Vulnerabilities > Redhat > Enterprise Linux > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-03 | CVE-2023-4091 | Incorrect Default Permissions vulnerability in multiple products A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "acl_xattr" is configured with "acl_xattr:ignore system acls = yes". | 6.5 |
| 2023-11-02 | CVE-2022-4900 | Out-of-bounds Write vulnerability in multiple products A vulnerability was found in PHP where setting the environment variable PHP_CLI_SERVER_WORKERS to a large value leads to a heap buffer overflow. | 5.5 |
| 2023-11-02 | CVE-2023-38473 | Reachable Assertion vulnerability in multiple products A vulnerability was found in Avahi. | 5.5 |
| 2023-11-02 | CVE-2023-38469 | Reachable Assertion vulnerability in multiple products A vulnerability was found in Avahi, where a reachable assertion exists in avahi_dns_packet_append_record. | 5.5 |
| 2023-11-02 | CVE-2023-38470 | Reachable Assertion vulnerability in multiple products A vulnerability was found in Avahi. | 5.5 |
| 2023-11-02 | CVE-2023-38471 | Reachable Assertion vulnerability in multiple products A vulnerability was found in Avahi. | 5.5 |
| 2023-11-02 | CVE-2023-38472 | Reachable Assertion vulnerability in multiple products A vulnerability was found in Avahi. | 5.5 |
| 2023-11-02 | CVE-2023-3164 | Out-of-bounds Write vulnerability in multiple products A heap-buffer-overflow vulnerability was found in LibTIFF, in extractImageSection() at tools/tiffcrop.c:7916 and tools/tiffcrop.c:7801. | 5.5 |
| 2023-11-01 | CVE-2023-1192 | Use After Free vulnerability in multiple products A use-after-free flaw was found in smb2_is_status_io_timeout() in CIFS in the Linux Kernel. | 6.5 |
| 2023-10-25 | CVE-2023-5380 | Use After Free vulnerability in multiple products A use-after-free flaw was found in the xorg-x11-server. | 4.7 |