Redhat Enterprise Linux Tus — known CVE vulnerabilities
Every CVE whose affected-product data names Redhat Enterprise Linux Tus, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (24)
CVE-2017-15041 — CVSS 9.8 (critical): Go before 1.8.4 and 1.9.x before 1.9.1 allows "go get" remote command execution. Using custom domains, it is possible to arrange things so…
CVE-2019-9948 — CVSS 9.1 (critical): urllib in Python 2.x through 2.7.16 supports the local_file: scheme, which makes it easier for remote attackers to bypass protection…
CVE-2021-3570 — CVSS 8.8 (high): A flaw was found in the ptp4l program of the linuxptp package. A missing length check when forwarding a PTP message between ports allows a…
CVE-2020-25717 — CVSS 8.1 (high): A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible…
CVE-2024-3183 — CVSS 8.1 (high): A vulnerability was found in FreeIPA in a way when a Kerberos TGS-REQ is encrypted using the client’s session key. This key is different…
CVE-2019-9506 — CVSS 8.1 (high): The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an…
CVE-2024-0229 — CVSS 7.8 (high): An out-of-bounds memory access flaw was found in the X.Org server. This issue can be triggered when a device frozen by a sync grab is…
CVE-2019-14816 — CVSS 7.8 (high): There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that…
CVE-2020-1045 — CVSS 7.5 (high): <p>A security feature bypass vulnerability exists in the way Microsoft ASP.NET Core parses encoded cookie names.</p> <p>The ASP.NET Core…
CVE-2025-62230 — CVSS 7.3 (high): A flaw was discovered in the X.Org X server’s X Keyboard (Xkb) extension when handling client resource cleanup. The software frees…
CVE-2025-62231 — CVSS 7.3 (high): A flaw was identified in the X.Org X server’s X Keyboard (Xkb) extension where improper bounds checking in the XkbSetCompatMap() function…
CVE-2021-20316 — CVSS 6.8 (medium): A flaw was found in the way Samba handled file/directory metadata. This flaw allows an authenticated attacker with permissions to read or…
CVE-2020-14355 — CVSS 6.6 (medium): Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system, before…
CVE-2023-4527 — CVSS 6.5 (medium): A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with…
CVE-2020-14301 — CVSS 6.5 (medium): An information disclosure vulnerability was found in libvirt in versions before 6.3.0. HTTP cookies used to access network-based disks were…
CVE-2023-4806 — CVSS 5.9 (medium): A flaw has been identified in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed…
CVE-2016-2124 — CVSS 5.9 (medium): A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the plaintext password sent…
CVE-2021-3672 — CVSS 5.6 (medium): A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS (Domain Name Servers) can lead to…
CVE-2018-16878 — CVSS 5.5 (medium): A flaw was found in pacemaker up to and including version 2.0.1. An insufficient verification inflicted preference of uncontrolled…
CVE-2014-4341 — CVSS 5.0 (medium): MIT Kerberos 5 (aka krb5) before 1.12.2 allows remote attackers to cause a denial of service (buffer over-read and application crash) by…
CVE-2020-2590 — CVSS 3.7 (low): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). Supported versions that are affected are…