Vulnerabilities > Redhat

DATE CVE VULNERABILITY TITLE RISK
2023-11-09 CVE-2023-39198 Use After Free vulnerability in multiple products
A race condition was found in the QXL driver in the Linux kernel.
local
high complexity
linux fedoraproject redhat CWE-416
6.4
2023-11-09 CVE-2023-5544 Authorization Bypass Through User-Controlled Key vulnerability in multiple products
Wiki comments required additional sanitizing and access restrictions to prevent a stored XSS risk and potential IDOR risk.
network
low complexity
moodle redhat fedoraproject CWE-639
5.4
2023-11-09 CVE-2023-5546 Cross-site Scripting vulnerability in multiple products
ID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS risk.
network
low complexity
moodle redhat fedoraproject CWE-79
5.4
2023-11-09 CVE-2023-5547 Cross-site Scripting vulnerability in multiple products
The course upload preview contained an XSS risk for users uploading unsafe data.
network
low complexity
moodle redhat fedoraproject CWE-79
6.1
2023-11-08 CVE-2023-4061 Unspecified vulnerability in Redhat products
A flaw was found in wildfly-core.
network
low complexity
redhat
6.5
2023-11-07 CVE-2023-4956 Improper Restriction of Rendered UI Layers or Frames vulnerability in Redhat Quay 3.0.0
A flaw was found in Quay.
network
low complexity
redhat CWE-1021
4.3
2023-11-06 CVE-2023-40660 Improper Authentication vulnerability in multiple products
A flaw was found in OpenSC packages that allow a potential PIN bypass.
low complexity
opensc-project redhat CWE-287
6.6
2023-11-06 CVE-2023-40661 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Several memory vulnerabilities were identified within the OpenSC packages, particularly in the card enrollment process using pkcs15-init when a user or administrator enrolls cards.
low complexity
opensc-project redhat CWE-119
6.4
2023-11-06 CVE-2023-4535 Out-of-bounds Read vulnerability in multiple products
An out-of-bounds read vulnerability was found in OpenSC packages within the MyEID driver when handling symmetric key encryption.
3.8
2023-11-06 CVE-2023-4910 Exposure of Resource to Wrong Sphere vulnerability in Redhat 3Scale API Management 2.0
A flaw was found In 3Scale Admin Portal.
local
low complexity
redhat CWE-668
5.5