Filtered by vendor Redhat
Subscriptions
Filtered by product Enterprise Linux
Subscriptions
Total
15548 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-46665 | 3 Fedoraproject, Mariadb, Redhat | 4 Fedora, Mariadb, Enterprise Linux and 1 more | 2024-11-21 | 5.5 Medium |
| MariaDB through 10.5.9 allows a sql_parse.cc application crash because of incorrect used_tables expectations. | ||||
| CVE-2021-46664 | 3 Fedoraproject, Mariadb, Redhat | 4 Fedora, Mariadb, Enterprise Linux and 1 more | 2024-11-21 | 5.5 Medium |
| MariaDB through 10.5.9 allows an application crash in sub_select_postjoin_aggr for a NULL value of aggr. | ||||
| CVE-2021-46663 | 3 Fedoraproject, Mariadb, Redhat | 4 Fedora, Mariadb, Enterprise Linux and 1 more | 2024-11-21 | 5.5 Medium |
| MariaDB through 10.5.13 allows a ha_maria::extra application crash via certain SELECT statements. | ||||
| CVE-2021-46662 | 2 Mariadb, Redhat | 4 Mariadb, Enterprise Linux, Rhel Eus and 1 more | 2024-11-21 | 5.5 Medium |
| MariaDB through 10.5.9 allows a set_var.cc application crash via certain uses of an UPDATE statement in conjunction with a nested subquery. | ||||
| CVE-2021-46661 | 3 Fedoraproject, Mariadb, Redhat | 4 Fedora, Mariadb, Enterprise Linux and 1 more | 2024-11-21 | 5.5 Medium |
| MariaDB through 10.5.9 allows an application crash in find_field_in_tables and find_order_in_list via an unused common table expression (CTE). | ||||
| CVE-2021-46659 | 3 Fedoraproject, Mariadb, Redhat | 4 Fedora, Mariadb, Enterprise Linux and 1 more | 2024-11-21 | 5.5 Medium |
| MariaDB before 10.7.2 allows an application crash because it does not recognize that SELECT_LEX::nest_level is local to each VIEW. | ||||
| CVE-2021-46658 | 2 Mariadb, Redhat | 4 Mariadb, Enterprise Linux, Rhel Eus and 1 more | 2024-11-21 | 5.5 Medium |
| save_window_function_values in MariaDB before 10.6.3 allows an application crash because of incorrect handling of with_window_func=true for a subquery. | ||||
| CVE-2021-46657 | 2 Mariadb, Redhat | 4 Mariadb, Enterprise Linux, Rhel Eus and 1 more | 2024-11-21 | 5.5 Medium |
| get_sort_by_table in MariaDB before 10.6.2 allows an application crash via certain subquery uses of ORDER BY. | ||||
| CVE-2021-46195 | 2 Gnu, Redhat | 2 Gcc, Enterprise Linux | 2024-11-21 | 5.5 Medium |
| GCC v12.0 was discovered to contain an uncontrolled recursion via the component libiberty/rust-demangle.c. This vulnerability allows attackers to cause a Denial of Service (DoS) by consuming excessive CPU and memory resources. | ||||
| CVE-2021-45930 | 4 Debian, Fedoraproject, Qt and 1 more | 4 Debian Linux, Fedora, Qtsvg and 1 more | 2024-11-21 | 5.5 Medium |
| Qt SVG in Qt 5.0.0 through 5.15.2 and 6.0.0 through 6.2.1 has an out-of-bounds write in QtPrivate::QCommonArrayOps<QPainterPath::Element>::growAppend (called from QPainterPath::addPath and QPathClipper::intersect). | ||||
| CVE-2021-45486 | 3 Linux, Oracle, Redhat | 6 Linux Kernel, Communications Cloud Native Core Binding Support Function, Communications Cloud Native Core Network Exposure Function and 3 more | 2024-11-21 | 3.5 Low |
| In the IPv4 implementation in the Linux kernel before 5.12.4, net/ipv4/route.c has an information leak because the hash table is very small. | ||||
| CVE-2021-45485 | 4 Linux, Netapp, Oracle and 1 more | 46 Linux Kernel, Aff A400, Aff A400 Firmware and 43 more | 2024-11-21 | 7.5 High |
| In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn't properly consider that IPv6-based attackers can typically choose among many IPv6 source addresses. | ||||
| CVE-2021-45483 | 2 Redhat, Webkitgtk | 3 Enterprise Linux, Rhel Els, Webkitgtk | 2024-11-21 | 6.5 Medium |
| In WebKitGTK before 2.32.4, there is a use-after-free in WebCore::Frame::page, a different vulnerability than CVE-2021-30889. | ||||
| CVE-2021-45482 | 2 Redhat, Webkitgtk | 3 Enterprise Linux, Rhel Els, Webkitgtk | 2024-11-21 | 6.5 Medium |
| In WebKitGTK before 2.32.4, there is a use-after-free in WebCore::ContainerNode::firstChild, a different vulnerability than CVE-2021-30889. | ||||
| CVE-2021-45481 | 2 Redhat, Webkitgtk | 3 Enterprise Linux, Rhel Els, Webkitgtk | 2024-11-21 | 6.5 Medium |
| In WebKitGTK before 2.32.4, there is incorrect memory allocation in WebCore::ImageBufferCairoImageSurfaceBackend::create, leading to a segmentation violation and application crash, a different vulnerability than CVE-2021-30889. | ||||
| CVE-2021-45444 | 5 Apple, Debian, Fedoraproject and 2 more | 6 Mac Os X, Macos, Debian Linux and 3 more | 2024-11-21 | 7.8 High |
| In zsh before 5.8.1, an attacker can achieve code execution if they control a command output inside the prompt, as demonstrated by a %F argument. This occurs because of recursive PROMPT_SUBST expansion. | ||||
| CVE-2021-45417 | 5 Advanced Intrusion Detection Environment Project, Canonical, Debian and 2 more | 11 Advanced Intrusion Detection Environment, Ubuntu Linux, Debian Linux and 8 more | 2024-11-21 | 7.8 High |
| AIDE before 0.17.4 allows local users to obtain root privileges via crafted file metadata (such as XFS extended attributes or tmpfs ACLs), because of a heap-based buffer overflow. | ||||
| CVE-2021-45078 | 5 Debian, Fedoraproject, Gnu and 2 more | 5 Debian Linux, Fedora, Binutils and 2 more | 2024-11-21 | 7.8 High |
| stab_xcoff_builtin_type in stabs.c in GNU Binutils through 2.37 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write. NOTE: this issue exists because of an incorrect fix for CVE-2018-12699. | ||||
| CVE-2021-44964 | 2 Lua, Redhat | 3 Lua, Enterprise Linux, Rhel Eus | 2024-11-21 | 6.3 Medium |
| Use after free in garbage collector and finalizer of lgc.c in Lua interpreter 5.4.0~5.4.3 allows attackers to perform Sandbox Escape via a crafted script file. | ||||
| CVE-2021-44906 | 2 Redhat, Substack | 12 Enterprise Linux, Jboss Enterprise Application Platform, Jboss Enterprise Application Platform Eus and 9 more | 2024-11-21 | 9.8 Critical |
| Minimist <=1.2.5 is vulnerable to Prototype Pollution via file index.js, function setKey() (lines 69-95). | ||||