Vulnerabilities > Redhat > Enterprise Linux > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-11-12 CVE-2024-49394 Improper Verification of Cryptographic Signature vulnerability in multiple products
In mutt and neomutt the In-Reply-To email header field is not protected by cryptographic signing which allows an attacker to reuse an unencrypted but signed email message to impersonate the original sender.
network
low complexity
neomutt mutt redhat CWE-347
5.3
2024-11-12 CVE-2024-49395 In mutt and neomutt, PGP encryption does not use the --hidden-recipient mode which may leak the Bcc email header field by inferring from the recipients info.
network
low complexity
neomutt mutt redhat
5.3
2024-11-12 CVE-2024-49393 Improper Verification of Cryptographic Signature vulnerability in multiple products
In neomutt and mutt, the To and Cc email headers are not validated by cryptographic signing which allows an attacker that intercepts a message to change their value and include himself as a one of the recipients to compromise message confidentiality.
network
high complexity
neomutt mutt redhat CWE-347
5.9
2024-10-15 CVE-2024-9676 Unspecified vulnerability in Redhat products
A vulnerability was found in Podman, Buildah, and CRI-O.
network
low complexity
redhat
6.5
2024-09-03 CVE-2024-45619 Classic Buffer Overflow vulnerability in multiple products
A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK.
low complexity
redhat opensc-project CWE-120
4.3
2024-07-09 CVE-2024-6237 Unspecified vulnerability in Redhat products
A flaw was found in the 389 Directory Server.
network
low complexity
redhat
6.5
2024-06-06 CVE-2024-3049 A flaw was found in Booth, a cluster ticket manager.
network
high complexity
clusterlabs redhat
5.9
2024-04-10 CVE-2024-3567 A flaw was found in QEMU.
local
low complexity
qemu redhat
5.5
2024-02-22 CVE-2023-52160 Improper Authentication vulnerability in multiple products
The implementation of PEAP in wpa_supplicant through 2.10 allows authentication bypass.
network
low complexity
debian redhat fedoraproject w1-fi CWE-287
6.5
2024-02-12 CVE-2023-6681 A vulnerability was found in JWCrypto.
network
low complexity
latchset redhat fedoraproject
5.3