📦 Enterprise Linux

Keylime versions 7.12.0 and later have a critical authentication bypass vulnerability where the registrar fails to enforce client-side TLS certificate authentication. This allows unauthenticated netwo...

This vulnerability in Sudo allows local users to escalate privileges to root by exploiting the --chroot option to load a malicious /etc/nsswitch.conf file from a user-controlled directory. It affects ...

CVE-2023-46846 is an HTTP request smuggling vulnerability in Squid proxy due to lenient chunked decoder handling. It allows attackers to bypass security controls like firewalls and frontend systems by...

CVE-2023-34152 is a critical remote code execution vulnerability in ImageMagick's OpenBlob function when compiled with --enable-pipes configuration. Attackers can exploit this by processing malicious ...

CVE-2022-30599 is a critical SQL injection vulnerability in Moodle's badges functionality that allows attackers to execute arbitrary SQL commands. This affects all Moodle instances with badges enabled...

An out-of-bounds read vulnerability in PCRE2 library's JIT compiler allows reading memory beyond allocated buffers during recursive regular expression processing. This affects any software using PCRE2...

CVE-2021-20325 is a Red Hat-specific security regression where fixes for CVE-2021-40438 and CVE-2021-26691 were missing in httpd packages shipped with RHEL 8.5.0, making systems vulnerable to those CV...

This vulnerability in mbsync allows remote attackers to execute arbitrary code by exploiting buffer overflows when processing extremely large IMAP literals. Affected users are those running mbsync ver...

A netfilter flaw allows network-connected attackers to infer OpenVPN connection endpoint information by analyzing network traffic patterns. This affects Linux systems running OpenVPN with netfilter en...

A stack buffer overflow vulnerability in libspf2 versions below 1.2.11 allows attackers to cause denial of service or potentially execute arbitrary code by sending malicious SPF explanation messages. ...

A stack buffer overflow vulnerability in ZeroMQ servers before version 4.3.3 allows malicious clients to execute arbitrary code or crash the server by sending crafted topic subscription requests follo...

A heap-based buffer overflow vulnerability in libwebp's GetLE16() function allows attackers to execute arbitrary code or cause denial of service. This affects any application that processes WebP image...

A heap-based buffer overflow vulnerability in libwebp's PutLE16() function allows attackers to execute arbitrary code or cause denial of service. This affects any application that processes WebP image...

A heap-based buffer overflow vulnerability in libwebp's GetLE24() function allows attackers to execute arbitrary code or cause denial of service by processing malicious WebP images. This affects any a...

CVE-2018-25014 is a use-after-free vulnerability in libwebp's ReadSymbol() function that allows attackers to execute arbitrary code or cause denial of service. This affects any application using libwe...

CVE-2020-36329 is a use-after-free vulnerability in libwebp that allows attackers to execute arbitrary code or cause denial of service. This affects any application using vulnerable versions of libweb...

CVE-2020-36330 is an out-of-bounds read vulnerability in libwebp versions before 1.0.1, allowing attackers to read sensitive memory data or cause denial-of-service. It affects systems using libwebp fo...

CVE-2021-3466 is a buffer overflow vulnerability in libmicrohttpd's post_process_urlencoded function due to missing bounds checking. This allows remote attackers to write arbitrary data to memory, pot...

This CVE-2021-20231 is a critical use-after-free vulnerability in GnuTLS that occurs when a client sends a key_share extension, potentially leading to memory corruption. Attackers could exploit this t...

CVE-2020-27846 is a signature verification vulnerability in the crewjam/saml library that allows attackers to bypass SAML authentication. This affects any application using vulnerable versions of this...

A local privilege escalation vulnerability in udisks allows unprivileged users to trigger the root-owned daemon to overwrite LUKS encryption headers. This permanently destroys encryption keys, renderi...

This vulnerability in Undertow allows malicious clients to send malformed requests that trigger server-side stream resets without incrementing abuse counters. This 'MadeYouReset' attack enables denial...

A type confusion vulnerability in libxslt's psvi memory field allows attackers to crash applications or corrupt memory during XML transformations. This affects any software using vulnerable libxslt ve...

This vulnerability in libssh allows an authenticated remote attacker to trigger an out-of-bounds read in the sftp_handle function, potentially exposing sensitive memory contents or affecting service b...

This CVE describes an integer overflow vulnerability in libxml2's xmlBuildQName function that can cause stack-based buffer overflow when processing malicious XML input. This vulnerability affects any ...

This CVE describes an integer overflow vulnerability in libarchive's RAR handling function that leads to a double-free condition. Attackers can exploit this to execute arbitrary code or cause denial-o...

A buffer overflow vulnerability in xfig's bezier_spline function allows local attackers to execute arbitrary code by manipulating input. This affects systems running vulnerable versions of xfig, prima...

CVE-2025-3155 is a vulnerability in Yelp (the GNOME help application) that allows malicious help documents to execute arbitrary scripts. This could enable attackers to exfiltrate user files to externa...

CVE-2025-2784 is a heap buffer over-read vulnerability in libsoup's skip_insight_whitespace() function. When processing a malicious HTTP response, libsoup clients can read one byte beyond allocated me...

A heap-based buffer overflow vulnerability in grub2's squash4 filesystem module allows attackers to execute arbitrary code by crafting malicious filesystems. This affects systems using grub2 with squa...

This vulnerability in the HFS filesystem driver allows attackers to trigger a heap-based buffer overflow by providing a specially crafted volume name. This could lead to arbitrary code execution in GR...

A use-after-free vulnerability in X.Org and Xwayland allows attackers to potentially execute arbitrary code or cause denial of service when a device is removed while frozen. This affects systems using...

A use-after-free vulnerability in X.Org and Xwayland allows attackers to potentially execute arbitrary code or cause denial of service. This affects systems using X11 display servers or Wayland compos...

This CVE describes an uninitialized pointer vulnerability in X.Org and Xwayland display servers. When compCheckRedirect() fails to allocate a backing pixmap, compRedirectWindow() returns a BadAlloc er...

A use-after-free vulnerability in X.Org and Xwayland allows attackers to potentially crash the X server or execute arbitrary code by freeing the root cursor. This affects systems running X.Org Server ...

A stack-based buffer overflow vulnerability in X.Org and Xwayland allows attackers to execute arbitrary code or cause denial of service. This affects systems using X Window System or Wayland with Xway...

A heap buffer overflow vulnerability in X.Org and Xwayland allows attackers to write beyond allocated memory boundaries. This affects systems using X11 display servers or Xwayland for Wayland compatib...

A buffer overflow vulnerability in X.Org and Xwayland allows attackers to execute arbitrary code or cause denial of service by exploiting improper memory handling in keyboard symbol table resizing. Th...

This CVE describes an out-of-bounds write vulnerability in X.Org and Xwayland where the GetBarrierDevice() function incorrectly returns the last element of a device list instead of NULL when no matchi...

This vulnerability in rsync allows attackers to leak uninitialized stack memory one byte at a time by manipulating checksum length during file comparison. It affects systems using vulnerable rsync ver...

This vulnerability in Buildah allows attackers to bypass path validation in cache mounts, enabling arbitrary host directory access during container builds. Users running Buildah with untrusted Contain...

A buffer overflow vulnerability exists in FRRouting (FRR) BGP daemon where bgp_attr_encap function fails to validate stream length before processing TLV values. This allows attackers to cause denial o...

This vulnerability in Podman allows attackers to create malicious containers that exhaust system memory through IPC resource exhaustion. When containers share IPC namespaces, a malicious container can...

A vulnerability in Poppler's Pdfinfo utility allows attackers to cause denial of service by crashing the application when using the -dests parameter with specially crafted PDF files. This affects syst...

This FreeIPA vulnerability allows attackers who compromise a principal to obtain encrypted Kerberos tickets and salts, enabling offline brute-force attacks to recover passwords. It affects FreeIPA dep...

A race condition in SSSD (System Security Services Daemon) causes inconsistent application of Group Policy Object (GPO) policies for authenticated users. This can lead to improper authorization decisi...

A double-free vulnerability in libdwarf allows memory corruption when processing specially crafted DWARF debugging information files. This could lead to denial of service, arbitrary code execution, or...

This CVE allows any local process to modify Unbound DNS resolver's runtime configuration via port 8953 due to incorrect default permissions. Attackers can alter DNS forwarders to intercept or disrupt ...

CVE-2023-50387 (KeyTrap) is a DNSSEC protocol vulnerability that allows remote attackers to cause denial of service by exhausting CPU resources through specially crafted DNSSEC responses. The vulnerab...

This vulnerability in the X.Org server allows out-of-bounds memory access when a frozen device is reattached to a different master device. It can lead to application crashes, local privilege escalatio...

This vulnerability in m2crypto allows attackers to decrypt TLS communications that use RSA key exchanges, potentially exposing sensitive data transmitted over encrypted channels. It affects TLS server...

A use-after-free vulnerability in the Linux kernel's Unix domain socket garbage collector allows local attackers to potentially escalate privileges or cause denial of service. The race condition occur...

This vulnerability in X.Org server's cursor code allows memory corruption by using incorrect private types in Xephyr and Xwayland, potentially leading to privilege escalation or denial of service. It ...

This CVE describes an out-of-bounds memory write vulnerability in the Linux kernel's TLS implementation when using splice() with ktls sockets. A local attacker can exploit this to crash the system or ...

A use-after-free vulnerability in the Linux kernel's writeback subsystem allows attackers to potentially crash the system or execute arbitrary code with kernel privileges. This affects Linux systems w...

A use-after-free vulnerability in the Linux kernel's netfilter subsystem allows local unprivileged users with CAP_NET_ADMIN capability to escalate privileges. This flaw occurs when the catchall elemen...

This CVE describes a potential row hammer attack vulnerability in OpenSSH that could allow authentication bypass. An attacker with physical access to the same hardware could flip bits in memory to byp...

This CVE describes a race condition vulnerability in the Linux kernel's GSM 0710 tty multiplexor. It allows a local unprivileged user to trigger a use-after-free condition, potentially leading to priv...

This vulnerability in Perl allows an attacker to trigger a heap buffer overflow by providing a malicious regular expression. Systems running affected Perl versions (5.30.0 through 5.38.0) that process...

This CVE-2023-5869 vulnerability in PostgreSQL allows authenticated database users to execute arbitrary code on the server through an integer overflow when modifying SQL arrays. Attackers can write ar...

This vulnerability in GLib's GIO component allows heap buffer overflow and denial-of-service via integer overflow when processing malicious file attributes. Systems using GLib for file operations or r...

A buffer-underflow vulnerability in GLib's GVariant parser allows remote attackers to cause heap corruption by sending maliciously crafted input strings. This can lead to denial of service or potentia...

This CVE describes a heap-buffer-overflow vulnerability in GnuTLS's certtool utility when parsing template files. An attacker can trigger memory corruption leading to denial-of-service (system crash)....

A heap-buffer-overread vulnerability in GnuTLS allows attackers to create malicious certificates with malformed Certificate Transparency extensions that leak sensitive information during certificate v...

A vulnerability in libssh versions built with OpenSSL <3.0 causes the ssh_kdf() function to incorrectly report successful key derivation when it actually fails. This leads to uninitialized cryptograph...

This vulnerability in systemd-coredump allows attackers to exploit a race condition to access privileged process coredumps. By forcing a SUID process to crash and replacing it before systemd-coredump ...

A NULL pointer dereference vulnerability exists in fig2dev's genge_itp_spline function, allowing local attackers to cause denial of service through input manipulation. This affects systems running vul...

A stack overflow vulnerability in GRUB2's BFS filesystem parser allows an attacker to crash the bootloader by providing a specially crafted BFS filesystem. This affects systems using GRUB2 with BFS su...

This vulnerability in grub2 allows attackers to trigger an out-of-bounds write when processing language files, potentially overwriting sensitive heap data. This could lead to bypassing secure boot pro...

This OpenSSH vulnerability allows machine-in-the-middle attacks when VerifyHostKeyDNS is enabled. Attackers can impersonate legitimate servers by exploiting error code mishandling during host key veri...

This rsync vulnerability allows a malicious server to read arbitrary files from a client's machine during file transfer operations. Attackers can reconstruct file contents byte-by-byte by sending spec...

A path traversal vulnerability in rsync's --safe-links option allows attackers to write files outside intended directories when the client fails to properly verify nested symbolic links from the serve...

This vulnerability in mutt and neomutt email clients allows attackers to reuse signed but unencrypted email messages by manipulating the In-Reply-To header, enabling sender impersonation. It affects u...

A symlink traversal vulnerability in the containers/storage library used by Podman, Buildah, and CRI-O allows malicious container images to cause denial of service via OOM kill. Attackers can exploit ...

This vulnerability in Go's containers/common library allows attackers to exploit symbolic links when FIPS mode is enabled, potentially mounting sensitive host directories inside containers. This bypas...

A vulnerability in QEMU's USB endpoint handling allows unprivileged guest users to trigger an assertion failure, crashing the QEMU process on the host. This causes a denial of service affecting any ho...

A buffer handling vulnerability in OpenSC and related components allows attackers to access uninitialized memory via crafted USB devices or smart cards. This could lead to information disclosure or sy...

CVE-2024-6237 is a denial-of-service vulnerability in 389 Directory Server where an unauthenticated attacker can crash the server by sending a specific extended search request. This affects organizati...

A heap overflow vulnerability in QEMU's virtio-net device allows privileged guest users to crash the host QEMU process by manipulating RSS indirections_table values. This affects virtualization enviro...

This vulnerability in GNU Nano allows local privilege escalation through insecure temporary file handling. When Nano is killed during editing, it creates an emergency file with user permissions that a...

This vulnerability in Booth cluster ticket manager allows an attacker to bypass HMAC validation by providing a specially-crafted hash to gcry_md_get_algo_dlen(). This could enable unauthorized access ...

A race condition vulnerability in the Linux kernel's vmwgfx driver allows improper handling of GEM objects due to insufficient locking. This enables a local privileged user to leak kernel memory infor...

A memory corruption vulnerability in the Linux kernel's HID subsystem allows local attackers to crash the system or potentially escalate privileges by inserting a malicious USB device. This affects Li...