Vulnerabilities > Redhat > Enterprise Linux > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-12-12 CVE-2023-6710 Cross-site Scripting vulnerability in multiple products
A flaw was found in the mod_proxy_cluster in the Apache server.
network
low complexity
redhat modcluster CWE-79
5.4
2023-12-11 CVE-2023-6679 NULL Pointer Dereference vulnerability in multiple products
A null pointer dereference vulnerability was found in dpll_pin_parent_pin_set() in drivers/dpll/dpll_netlink.c in the Digital Phase Locked Loop (DPLL) subsystem in the Linux kernel.
local
low complexity
linux fedoraproject redhat CWE-476
5.5
2023-12-10 CVE-2023-5868 A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments.
network
low complexity
postgresql redhat
4.3
2023-12-10 CVE-2023-5870 A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher.
network
high complexity
postgresql redhat
4.4
2023-12-08 CVE-2023-6622 NULL Pointer Dereference vulnerability in multiple products
A null pointer dereference vulnerability was found in nft_dynset_init() in net/netfilter/nft_dynset.c in nf_tables in the Linux kernel.
local
low complexity
linux redhat CWE-476
5.5
2023-11-27 CVE-2023-5871 Reachable Assertion vulnerability in Redhat Enterprise Linux and Libnbd
A flaw was found in libnbd, due to a malicious Network Block Device (NBD), a protocol for accessing Block Devices such as hard disks over a Network.
network
low complexity
redhat CWE-617
5.3
2023-11-16 CVE-2023-6176 NULL Pointer Dereference vulnerability in multiple products
A null pointer dereference flaw was found in the Linux kernel API for the cryptographic algorithm scatterwalk functionality.
local
high complexity
linux redhat CWE-476
4.7
2023-11-16 CVE-2023-6121 Out-of-bounds Read vulnerability in Redhat Enterprise Linux
An out-of-bounds read vulnerability was found in the NVMe-oF/TCP subsystem in the Linux kernel.
network
low complexity
redhat CWE-125
4.3
2023-11-09 CVE-2023-39198 Use After Free vulnerability in multiple products
A race condition was found in the QXL driver in the Linux kernel.
local
high complexity
linux fedoraproject redhat CWE-416
6.4
2023-11-09 CVE-2023-5544 Authorization Bypass Through User-Controlled Key vulnerability in multiple products
Wiki comments required additional sanitizing and access restrictions to prevent a stored XSS risk and potential IDOR risk.
network
low complexity
moodle redhat fedoraproject CWE-639
5.4