Redhat Enterprise Linux For Power Big Endian — known CVE vulnerabilities
Every CVE whose affected-product data names Redhat Enterprise Linux For Power Big Endian, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVE-2015-5165 — CVSS 9.3 (critical): The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers…
CVE-2023-5869 — CVSS 8.8 (high): A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during…
CVE-2021-44142 — CVSS 8.8 (high): The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide "...enhanced compatibility with Apple SMB clients and…
CVE-2021-3656 — CVSS 8.8 (high): A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine…
CVE-2016-2818 — CVSS 8.8 (high): Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow remote…
CVE-2020-25717 — CVSS 8.1 (high): A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible…
CVE-2016-9675 — CVSS 7.8 (high): openjpeg: A heap-based buffer overflow flaw was found in the patch for CVE-2013-6045. A crafted j2k image could cause the application to…
CVE-2022-0330 — CVSS 7.8 (high): A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code…
CVE-2023-0494 — CVSS 7.8 (high): A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by…
CVE-2023-3899 — CVSS 7.8 (high): A vulnerability was found in subscription-manager that allows local privilege escalation due to inadequate authorization. The D-Bus…
CVE-2023-3972 — CVSS 7.8 (high): A vulnerability was found in insights-client. This security issue occurs because of insecure file operations or unsafe handling of…
CVE-2023-5367 — CVSS 7.8 (high): A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset when…
CVE-2024-0409 — CVSS 7.8 (high): A flaw was found in the X.Org server. The cursor code in both Xephyr and Xwayland uses the wrong type of private at creation. It uses the…
CVE-2018-16881 — CVSS 7.5 (high): A denial of service vulnerability was found in rsyslog in the imptcp module. An attacker could send a specially crafted message to the…
CVE-2012-2665 — CVSS 7.5 (high): Multiple heap-based buffer overflows in the XML manifest encryption tag parsing functionality in OpenOffice.org and LibreOffice before…
CVE-2015-3405 — CVSS 7.5 (high): ntp-keygen in ntp 4.2.8px before 4.2.8p2-RC2 and 4.3.x before 4.3.12 does not generate MD5 keys with sufficient entropy on big endian…
CVE-2021-4091 — CVSS 7.5 (high): A double-free was found in the way 389-ds-base handles virtual attributes context in persistent searches. An attacker could send a series…
CVE-2006-5170 — CVSS 7.5 (high): pam_ldap in nss_ldap on Red Hat Enterprise Linux 4, Fedora Core 3 and earlier, and possibly other distributions does not return an error…
CVE-2020-25719 — CVSS 7.2 (high): A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication. The Samba AD…
CVE-2015-3214 — CVSS 6.9 (medium): The pit_ioport_read in i8254.c in the Linux kernel before 2.6.33 and QEMU before 2.3.1 does not distinguish between read lengths and write…
CVE-2019-6470 — CVSS 6.5 (medium): There had existed in one of the ISC BIND libraries a bug in a function that was used by dhcpd when operating in DHCPv6 mode. There was also…
CVE-2023-5455 — CVSS 6.5 (medium): A Cross-site request forgery vulnerability exists in ipa/session/login_password in all supported versions of IPA. This flaw allows an…
CVE-2016-2124 — CVSS 5.9 (medium): A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the plaintext password sent…
CVE-2024-0408 — CVSS 5.5 (medium): A flaw was found in the X.Org server. The GLX PBuffer code does not call the XACE hook when creating the buffer, leaving it unlabeled. When…
CVE-2019-7317 — CVSS 5.3 (medium): png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.
CVE-2007-6283 — CVSS 4.9 (medium): Red Hat Enterprise Linux 5 and Fedora install the Bind /etc/rndc.key file with world-readable permissions, which allows local users to…
CVE-2017-15129 — CVSS 4.7 (medium): A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel before 4.14.11. The function…
CVE-2018-16866 — CVSS 3.3 (low): An out of bounds read was discovered in systemd-journald in the way it parses log messages that terminate with a colon ':'. A local…
CVE-2012-1717 — CVSS 2.1 (low): Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and…