Enterprise Linux

DATE	CVE	VULNERABILITY TITLE	RISK
2023-11-27	CVE-2023-5871	Reachable Assertion vulnerability in Redhat Enterprise Linux and Libnbd A flaw was found in libnbd, due to a malicious Network Block Device (NBD), a protocol for accessing Block Devices such as hard disks over a Network. network low complexity redhat CWE-617	5.3
2023-11-16	CVE-2023-6176	NULL Pointer Dereference vulnerability in multiple products A null pointer dereference flaw was found in the Linux kernel API for the cryptographic algorithm scatterwalk functionality. local high complexity linux redhat CWE-476	4.7
2023-11-16	CVE-2023-6121	Out-of-bounds Read vulnerability in Redhat Enterprise Linux An out-of-bounds read vulnerability was found in the NVMe-oF/TCP subsystem in the Linux kernel. network low complexity redhat CWE-125	4.3
2023-11-09	CVE-2023-39198	Use After Free vulnerability in multiple products A race condition was found in the QXL driver in the Linux kernel. local high complexity linux fedoraproject redhat CWE-416	6.4
2023-11-09	CVE-2023-5544	Authorization Bypass Through User-Controlled Key vulnerability in multiple products Wiki comments required additional sanitizing and access restrictions to prevent a stored XSS risk and potential IDOR risk. network low complexity moodle redhat fedoraproject CWE-639	5.4
2023-11-09	CVE-2023-5546	Cross-site Scripting vulnerability in multiple products ID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS risk. network low complexity moodle redhat fedoraproject CWE-79	5.4
2023-11-09	CVE-2023-5547	Cross-site Scripting vulnerability in multiple products The course upload preview contained an XSS risk for users uploading unsafe data. network low complexity moodle redhat fedoraproject CWE-79	6.1
2023-11-06	CVE-2023-40660	Improper Authentication vulnerability in multiple products A flaw was found in OpenSC packages that allow a potential PIN bypass. low complexity opensc-project redhat CWE-287	6.6
2023-11-06	CVE-2023-40661	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Several memory vulnerabilities were identified within the OpenSC packages, particularly in the card enrollment process using pkcs15-init when a user or administrator enrolls cards. low complexity opensc-project redhat CWE-119	6.4
2023-11-06	CVE-2023-4535	Out-of-bounds Read vulnerability in multiple products An out-of-bounds read vulnerability was found in OpenSC packages within the MyEID driver when handling symmetric key encryption. high complexity opensc-project redhat fedoraproject CWE-125	3.8