Vulnerabilities > Redhat
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-02 | CVE-2024-0193 | Use After Free vulnerability in multiple products A use-after-free flaw was found in the netfilter subsystem of the Linux kernel. | 6.7 |
| 2024-01-02 | CVE-2023-6693 | Out-of-bounds Write vulnerability in multiple products A stack based buffer overflow was found in the virtio-net device of QEMU. | 5.3 |
| 2023-12-27 | CVE-2023-3171 | Allocation of Resources Without Limits or Throttling vulnerability in Redhat Jboss Enterprise Application Platform 7.4 A flaw was found in EAP-7 during deserialization of certain classes, which permits instantiation of HashMap and HashTable with no checks on resources consumed. | 7.5 |
| 2023-12-27 | CVE-2023-4641 | Improper Authentication vulnerability in multiple products A flaw was found in shadow-utils. | 5.5 |
| 2023-12-24 | CVE-2023-51767 | OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. | 7.0 |
| 2023-12-24 | CVE-2023-51765 | Insufficient Verification of Data Authenticity vulnerability in multiple products sendmail through 8.17.2 allows SMTP smuggling in certain configurations. | 5.3 |
| 2023-12-24 | CVE-2023-51764 | Insufficient Verification of Data Authenticity vulnerability in multiple products Postfix through 3.8.5 allows SMTP smuggling unless configured with smtpd_data_restrictions=reject_unauth_pipelining and smtpd_discard_ehlo_keywords=chunking (or certain other options that exist in recent versions). | 5.3 |
| 2023-12-21 | CVE-2023-6546 | Race Condition vulnerability in multiple products A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. | 7.0 |
| 2023-12-21 | CVE-2023-2585 | Unspecified vulnerability in Redhat products Keycloak's device authorization grant does not correctly validate the device code and client ID. | 8.1 |
| 2023-12-19 | CVE-2023-6918 | Unchecked Return Value vulnerability in multiple products A flaw was found in the libssh implements abstract layer for message digest (MD) operations implemented by different supported crypto backends. | 5.3 |