Vulnerabilities > Redhat

DATE CVE VULNERABILITY TITLE RISK
2023-09-24 CVE-2023-1636 A vulnerability was found in OpenStack Barbican containers.
network
low complexity
openstack redhat
5.0
2023-09-23 CVE-2022-3962 A content spoofing vulnerability was found in Kiali.
network
low complexity
kiali redhat
4.3
2023-09-22 CVE-2022-4039 Incorrect Default Permissions vulnerability in Redhat products
A flaw was found in Red Hat Single Sign-On for OpenShift container images, which are configured with an unsecured management interface enabled.
network
low complexity
redhat CWE-276
critical
9.8
2023-09-22 CVE-2022-3874 OS Command Injection vulnerability in multiple products
A command injection flaw was found in foreman.
network
low complexity
redhat theforeman CWE-78
critical
9.1
2023-09-20 CVE-2022-3596 Unspecified vulnerability in Redhat Openstack Platform 13.0
An information leak was found in OpenStack's undercloud.
network
low complexity
redhat
7.5
2023-09-20 CVE-2022-3916 Insufficient Session Expiration vulnerability in Redhat products
A flaw was found in the offline_access scope in Keycloak.
network
high complexity
redhat CWE-613
6.8
2023-09-20 CVE-2022-1438 Cross-site Scripting vulnerability in Redhat Keycloak
A flaw was found in Keycloak.
network
low complexity
redhat CWE-79
4.8
2023-09-20 CVE-2023-0118 OS Command Injection vulnerability in multiple products
An arbitrary code execution flaw was found in Foreman.
network
low complexity
theforeman redhat CWE-78
critical
9.1
2023-09-20 CVE-2023-0462 Code Injection vulnerability in multiple products
An arbitrary code execution flaw was found in Foreman.
network
low complexity
theforeman redhat CWE-94
critical
9.1
2023-09-20 CVE-2023-4853 Incorrect Authorization vulnerability in multiple products
A flaw was found in Quarkus where HTTP security policies are not sanitizing certain character permutations correctly when accepting requests, resulting in incorrect evaluation of permissions.
network
high complexity
quarkus redhat CWE-863
8.1