U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 641 matching records.
Displaying matches 21 through 40.
Vuln ID Summary CVSS Severity
CVE-2023-38252

An out-of-bounds read flaw was found in w3m, in the Strnew_size function in Str.c. This issue may allow an attacker to cause a denial of service through a crafted HTML file.

Published: July 14, 2023; 2:15:10 PM -0400
V4.0:(not available)
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2023-3269

A vulnerability exists in the memory management subsystem of the Linux kernel. The lock handling for accessing and updating virtual memory areas (VMAs) is incorrect, leading to use-after-free problems. This issue can be successfully exploited to execute arbitrary kernel code, escalate containers, and gain root privileges.

Published: July 11, 2023; 8:15:10 AM -0400
V4.0:(not available)
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2023-34432

A heap buffer overflow vulnerability was found in sox, in the lsx_readbuf function at sox/src/formats_i.c:98:16. This flaw can lead to a denial of service, code execution, or information disclosure.

Published: July 10, 2023; 5:15:10 PM -0400
V4.0:(not available)
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2023-34318

A heap buffer overflow vulnerability was found in sox, in the startread function at sox/src/hcom.c:160:41. This flaw can lead to a denial of service, code execution, or information disclosure.

Published: July 10, 2023; 2:15:10 PM -0400
V4.0:(not available)
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2023-32627

A floating point exception vulnerability was found in sox, in the read_samples function at sox/src/voc.c:334:18. This flaw can lead to a denial of service.

Published: July 10, 2023; 2:15:10 PM -0400
V4.0:(not available)
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2023-26590

A floating point exception vulnerability was found in sox, in the lsx_aiffstartwrite function at sox/src/aiff.c:622:58. This flaw can lead to a denial of service.

Published: July 10, 2023; 2:15:10 PM -0400
V4.0:(not available)
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2023-32373

A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, Safari 16.5, iOS 16.5 and iPadOS 16.5. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

Published: June 23, 2023; 2:15:12 PM -0400
V4.0:(not available)
V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2023-2602

A vulnerability was found in the pthread_create() function in libcap. This issue may allow a malicious actor to use cause __real_pthread_create() to return an error, which can exhaust the process memory.

Published: June 06, 2023; 4:15:12 PM -0400
V4.0:(not available)
V3.1: 3.3 LOW
V2.0:(not available)
CVE-2023-34153

A vulnerability was found in ImageMagick. This security flaw causes a shell command injection vulnerability via video:vsync or video:pixel-format options in VIDEO encoding/decoding.

Published: May 30, 2023; 6:15:11 PM -0400
V4.0:(not available)
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2023-34152

A vulnerability was found in ImageMagick. This security flaw cause a remote code execution vulnerability in OpenBlob with --enable-pipes configured.

Published: May 30, 2023; 6:15:11 PM -0400
V4.0:(not available)
V3.1: 9.8 CRITICAL
V2.0:(not available)
CVE-2023-34151

A vulnerability was found in ImageMagick. This security flaw ouccers as an undefined behaviors of casting double to size_t in svg, mvg and other coders (recurring bugs of CVE-2022-32546).

Published: May 30, 2023; 6:15:11 PM -0400
V4.0:(not available)
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2023-1981

A vulnerability was found in the avahi library. This flaw allows an unprivileged user to make a dbus call, causing the avahi daemon to crash.

Published: May 26, 2023; 2:15:11 PM -0400
V4.0:(not available)
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2023-2513

A use-after-free vulnerability was found in the Linux kernel's ext4 filesystem in the way it handled the extra inode size for extended attributes. This flaw could allow a privileged local user to cause a system crash or other undefined behaviors.

Published: May 08, 2023; 5:15:11 PM -0400
V4.0:(not available)
V3.1: 6.7 MEDIUM
V2.0:(not available)
CVE-2021-3923

A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack information when issuing commands to the /dev/infiniband/rdma_cm device node. While this access is unlikely to leak sensitive user information, it can be further used to defeat existing kernel protection mechanisms.

Published: March 27, 2023; 5:15:09 PM -0400
V4.0:(not available)
V3.1: 2.3 LOW
V2.0:(not available)
CVE-2022-4285

An illegal memory access flaw was found in the binutils package. Parsing an ELF file containing corrupt symbol version information may result in a denial of service. This issue is the result of an incomplete fix for CVE-2020-16599.

Published: January 27, 2023; 1:15:15 PM -0500
V4.0:(not available)
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2022-4283

A vulnerability was found in X.Org. This security flaw occurs because the XkbCopyNames function left a dangling pointer to freed memory, resulting in out-of-bounds memory access on subsequent XkbGetKbdByName requests.. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions.

Published: December 14, 2022; 4:15:14 PM -0500
V4.0:(not available)
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2022-46344

A vulnerability was found in X.Org. This security flaw occurs because the handler for the XIChangeProperty request has a length-validation issues, resulting in out-of-bounds memory reads and potential information disclosure. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions.

Published: December 14, 2022; 4:15:13 PM -0500
V4.0:(not available)
V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2022-46343

A vulnerability was found in X.Org. This security flaw occurs because the handler for the ScreenSaverSetAttributes request may write to memory after it has been freed. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions.

Published: December 14, 2022; 4:15:13 PM -0500
V4.0:(not available)
V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2022-46342

A vulnerability was found in X.Org. This security flaw occurs because the handler for the XvdiSelectVideoNotify request may write to memory after it has been freed. This issue can lead to local privileges elevation on systems where the X se

Published: December 14, 2022; 4:15:13 PM -0500
V4.0:(not available)
V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2022-46341

A vulnerability was found in X.Org. This security flaw occurs because the handler for the XIPassiveUngrab request accesses out-of-bounds memory when invoked with a high keycode or button code. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions.

Published: December 14, 2022; 4:15:13 PM -0500
V4.0:(not available)
V3.1: 8.8 HIGH
V2.0:(not available)