Red Hat Enterprise Linux Server for Power Little Endian Update Services for SAP Solutions 8.8

CPE Details

Red Hat Enterprise Linux Server for Power Little Endian Update Services for SAP Solutions 8.8
redhat
enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions
8.8
2023-08-30
13h51 +00:00
2023-09-06
15h03 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.8:*:*:*:*:*:*:*

Informations

Vendor

redhat

Product

enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions

Version

8.8

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2024-1062 2024-02-12 13h04 +00:00 A heap overflow flaw was found in 389-ds-base. This issue leads to a denial of service when writing a value larger than 256 chars in log_entry_attr.
5.5
Moyen
CVE-2023-3972 2023-11-01 15h54 +00:00 A vulnerability was found in insights-client. This security issue occurs because of insecure file operations or unsafe handling of temporary files and directories that lead to local privilege escalation. Before the insights-client has been registered on the system by root, an unprivileged local user or attacker could create the /var/tmp/insights-client directory (owning the directory with read, write, and execute permissions) on the system. After the insights-client is registered by root, an attacker could then control the directory content that insights are using by putting malicious scripts into it and executing arbitrary code as root (trivially bypassing SELinux protections because insights processes are allowed to disable SELinux system-wide).
7.8
Haute
CVE-2023-5633 2023-10-23 21h58 +00:00 The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. When running inside a VMware guest with 3D acceleration enabled, a local, unprivileged user could potentially use this flaw to escalate their privileges.
7.8
Haute
CVE-2023-3899 2023-08-23 10h49 +00:00 A vulnerability was found in subscription-manager that allows local privilege escalation due to inadequate authorization. The D-Bus interface com.redhat.RHSM1 exposes a significant number of methods to all users that could change the state of the registration. By using the com.redhat.RHSM1.Config.SetAll() method, a low-privileged local user could tamper with the state of the registration, by unregistering the system or by changing the current entitlements. This flaw allows an attacker to set arbitrary configuration directives for /etc/rhsm/rhsm.conf, which can be abused to cause a local privilege escalation to an unconfined root.
7.8
Haute