Redhat Enterprise Linux Server Update Services For Sap Solutions — known CVE vulnerabilities
Every CVE whose affected-product data names Redhat Enterprise Linux Server Update Services For Sap Solutions, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (43)
CVE-2015-5165 — CVSS 9.3 (critical): The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers…
CVE-2021-3656 — CVSS 8.8 (high): A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine…
CVE-2021-44142 — CVSS 8.8 (high): The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide "...enhanced compatibility with Apple SMB clients and…
CVE-2022-1227 — CVSS 8.8 (high): A privilege escalation flaw was found in Podman. This flaw allows an attacker to publish a malicious image to a public registry. Once this…
CVE-2022-0435 — CVSS 8.8 (high): A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content…
CVE-2022-2601 — CVSS 8.6 (high): A buffer overflow was found in grub_font_construct_glyph(). A malicious crafted pf2 font can lead to an overflow when calculating the…
CVE-2020-25717 — CVSS 8.1 (high): A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible…
CVE-2022-1011 — CVSS 7.8 (high): A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write(). This flaw allows a local user…
CVE-2023-3899 — CVSS 7.8 (high): A vulnerability was found in subscription-manager that allows local privilege escalation due to inadequate authorization. The D-Bus…
CVE-2023-0494 — CVSS 7.8 (high): A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by…
CVE-2021-3551 — CVSS 7.8 (high): A flaw was found in the PKI-server, where the spkispawn command, when run in debug mode, stores admin credentials in the installation log…
CVE-2023-3972 — CVSS 7.8 (high): A vulnerability was found in insights-client. This security issue occurs because of insecure file operations or unsafe handling of…
CVE-2022-0330 — CVSS 7.8 (high): A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code…
CVE-2022-0516 — CVSS 7.8 (high): A vulnerability was found in kvm_s390_guest_sida_op in the arch/s390/kvm/kvm-s390.c function in KVM for s390 in the Linux kernel. This flaw…
CVE-2020-9490 — CVSS 7.5 (high): Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would result in a…
CVE-2022-27649 — CVSS 7.5 (high): A flaw was found in Podman, where containers were started incorrectly with non-empty default permissions. A vulnerability was found in Moby…
CVE-2019-19906 — CVSS 7.5 (high): cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a…
CVE-2020-25719 — CVSS 7.2 (high): A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication. The Samba AD…
CVE-2021-3609 — CVSS 7.0 (high): .A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to…
CVE-2015-3214 — CVSS 6.9 (medium): The pit_ioport_read in i8254.c in the Linux kernel before 2.6.33 and QEMU before 2.3.1 does not distinguish between read lengths and write…
CVE-2022-24807 — CVSS 6.5 (medium): net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a malformed OID in a SET…
CVE-2020-14301 — CVSS 6.5 (medium): An information disclosure vulnerability was found in libvirt in versions before 6.3.0. HTTP cookies used to access network-based disks were…
CVE-2021-3733 — CVSS 6.5 (medium): There's a flaw in urllib's AbstractBasicAuthHandler class. An attacker who controls a malicious HTTP server that an HTTP client (such as…
CVE-2022-24805 — CVSS 6.5 (medium): net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a buffer overflow in the…
CVE-2022-24806 — CVSS 6.5 (medium): net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write…
CVE-2022-24808 — CVSS 6.5 (medium): net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write…
CVE-2022-24809 — CVSS 6.5 (medium): net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-only…
CVE-2023-5455 — CVSS 6.5 (medium): A Cross-site request forgery vulnerability exists in ipa/session/login_password in all supported versions of IPA. This flaw allows an…
CVE-2016-2124 — CVSS 5.9 (medium): A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the plaintext password sent…
CVE-2024-3049 — CVSS 5.9 (medium): A flaw was found in Booth, a cluster ticket manager. If a specially-crafted hash is passed to gcry_md_get_algo_dlen(), it may allow an…
CVE-2021-3672 — CVSS 5.6 (medium): A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS (Domain Name Servers) can lead to…
CVE-2021-3744 — CVSS 5.5 (medium): A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows…
CVE-2019-6454 — CVSS 5.5 (medium): An issue was discovered in sd-bus in systemd 239. bus_process_object() in libsystemd/sd-bus/bus-objects.c allocates a variable-length stack…
CVE-2017-15129 — CVSS 4.7 (medium): A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel before 4.14.11. The function…
CVE-2019-15718 — CVSS 4.4 (medium): In systemd 240, bus_open_system_watch_bind_with_description in shared/bus-util.c (as used by systemd-resolved to connect to the system…
CVE-2018-16866 — CVSS 3.3 (low): An out of bounds read was discovered in systemd-journald in the way it parses log messages that terminate with a colon ':'. A local…