Vulnerabilities > Redhat

DATE CVE VULNERABILITY TITLE RISK
2024-01-12 CVE-2024-23301 Relax-and-Recover (aka ReaR) through 2.7 creates a world-readable initrd when using GRUB_RESCUE=y. 5.5
2024-01-12 CVE-2023-6683 NULL Pointer Dereference vulnerability in multiple products
A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages.
network
low complexity
qemu redhat CWE-476
6.5
2024-01-12 CVE-2024-0443 Exposure of Resource to Wrong Sphere vulnerability in multiple products
A flaw was found in the blkgs destruction path in block/blk-cgroup.c in the Linux kernel, leading to a cgroup blkio memory leakage problem.
local
low complexity
linux redhat fedoraproject CWE-668
5.5
2024-01-10 CVE-2023-5455 Cross-Site Request Forgery (CSRF) vulnerability in multiple products
A Cross-site request forgery vulnerability exists in ipa/session/login_password in all supported versions of IPA.
network
low complexity
freeipa fedoraproject redhat CWE-352
6.5
2024-01-09 CVE-2023-6476 Allocation of Resources Without Limits or Throttling vulnerability in Redhat Openshift Container Platform 3.11/4.13/4.14
A flaw was found in CRI-O that involves an experimental annotation leading to a container being unconfined.
network
low complexity
redhat CWE-770
7.5
2024-01-08 CVE-2021-3600 Out-of-bounds Write vulnerability in multiple products
It was discovered that the eBPF implementation in the Linux kernel did not properly track bounds information for 32 bit registers when performing div and mod operations.
local
low complexity
linux canonical fedoraproject redhat CWE-787
7.8
2024-01-04 CVE-2023-6944 Information Exposure Through an Error Message vulnerability in multiple products
A flaw was found in the Red Hat Developer Hub (RHDH).
network
low complexity
redhat linuxfoundation CWE-209
5.7
2024-01-03 CVE-2023-6004 Injection vulnerability in multiple products
A flaw was found in libssh.
local
low complexity
libssh redhat fedoraproject CWE-74
4.8
2024-01-03 CVE-2024-0217 Use After Free vulnerability in multiple products
A use-after-free flaw was found in PackageKitd.
3.3
2024-01-02 CVE-2023-7192 Memory Leak vulnerability in multiple products
A memory leak problem was found in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c in the Linux Kernel.
local
low complexity
linux redhat CWE-401
4.4