Vulnerabilities > Redhat
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-09-30 | CVE-2023-44488 | Improper Handling of Exceptional Conditions vulnerability in multiple products VP9 in libvpx before 1.13.1 mishandles widths, leading to a crash related to encoding. | 7.5 |
2023-09-28 | CVE-2023-5217 | Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity webmproject microsoft mozilla fedoraproject debian apple google redhat CWE-787 | 8.8 |
2023-09-28 | CVE-2023-42756 | Race Condition vulnerability in multiple products A flaw was found in the Netfilter subsystem of the Linux kernel. | 4.7 |
2023-09-28 | CVE-2023-5215 | Unchecked Return Value vulnerability in Redhat Enterprise Linux and Libnbd A flaw was found in libnbd. | 6.5 |
2023-09-27 | CVE-2023-4066 | Cleartext Storage of Sensitive Information vulnerability in Redhat products A flaw was found in Red Hat's AMQ Broker, which stores certain passwords in a secret security-properties-prop-module, defined in ActivemqArtemisSecurity CR; however, they are shown in plaintext in the StatefulSet details yaml of AMQ Broker. | 5.5 |
2023-09-27 | CVE-2023-4065 | Incorrect Default Permissions vulnerability in Redhat products A flaw was found in Red Hat AMQ Broker Operator, where it displayed a password defined in ActiveMQArtemisAddress CR, shown in plain text in the Operator Log. | 5.5 |
2023-09-27 | CVE-2023-5157 | A vulnerability was found in MariaDB. | 7.5 |
2023-09-27 | CVE-2023-3223 | Unspecified vulnerability in Redhat products A flaw was found in undertow. | 7.5 |
2023-09-27 | CVE-2023-0456 | Missing Authorization vulnerability in Redhat Apicast 2.0.0 A flaw was found in APICast, when 3Scale's OIDC module does not properly evaluate the response to a mismatched token from a separate realm. | 7.5 |
2023-09-27 | CVE-2023-0833 | Information Exposure Through an Error Message vulnerability in multiple products A flaw was found in Red Hat's AMQ-Streams, which ships a version of the OKHttp component with an information disclosure flaw via an exception triggered by a header containing an illegal value. | 5.5 |