Home
Bugtraq
Full List
Only Bugs
Only Tricks
Only Exploits
Only Dorks
Only CVE
Only CWE
Fake Notes
Ranking
CVEMAP
Full List
Show Vendors
Show Products
CWE Dictionary
Check CVE Id
Check CWE Id
Search
Bugtraq
CVEMAP
By author
CVE Id
CWE Id
By vendors
By products
RSS
Bugtraq
CVEMAP
CVE Products
Bugs
Exploits
Dorks
More
cIFrex
Facebook
Twitter
Donate
About
Submit
Vulnerabilities for
'Enterprise linux'
2022-07-12
CVE-2022-2211
CWE-120
A vulnerability was found in libguestfs. This issue occurs while calculating the greatest possible number of matching keys in the get_keys() function. This flaw leads to a denial of service, either by mistake or malicious actor.
2022-07-06
CVE-2021-3697
CWE-787
A crafted JPEG image may lead the JPEG reader to underflow its data pointer, allowing user-controlled data to be written in heap. To a successful to be performed the attacker needs to perform some triage over the heap layout and craft an image with a malicious format and payload. This vulnerability can lead to data corruption and eventual code execution or secure boot circumvention. This flaw affects grub2 versions prior grub-2.12.
2022-06-21
CVE-2022-1665
NVD-CWE-Other
A set of pre-production kernel packages of Red Hat Enterprise Linux for IBM Power architecture can be booted by the grub in Secure Boot mode even though it shouldn't. These kernel builds don't have the secure boot lockdown patches applied to it and can bypass the secure boot validations, allowing the attacker to load another non-trusted code.
2022-06-09
CVE-2022-1998
CWE-416
A use after free in the Linux kernel File System notify functionality was found in the way user triggers copy_info_records_to_user() call to fail in copy_event_to_user(). A local user could use this flaw to crash the system or potentially escalate their privileges on the system.
2022-06-07
CVE-2022-1708
CWE-400
A vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyone with access to the Kube API. The ExecSync request runs commands in a container and logs the output of the command. This output is then read by CRI-O after command execution, and it is read in a manner where the entire file corresponding to the output of the command is read in. Thus, if the output of the command is large it is possible to exhaust the memory or the disk space of the node when CRI-O reads the output of the command. The highest threat from this vulnerability is system availability.
2022-06-02
CVE-2022-1462
CWE-362
An out-of-bounds read flaw was found in the Linux kernel�??s TeleTYpe subsystem. The issue occurs in how a user triggers a race condition using ioctls TIOCSPTLCK and TIOCGPTPEER and TIOCSTI and TCXONC with leakage of memory in the flush_to_ldisc function. This flaw allows a local user to crash the system or read unauthorized random data from memory.
CVE-2022-1652
CWE-416
Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a concurrency use-after-free flaw in the bad_flp_intr function. By executing a specially-crafted program, an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system.
2022-05-18
CVE-2022-30597
NVD-CWE-Other
A flaw was found in moodle where the description user field was not hidden when being set as a hidden user field.
CVE-2022-30598
NVD-CWE-noinfo
A flaw was found in moodle where global search results could include author information on some activities where a user may not otherwise have access to it.
CVE-2022-30599
CWE-89
A flaw was found in moodle where an SQL injection risk was identified in Badges code relating to configuring criteria.
Copyright
2023
, cxsecurity.com
Back to Top
Vulnerabilities for 'Enterprise linux' 