Vulnerabilities > Redhat

DATE CVE VULNERABILITY TITLE RISK
2023-09-18 CVE-2023-4527 Out-of-bounds Read vulnerability in multiple products
A flaw was found in glibc.
network
high complexity
gnu redhat fedoraproject netapp CWE-125
6.5
2023-09-18 CVE-2023-4806 Use After Free vulnerability in multiple products
A flaw was found in glibc.
network
high complexity
gnu redhat fedoraproject CWE-416
5.9
2023-09-15 CVE-2022-3261 Cleartext Transmission of Sensitive Information vulnerability in Redhat Openstack Platform 16.2
A flaw was found in OpenStack.
network
low complexity
redhat CWE-319
7.5
2023-09-15 CVE-2023-0813 Improper Authentication vulnerability in Redhat Network Observability 1.0
A flaw was found in the Network Observability plugin for OpenShift console.
network
low complexity
redhat CWE-287
7.5
2023-09-15 CVE-2023-0923 Missing Authorization vulnerability in Redhat Openshift Data Science
A flaw was found in the Kubernetes service for notebooks in RHODS, where it does not prevent pods from other namespaces and applications from making requests to the Jupyter API.
network
low complexity
redhat CWE-862
critical
9.8
2023-09-15 CVE-2022-3466 Incorrect Default Permissions vulnerability in multiple products
The version of cri-o as released for Red Hat OpenShift Container Platform 4.9.48, 4.10.31, and 4.11.6 via RHBA-2022:6316, RHBA-2022:6257, and RHBA-2022:6658, respectively, included an incorrect version of cri-o missing the fix for CVE-2022-27652, which was previously fixed in OCP 4.9.41 and 4.10.12 via RHBA-2022:5433 and RHSA-2022:1600.
local
low complexity
kubernetes redhat CWE-276
5.3
2023-09-15 CVE-2023-4959 Cross-Site Request Forgery (CSRF) vulnerability in Redhat Quay 3.0.0
A flaw was found in Quay.
network
low complexity
redhat CWE-352
6.5
2023-09-14 CVE-2023-1108 Infinite Loop vulnerability in multiple products
A flaw was found in undertow.
network
low complexity
redhat netapp CWE-835
7.5
2023-09-13 CVE-2023-2680 Use After Free vulnerability in multiple products
This CVE exists because of an incomplete fix for CVE-2021-3750.
local
low complexity
qemu redhat CWE-416
8.2
2023-09-13 CVE-2023-3255 Infinite Loop vulnerability in multiple products
A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages.
network
low complexity
qemu redhat fedoraproject CWE-835
6.5