Latest redhat enterprise linux for scientific computing Vulnerabilities

Xorg-x11-server: selinux context corruption
ubuntu/xorg-server<2:1.19.6-1ubuntu4.15+
ubuntu/xorg-server<2:1.20.13-1ubuntu1~20.04.14
ubuntu/xorg-server<2:21.1.4-2ubuntu1.7~22.04.7
ubuntu/xorg-server<2:21.1.7-1ubuntu3.6
ubuntu/xorg-server<2:21.1.7-3ubuntu2.6
ubuntu/xorg-server<2:21.1.11-1ubuntu1
and 25 more
Xorg-x11-server: selinux unlabeled glx pbuffer
ubuntu/xorg-server<2:1.19.6-1ubuntu4.15+
ubuntu/xorg-server<2:1.20.13-1ubuntu1~20.04.14
ubuntu/xorg-server<2:21.1.4-2ubuntu1.7~22.04.7
ubuntu/xorg-server<2:21.1.7-1ubuntu3.6
ubuntu/xorg-server<2:21.1.7-3ubuntu2.6
ubuntu/xorg-server<2:21.1.11-1ubuntu1
and 26 more
Postgresql: buffer overrun from integer overflow in array modification
PostgreSQL PostgreSQL>=11.0<11.22
PostgreSQL PostgreSQL>=12.0<12.17
PostgreSQL PostgreSQL>=13.0<13.13
PostgreSQL PostgreSQL>=14.0<14.10
PostgreSQL PostgreSQL>=15.0<15.5
PostgreSQL PostgreSQL=16.0
and 66 more
Xorg-x11-server: out-of-bounds write in xichangedeviceproperty/rrchangeoutputproperty
debian/xorg-server<=2:1.20.4-1+deb10u4<=2:1.20.11-1+deb11u6
debian/xwayland<=2:22.1.9-1
ubuntu/xorg-server<2:1.15.1-0ubuntu2.11+
ubuntu/xorg-server<2:1.18.4-0ubuntu0.12+
ubuntu/xorg-server<2:1.19.6-1ubuntu4.15+
ubuntu/xorg-server<21.1.9
and 31 more
Ipa: invalid csrf protection
Freeipa Freeipa<4.6.10
Freeipa Freeipa>=4.7.0<4.9.14
Freeipa Freeipa>=4.10.0<4.10.3
Freeipa Freeipa=4.11.0
Freeipa Freeipa=4.11.0-beta1
Fedoraproject Fedora=38
and 54 more
Insights-client: unsafe handling of temporary files and directories
redhat/insights-client<3.2.2
<3.2.2
=7.0
=8.0
=9.0
=8.6
and 46 more
Subscription-manager: inadequate authorization of com.redhat.rhsm1 d-bus interface allows local users to modify configuration
Redhat Subscription-manager<1.28.39
Redhat Subscription-manager>=1.29.0<1.29.37
Fedoraproject Fedora=37
Fedoraproject Fedora=38
Redhat Enterprise Linux Update Services For Sap Solutions=8.1
Redhat Enterprise Linux Update Services For Sap Solutions=8.2
and 60 more
A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write i...
redhat/xorg-server<21.1.7
X.Org X Server<21.1.7
Fedoraproject Fedora=36
Fedoraproject Fedora=37
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=8.1
and 30 more
sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters
Fedoraproject Sssd>=1.15.3<2.3.1
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux Desktop=7.0
Redhat Enterprise Linux For Ibm Z Systems=7.0
Redhat Enterprise Linux For Power Big Endian=7.0
Redhat Enterprise Linux For Power Little Endian=7.0
and 9 more
The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide "...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver." Samba versions...
Samba Samba<4.13.17
Samba Samba>=4.14.0<4.14.12
Samba Samba>=4.15.0<4.15.5
Debian Debian Linux=10.0
Debian Debian Linux=11.0
Canonical Ubuntu Linux=14.04
and 36 more
A double-free was found in the way 389-ds-base handles virtual attributes context in persistent searches. An attacker could send a series of search requests, forcing the server to behave unexpectedly,...
Port389 389-ds-base<1.3.10.2
Redhat Enterprise Linux Desktop=7
Redhat Enterprise Linux For Ibm Z Systems=7.0
Redhat Enterprise Linux For Power Big Endian=7.0
Redhat Enterprise Linux For Power Little Endian=7.0
Redhat Enterprise Linux For Scientific Computing=7.0
and 2 more
A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allows a local user to crash the system ...
redhat/kernel-rt<0:3.10.0-1160.59.1.rt56.1200.el7
redhat/kernel<0:3.10.0-1160.59.1.el7
redhat/kernel<0:3.10.0-514.99.1.el7
redhat/kernel<0:3.10.0-693.99.1.el7
redhat/kernel<0:3.10.0-957.92.1.el7
redhat/kernel<0:3.10.0-1062.63.1.el7
and 269 more
Red Hat Polkit Out-of-Bounds Read and Write Vulnerability
redhat/polkit<0:0.96-11.el6_10.2
redhat/polkit<0:0.112-26.el7_9.1
redhat/polkit<0:0.112-12.el7_3.1
redhat/polkit<0:0.112-12.el7_4.2
redhat/polkit<0:0.112-18.el7_6.3
redhat/polkit<0:0.112-22.el7_7.2
and 64 more
A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication. The Samba AD DC, could become confused about the user a ticket represents i...
Samba Samba>=4.0.0<4.13.14
Samba Samba>=4.14.0<4.14.10
Samba Samba>=4.15.0<4.15.2
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Fedoraproject Fedora=33
and 38 more
A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible privilege escalation.
Samba Samba>=3.0.0<4.13.14
Samba Samba>=4.14.0<4.14.10
Samba Samba>=4.15.0<4.15.2
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Fedoraproject Fedora=33
and 59 more
A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the plaintext password sent over the wire even if Kerberos authentication was required.
Samba Samba>=3.0.0<4.13.14
Samba Samba>=4.14.0<4.14.10
Samba Samba>=4.15.0<4.15.2
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Fedoraproject Fedora=33
and 57 more
A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nes...
redhat/kernel-rt<0:3.10.0-1160.45.1.rt56.1185.el7
redhat/kernel<0:3.10.0-1160.45.1.el7
redhat/kernel<0:3.10.0-957.84.1.el7
redhat/kernel<0:3.10.0-1062.59.1.el7
redhat/kernel-rt<0:4.18.0-305.25.1.rt7.97.el8_4
redhat/kernel<0:4.18.0-305.25.1.el8_4
and 241 more
WebKitGTK Memory Corruption Vulnerability
redhat/webkitgtk<2.26.0
WebKitGTK WebKitGTK<2.26.0
Wpewebkit Wpe Webkit<2.26.0
Redhat Codeready Linux Builder=8.0
Redhat Codeready Linux Builder Eus=8.4
and 37 more
Incorrect security UI in interstitials in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
redhat/chromium-browser<79.0.3945.79
Google Chrome<79.0.3945.79
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Fedoraproject Fedora=30
Fedoraproject Fedora=31
and 9 more
Insufficient policy enforcement in extensions in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to disable extensions via a crafted HTML page.
redhat/chromium-browser<79.0.3945.79
Google Chrome<79.0.3945.79
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Fedoraproject Fedora=30
Fedoraproject Fedora=31
and 9 more
Insufficient policy enforcement in payments in Google Chrome prior to 79.0.3945.79 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page.
redhat/chromium-browser<79.0.3945.79
Google Chrome<79.0.3945.79
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Fedoraproject Fedora=30
Fedoraproject Fedora=31
and 9 more
Incorrect security UI in printing in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
redhat/chromium-browser<79.0.3945.79
Google Chrome<79.0.3945.79
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Fedoraproject Fedora=30
Fedoraproject Fedora=31
and 9 more
Insufficient policy enforcement in downloads in Google Chrome on Windows prior to 79.0.3945.79 allowed a local attacker to spoof downloaded files via local code.
redhat/chromium-browser<79.0.3945.79
Google Chrome<79.0.3945.79
Microsoft Windows
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Fedoraproject Fedora=30
and 10 more
Insufficient policy enforcement in navigation in Google Chrome on Android prior to 79.0.3945.79 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
redhat/chromium-browser<79.0.3945.79
Google Chrome<79.0.3945.79
Google Android
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Fedoraproject Fedora=30
and 10 more
Insufficient policy enforcement in extensions in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
redhat/chromium-browser<79.0.3945.79
Google Chrome<79.0.3945.79
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Fedoraproject Fedora=30
Fedoraproject Fedora=31
and 9 more
Incorrect security UI in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
redhat/chromium-browser<79.0.3945.79
Google Chrome<79.0.3945.79
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Fedoraproject Fedora=30
Fedoraproject Fedora=31
and 9 more
Incorrect security UI in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
redhat/chromium-browser<79.0.3945.79
Google Chrome<79.0.3945.79
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Fedoraproject Fedora=30
Fedoraproject Fedora=31
and 9 more
Insufficient policy enforcement in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
redhat/chromium-browser<79.0.3945.79
Google Chrome<79.0.3945.79
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Fedoraproject Fedora=30
Fedoraproject Fedora=31
and 9 more
Incorrect security UI in Omnibox in Google Chrome on iOS prior to 79.0.3945.79 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
redhat/chromium-browser<79.0.3945.79
Google Chrome<79.0.3945.79
Apple iPhone OS
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Fedoraproject Fedora=30
and 10 more
Uninitialized data in rendering in Google Chrome on Android prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Google Chrome<79.0.3945.79
Google Android
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Fedoraproject Fedora=30
Fedoraproject Fedora=31
and 10 more
Insufficient policy enforcement in developer tools in Google Chrome prior to 79.0.3945.79 allowed a local attacker to obtain potentially sensitive information from process memory via a crafted HTML pa...
Google Chrome<79.0.3945.79
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Fedoraproject Fedora=30
Fedoraproject Fedora=31
Redhat Enterprise Linux Desktop=6.0
and 9 more
Use-after-free in WebAudio in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
redhat/chromium-browser<79.0.3945.79
Google Chrome<79.0.3945.79
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Fedoraproject Fedora=30
Fedoraproject Fedora=31
and 9 more
Insufficient policy enforcement in navigation in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass site isolation via a crafted HTML page.
redhat/chromium-browser<79.0.3945.79
Google Chrome<79.0.3945.79
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Fedoraproject Fedora=30
Fedoraproject Fedora=31
and 9 more
Out of bounds write in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
redhat/chromium-browser<79.0.3945.79
Google Chrome<79.0.3945.79
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Fedoraproject Fedora=30
Fedoraproject Fedora=31
and 9 more
Incorrect security UI in external protocol handling in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to spoof security UI via a crafted HTML page.
redhat/chromium-browser<79.0.3945.79
Google Chrome<79.0.3945.79
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Fedoraproject Fedora=30
Fedoraproject Fedora=31
and 9 more
Insufficient validation of untrusted input in Blink in Google Chrome prior to 79.0.3945.79 allowed a local attacker to bypass same origin policy via crafted clipboard content.
redhat/chromium-browser<79.0.3945.79
Google Chrome<79.0.3945.79
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Fedoraproject Fedora=30
Fedoraproject Fedora=31
and 9 more
Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
redhat/chromium-browser<79.0.3945.79
Google Chrome<79.0.3945.79
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Fedoraproject Fedora=30
Fedoraproject Fedora=31
and 7 more
Use-after-free in WebSockets in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
redhat/chromium-browser<79.0.3945.79
Google Chrome<79.0.3945.79
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Fedoraproject Fedora=30
Fedoraproject Fedora=31
and 9 more
Incorrect security UI in sharing in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
redhat/chromium-browser<79.0.3945.79
Google Chrome<79.0.3945.79
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Fedoraproject Fedora=30
Fedoraproject Fedora=31
and 9 more
Integer overflow in PDFium in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
redhat/chromium-browser<79.0.3945.79
Google Chrome<79.0.3945.79
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Fedoraproject Fedora=30
Fedoraproject Fedora=31
and 9 more
Incorrect security UI in Omnibox in Google Chrome on iOS prior to 79.0.3945.79 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.
redhat/chromium-browser<79.0.3945.79
Google Chrome<79.0.3945.79
Apple iPhone OS
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Fedoraproject Fedora=30
and 10 more
Insufficient policy enforcement in autocomplete in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...
redhat/chromium-browser<79.0.3945.79
Google Chrome<79.0.3945.79
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Fedoraproject Fedora=30
Fedoraproject Fedora=31
and 9 more
Insufficient policy enforcement in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
redhat/chromium-browser<79.0.3945.79
Google Chrome<79.0.3945.79
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Fedoraproject Fedora=30
Fedoraproject Fedora=31
and 9 more
Insufficient policy enforcement in cookies in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
redhat/chromium-browser<79.0.3945.79
Google Chrome<79.0.3945.79
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Fedoraproject Fedora=30
Fedoraproject Fedora=31
and 9 more
Buffer overflow in password manager in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code via a crafted HTML page.
redhat/chromium-browser<79.0.3945.79
Google Chrome<79.0.3945.79
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Fedoraproject Fedora=30
Fedoraproject Fedora=31
and 9 more
Out of bounds write in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
redhat/chromium-browser<79.0.3945.79
Google Chrome<79.0.3945.79
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Fedoraproject Fedora=30
Fedoraproject Fedora=31
and 9 more
Insufficient policy enforcement in WebSockets in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass same origin policy via a crafted HTML page.
redhat/chromium-browser<79.0.3945.79
Google Chrome<79.0.3945.79
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Fedoraproject Fedora=30
Fedoraproject Fedora=31
and 9 more
An out of bounds read flaw was found in the SQLite component of the Chromium browser. Upstream bug(s): <a href="https://code.google.com/p/chromium/issues/detail?id=1025470">https://code.google.com/p...
Google Chrome<79.0.3945.79
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Fedoraproject Fedora=30
Fedoraproject Fedora=31
Redhat Enterprise Linux Desktop=6.0
and 31 more
An uninitialized use flaw was found in the SQLite component of the Chromium browser. Upstream bug(s): <a href="https://code.google.com/p/chromium/issues/detail?id=1025465">https://code.google.com/p/...
Google Chrome<79.0.3945.79
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Fedoraproject Fedora=30
Fedoraproject Fedora=31
Redhat Enterprise Linux Desktop=6.0
and 31 more
An insufficient data validation flaw was found in the SQLite component of the Chromium browser. Upstream bug(s): <a href="https://code.google.com/p/chromium/issues/detail?id=1025464">https://code.go...
Google Chrome<79.0.3945.79
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Fedoraproject Fedora=30
Fedoraproject Fedora=31
Redhat Enterprise Linux Desktop=6.0
and 31 more

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203