Redhat: Security Vulnerabilities
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer handler, where improper privilege management can lead to escalation of privileges and information disclosure.
CVSS Score
4.7
EPSS Score
0.0
Published
2023-04-01
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious user in a guest VM can cause a NULL-pointer dereference, which may lead to denial of service.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-04-01
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where improper restriction of operations within the bounds of a memory buffer can lead to denial of service, information disclosure, and data tampering.
CVSS Score
6.6
EPSS Score
0.001
Published
2023-04-01
NVIDIA GPU Display Driver for Linux contains a vulnerability in a kernel mode layer handler, which may lead to denial of service or information disclosure.
CVSS Score
7.1
EPSS Score
0.001
Published
2023-04-01
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in a kernel mode layer handler, where memory permissions are not correctly checked, which may lead to denial of service and data tampering.
CVSS Score
7.1
EPSS Score
0.0
Published
2023-04-01
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer where an out-of-bounds write can lead to denial of service and data tampering.
CVSS Score
7.1
EPSS Score
0.001
Published
2023-04-01
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where sign conversion issuescasting an unsigned primitive to signed may lead to denial of service or information disclosure.
CVSS Score
6.7
EPSS Score
0.0
Published
2023-04-01
A flaw was found in Keycloak in the execute-actions-email endpoint. This issue allows arbitrary HTML to be injected into emails sent to Keycloak users and can be misused to perform phishing or other attacks against users.
CVSS Score
5.4
EPSS Score
0.008
Published
2023-03-29
A vulnerability was found in the device-mapper-multipath. The device-mapper-multipath allows local users to obtain root access, exploited alone or in conjunction with CVE-2022-41973. Local users that are able to write to UNIX domain sockets can bypass access controls and manipulate the multipath setup. This issue occurs because an attacker can repeat a keyword, which is mishandled when arithmetic ADD is used instead of bitwise OR. This could lead to local privilege escalation to root.
CVSS Score
7.8
EPSS Score
0.0
Published
2023-03-29
A use-after-free flaw was found in nfsd4_ssc_setup_dul in fs/nfsd/nfs4proc.c in the NFS filesystem in the Linux Kernel. This issue could allow a local attacker to crash the system or it may lead to a kernel information leak problem.
CVSS Score
7.1
EPSS Score
0.0
Published
2023-03-29