Vulnerabilities > Redhat

DATE CVE VULNERABILITY TITLE RISK
2024-01-16 CVE-2024-0553 Information Exposure Through Discrepancy vulnerability in multiple products
A vulnerability was found in GnuTLS.
network
low complexity
gnu fedoraproject redhat CWE-203
7.5
7.5
2024-01-15 CVE-2024-0562 Use After Free vulnerability in multiple products
A use-after-free flaw was found in the Linux Kernel.
local
low complexity
linux redhat CWE-416
7.8
7.8
2024-01-15 CVE-2023-4001 Authentication Bypass by Spoofing vulnerability in multiple products
An authentication bypass flaw was found in GRUB due to the way that GRUB uses the UUID of a device to search for the configuration file that contains the password hash for the GRUB password protection feature.
low complexity
gnu redhat fedoraproject CWE-290
6.8
6.8
2024-01-15 CVE-2023-6915 NULL Pointer Dereference vulnerability in multiple products
A Null pointer dereference problem was found in ida_free in lib/idr.c in the Linux Kernel.
local
low complexity
linux redhat CWE-476
5.5
5.5
2024-01-12 CVE-2024-23301 Relax-and-Recover (aka ReaR) through 2.7 creates a world-readable initrd when using GRUB_RESCUE=y. 5.5
5.5
2024-01-12 CVE-2023-6683 NULL Pointer Dereference vulnerability in multiple products
A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages.
network
low complexity
qemu redhat CWE-476
6.5
6.5
2024-01-12 CVE-2024-0443 Exposure of Resource to Wrong Sphere vulnerability in multiple products
A flaw was found in the blkgs destruction path in block/blk-cgroup.c in the Linux kernel, leading to a cgroup blkio memory leakage problem.
local
low complexity
linux redhat fedoraproject CWE-668
5.5
5.5
2024-01-10 CVE-2023-5455 Cross-Site Request Forgery (CSRF) vulnerability in multiple products
A Cross-site request forgery vulnerability exists in ipa/session/login_password in all supported versions of IPA.
network
low complexity
freeipa fedoraproject redhat CWE-352
6.5
6.5
2024-01-09 CVE-2023-6476 Allocation of Resources Without Limits or Throttling vulnerability in Redhat Openshift Container Platform 3.11/4.13/4.14
A flaw was found in CRI-O that involves an experimental annotation leading to a container being unconfined.
network
low complexity
redhat CWE-770
7.5
7.5
2024-01-08 CVE-2021-3600 Out-of-bounds Write vulnerability in multiple products
It was discovered that the eBPF implementation in the Linux kernel did not properly track bounds information for 32 bit registers when performing div and mod operations.
local
low complexity
linux canonical fedoraproject redhat CWE-787
7.8
7.8