Redhat: >> Enterprise Linux Security Vulnerabilities
A flaw was found in the FreeRDP used by Anaconda's remote install feature, where a crafted RDP packet could trigger a segmentation fault. This issue causes the service to crash and remain defunct, resulting in a denial of service. It occurs pre-boot and is likely due to a NULL pointer dereference. Rebooting is required to recover the system.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-05-16
A flaw was found in the mod_auth_openidc module for Apache httpd. This flaw allows a remote, unauthenticated attacker to trigger a denial of service by sending an empty POST request when the OIDCPreservePost directive is enabled. The server crashes consistently, affecting availability.
CVSS Score
7.5
EPSS Score
0.013
Published
2025-04-29
A flaw was found in fig2dev. This vulnerability allows availability via local input manipulation via genge_itp_spline function.
CVSS Score
5.5
EPSS Score
0.001
Published
2025-04-23
In xfig diagramming tool, a segmentation fault while running fig2dev allows an attacker to availability via local input manipulation via read_arcobject function.
CVSS Score
5.5
EPSS Score
0.001
Published
2025-04-23
A flaw was found in xfig. This vulnerability allows possible code execution via local input manipulation via bezier_spline function.
CVSS Score
7.8
EPSS Score
0.001
Published
2025-04-23
In xfig diagramming tool, a stack-overflow while running fig2dev allows memory corruption via local input manipulation via read_objects function.
CVSS Score
5.5
EPSS Score
0.001
Published
2025-04-23
A flaw was found in Yelp. The Gnome user help application allows the help document to execute arbitrary scripts. This vulnerability allows malicious users to input help documents, which may exfiltrate user files to an external environment.
CVSS Score
7.4
EPSS Score
0.007
Published
2025-04-03
A flaw was found in libsoup. The package is vulnerable to a heap buffer over-read when sniffing content via the skip_insight_whitespace() function. Libsoup clients may read one byte out-of-bounds in response to a crafted HTTP response by an HTTP server.
CVSS Score
7.0
EPSS Score
0.021
Published
2025-04-03
A flaw was found in gnuplot. The plot3d_points() function may lead to a segmentation fault and cause a system crash.
CVSS Score
6.2
EPSS Score
0.0
Published
2025-03-27
A flaw was found in gnuplot. The GetAnnotateString() function may lead to a segmentation fault and cause a system crash.
CVSS Score
6.2
EPSS Score
0.0
Published
2025-03-27