Vulnerabilities > Redhat

DATE CVE VULNERABILITY TITLE RISK
2023-12-08 CVE-2023-6610 Out-of-bounds Read vulnerability in multiple products
An out-of-bounds read vulnerability was found in smb2_dump_detail in fs/smb/client/smb2ops.c in the Linux Kernel.
local
low complexity
linux redhat CWE-125
7.1
7.1
2023-12-06 CVE-2023-6393 Unspecified vulnerability in Redhat Build of Quarkus
A flaw was found in the Quarkus Cache Runtime.
network
high complexity
redhat
5.3
5.3
2023-11-28 CVE-2023-5981 Information Exposure Through Discrepancy vulnerability in multiple products
A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding.
network
high complexity
gnu redhat fedoraproject CWE-203
5.9
5.9
2023-11-27 CVE-2023-5871 Reachable Assertion vulnerability in Redhat Enterprise Linux and Libnbd
A flaw was found in libnbd, due to a malicious Network Block Device (NBD), a protocol for accessing Block Devices such as hard disks over a Network.
network
low complexity
redhat CWE-617
5.3
5.3
2023-11-16 CVE-2023-6176 NULL Pointer Dereference vulnerability in multiple products
A null pointer dereference flaw was found in the Linux kernel API for the cryptographic algorithm scatterwalk functionality.
local
high complexity
linux redhat CWE-476
4.7
4.7
2023-11-16 CVE-2023-6121 Out-of-bounds Read vulnerability in Redhat Enterprise Linux
An out-of-bounds read vulnerability was found in the NVMe-oF/TCP subsystem in the Linux kernel.
network
low complexity
redhat CWE-125
4.3
4.3
2023-11-14 CVE-2023-5189 Path Traversal vulnerability in Redhat Ansible Automation Platform and Satellite
A path traversal vulnerability exists in Ansible when extracting tarballs.
network
low complexity
redhat CWE-22
6.5
6.5
2023-11-09 CVE-2023-39198 Use After Free vulnerability in multiple products
A race condition was found in the QXL driver in the Linux kernel.
local
high complexity
linux fedoraproject redhat CWE-416
6.4
6.4
2023-11-09 CVE-2023-5544 Authorization Bypass Through User-Controlled Key vulnerability in multiple products
Wiki comments required additional sanitizing and access restrictions to prevent a stored XSS risk and potential IDOR risk.
network
low complexity
moodle redhat fedoraproject CWE-639
5.4
5.4
2023-11-09 CVE-2023-5546 Cross-site Scripting vulnerability in multiple products
ID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS risk.
network
low complexity
moodle redhat fedoraproject CWE-79
5.4
5.4