Redhat Enterprise_linux_update_services_for_sap_solutions
25 CVEs affecting Redhat Enterprise_linux_update_services_for_sap_solutions. Latest disclosed: 2025-04-03. Critical: 1, High: 13.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2021-40438 | Critical | 9.0 | 2021-09-16 | A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4… |
CVE-2024-3183 | High | 8.1 | 2024-06-12 | A vulnerability was found in FreeIPA in a way when a Kerberos TGS-REQ is encrypted using the client’s session key. This key is different for each new session… |
CVE-2024-9675 | High | 7.8 | 2024-10-09 | A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a… |
CVE-2024-0229 | High | 7.8 | 2024-02-09 | An out-of-bounds memory access flaw was found in the X.Org server. This issue can be triggered when a device frozen by a sync grab is reattached to a different… |
CVE-2023-3972 | High | 7.8 | 2023-11-01 | A vulnerability was found in insights-client. This security issue occurs because of insecure file operations or unsafe handling of temporary files and director… |
CVE-2023-4911 | High | 7.8 | 2023-10-03 | A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a… |
CVE-2023-3899 | High | 7.8 | 2023-08-23 | A vulnerability was found in subscription-manager that allows local privilege escalation due to inadequate authorization. The D-Bus interface com.redhat.RHSM1… |
CVE-2019-0211 | High | 7.8 | 2019-04-08 | In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including… |
CVE-2025-1756 | High | 7.5 | 2025-02-27 | mongosh may be susceptible to local privilege escalation under certain conditions potentially enabling unauthorized actions on a user's system with elevated pr… |
CVE-2025-1755 | High | 7.5 | 2025-02-27 | MongoDB Compass may be susceptible to local privilege escalation under certain conditions potentially enabling unauthorized actions on a user's system with ele… |
CVE-2024-12085 | High | 7.5 | 2025-01-14 | A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length… |
CVE-2025-3155 | High | 7.4 | 2025-04-03 | A flaw was found in Yelp. The Gnome user help application allows the help document to execute arbitrary scripts. This vulnerability allows malicious users to i… |
CVE-2023-3758 | High | 7.1 | 2024-04-18 | A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper authorization issue… |
CVE-2025-2784 | High | 7.0 | 2025-04-03 | A flaw was found in libsoup. The package is vulnerable to a heap buffer over-read when sniffing content via the skip_insight_whitespace() function. Libsoup cli… |
CVE-2020-14355 | Medium | 6.6 | 2020-10-07 | Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system, before spice-0.14.2-1. Both the SPIC… |
CVE-2024-12088 | Medium | 6.5 | 2025-01-14 | A flaw was found in rsync. When using the `--safe-links` option, the rsync client fails to properly verify if a symbolic link destination sent from the server… |
CVE-2024-12087 | Medium | 6.5 | 2025-01-14 | A path traversal vulnerability exists in rsync. It stems from behavior enabled by the `--inc-recursive` option, a default-enabled option for many client option… |
CVE-2022-24809 | Medium | 6.5 | 2024-04-16 | net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-only credentials can use a malform… |
CVE-2022-24808 | Medium | 6.5 | 2024-04-16 | net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can use a malfor… |
CVE-2022-24807 | Medium | 6.5 | 2024-04-16 | net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a malformed OID in a SET request to `SNMP-VIEW-BASE… |