Vulnerabilities > Redhat > Enterprise Linux > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-12-12 | CVE-2023-6710 | Cross-site Scripting vulnerability in multiple products A flaw was found in the mod_proxy_cluster in the Apache server. | 5.4 |
2023-12-11 | CVE-2023-6679 | NULL Pointer Dereference vulnerability in multiple products A null pointer dereference vulnerability was found in dpll_pin_parent_pin_set() in drivers/dpll/dpll_netlink.c in the Digital Phase Locked Loop (DPLL) subsystem in the Linux kernel. | 5.5 |
2023-12-10 | CVE-2023-5868 | A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. | 4.3 |
2023-12-10 | CVE-2023-5870 | A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. | 4.4 |
2023-12-08 | CVE-2023-6622 | NULL Pointer Dereference vulnerability in multiple products A null pointer dereference vulnerability was found in nft_dynset_init() in net/netfilter/nft_dynset.c in nf_tables in the Linux kernel. | 5.5 |
2023-11-27 | CVE-2023-5871 | Reachable Assertion vulnerability in Redhat Enterprise Linux and Libnbd A flaw was found in libnbd, due to a malicious Network Block Device (NBD), a protocol for accessing Block Devices such as hard disks over a Network. | 5.3 |
2023-11-16 | CVE-2023-6176 | NULL Pointer Dereference vulnerability in multiple products A null pointer dereference flaw was found in the Linux kernel API for the cryptographic algorithm scatterwalk functionality. | 4.7 |
2023-11-16 | CVE-2023-6121 | Out-of-bounds Read vulnerability in Redhat Enterprise Linux An out-of-bounds read vulnerability was found in the NVMe-oF/TCP subsystem in the Linux kernel. | 4.3 |
2023-11-09 | CVE-2023-39198 | Use After Free vulnerability in multiple products A race condition was found in the QXL driver in the Linux kernel. | 6.4 |
2023-11-09 | CVE-2023-5544 | Authorization Bypass Through User-Controlled Key vulnerability in multiple products Wiki comments required additional sanitizing and access restrictions to prevent a stored XSS risk and potential IDOR risk. | 5.4 |