Vulnerabilities > Redhat > Enterprise Linux

DATE CVE VULNERABILITY TITLE RISK
2024-01-16 CVE-2024-0232 Use After Free vulnerability in multiple products
A heap use-after-free issue has been identified in SQLite in the jsonParseAddNodeArray() function in sqlite3.c.
local
low complexity
sqlite redhat fedoraproject CWE-416
5.5
5.5
2024-01-16 CVE-2024-0553 Information Exposure Through Discrepancy vulnerability in multiple products
A vulnerability was found in GnuTLS.
network
low complexity
gnu fedoraproject redhat CWE-203
7.5
7.5
2024-01-15 CVE-2024-0562 Use After Free vulnerability in multiple products
A use-after-free flaw was found in the Linux Kernel.
local
low complexity
linux redhat CWE-416
7.8
7.8
2024-01-15 CVE-2023-4001 Authentication Bypass by Spoofing vulnerability in multiple products
An authentication bypass flaw was found in GRUB due to the way that GRUB uses the UUID of a device to search for the configuration file that contains the password hash for the GRUB password protection feature.
low complexity
gnu redhat fedoraproject CWE-290
6.8
6.8
2024-01-15 CVE-2023-6915 NULL Pointer Dereference vulnerability in multiple products
A Null pointer dereference problem was found in ida_free in lib/idr.c in the Linux Kernel.
local
low complexity
linux redhat CWE-476
5.5
5.5
2024-01-12 CVE-2024-23301 Relax-and-Recover (aka ReaR) through 2.7 creates a world-readable initrd when using GRUB_RESCUE=y. 5.5
5.5
2024-01-12 CVE-2023-6683 NULL Pointer Dereference vulnerability in multiple products
A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages.
network
low complexity
qemu redhat CWE-476
6.5
6.5
2024-01-12 CVE-2024-0443 Exposure of Resource to Wrong Sphere vulnerability in multiple products
A flaw was found in the blkgs destruction path in block/blk-cgroup.c in the Linux kernel, leading to a cgroup blkio memory leakage problem.
local
low complexity
linux redhat fedoraproject CWE-668
5.5
5.5
2024-01-10 CVE-2023-5455 Cross-Site Request Forgery (CSRF) vulnerability in multiple products
A Cross-site request forgery vulnerability exists in ipa/session/login_password in all supported versions of IPA.
network
low complexity
freeipa fedoraproject redhat CWE-352
6.5
6.5
2024-01-08 CVE-2021-3600 Out-of-bounds Write vulnerability in multiple products
It was discovered that the eBPF implementation in the Linux kernel did not properly track bounds information for 32 bit registers when performing div and mod operations.
local
low complexity
linux canonical fedoraproject redhat CWE-787
7.8
7.8