Redhat: >> Enterprise Linux >> 6.0 Security Vulnerabilities
A vulnerability exists in the memory management subsystem of the Linux kernel. The lock handling for accessing and updating virtual memory areas (VMAs) is incorrect, leading to use-after-free problems. This issue can be successfully exploited to execute arbitrary kernel code, escalate containers, and gain root privileges.
CVSS Score
7.8
EPSS Score
0.002
Published
2023-07-11
A heap buffer overflow vulnerability was found in sox, in the lsx_readbuf function at sox/src/formats_i.c:98:16. This flaw can lead to a denial of service, code execution, or information disclosure.
CVSS Score
7.8
EPSS Score
0.0
Published
2023-07-10
A floating point exception vulnerability was found in sox, in the lsx_aiffstartwrite function at sox/src/aiff.c:622:58. This flaw can lead to a denial of service.
CVSS Score
6.2
EPSS Score
0.0
Published
2023-07-10
A floating point exception vulnerability was found in sox, in the read_samples function at sox/src/voc.c:334:18. This flaw can lead to a denial of service.
CVSS Score
6.2
EPSS Score
0.001
Published
2023-07-10
A heap buffer overflow vulnerability was found in sox, in the startread function at sox/src/hcom.c:160:41. This flaw can lead to a denial of service, code execution, or information disclosure.
CVSS Score
7.8
EPSS Score
0.0
Published
2023-07-10
CVE-2023-32373
A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, Safari 16.5, iOS 16.5 and iPadOS 16.5. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
Known exploited
CVSS Score
8.8
EPSS Score
0.0
Published
2023-06-23
A vulnerability was found in the pthread_create() function in libcap. This issue may allow a malicious actor to use cause __real_pthread_create() to return an error, which can exhaust the process memory.
CVSS Score
3.3
EPSS Score
0.0
Published
2023-06-06
A vulnerability was found in ImageMagick. This security flaw ouccers as an undefined behaviors of casting double to size_t in svg, mvg and other coders (recurring bugs of CVE-2022-32546).
CVSS Score
5.5
EPSS Score
0.001
Published
2023-05-30
A vulnerability was found in ImageMagick. This security flaw cause a remote code execution vulnerability in OpenBlob with --enable-pipes configured.
CVSS Score
9.8
EPSS Score
0.689
Published
2023-05-30
A vulnerability was found in ImageMagick. This security flaw causes a shell command injection vulnerability via video:vsync or video:pixel-format options in VIDEO encoding/decoding.
CVSS Score
7.8
EPSS Score
0.009
Published
2023-05-30