AMD Secure Encrypted Virtualization (SEV) in the Linux kernel. A KVM guest using SEV-ES or SEV-SNP with multiple vCPUs can trigger a double fetch race condition vulnerability …
|
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2023-4155
|
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 17:34
2023-09-14
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
216
|
6.5
-
|
MEDIUM
Network
|
A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong exit condition may lead to an infinite loop when inflating an attacker controlled zlib buffer in the …
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2023-3255
|
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 17:16
2023-09-14
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
217
|
8.2
-
|
HIGH
Local
|
This CVE exists because of an incomplete fix for CVE-2021-3750. More specifically, the qemu-kvm package as released for Red Hat Enterprise Linux 9.1 via RHSA-2022:7967 included a version of qemu-kvm …
|
CWE-416
Use After Free
|
CVE-2023-2680
|
cpe:2.3:o:redhat:enterprise_linux:9.0:*
|
|
|
|
|
2024-11-21 16:59
2023-09-14
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218
|
5.9
-
|
MEDIUM
Network
|
A flaw was found in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo …
|
CWE-416
Use After Free
|
CVE-2023-4813
|
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 17:36
2023-09-13
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219
|
5.5
-
|
MEDIUM
Local
|
A memory leak flaw was found in nft_set_catchall_flush in net/netfilter/nf_tables_api.c in the Linux Kernel. This issue may allow a local attacker to cause double-deactivations of catchall elements, …
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2023-4569
|
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 17:35
2023-08-29
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220
|
6.5
-
|
MEDIUM
Adjacent
|
A flaw was found in the Keylime registrar that could allow a bypass of the challenge-response protocol during agent registration. This issue may allow an attacker to impersonate an agent and hide the…
|
NVD-CWE-noinfo
|
CVE-2023-38201
|
cpe:2.3:o:redhat:enterprise_linux:9.0:*
|
|
|
|
|
2024-11-21 17:13
2023-08-26
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|