Vulnerabilities > Redhat > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-04 | CVE-2024-7012 | Improper Authentication vulnerability in Redhat Satellite 6.13/6.14/6.15 An authentication bypass vulnerability has been identified in Foreman when deployed with External Authentication, due to the puppet-foreman configuration. | 9.8 |
| 2024-09-04 | CVE-2024-7923 | Improper Authentication vulnerability in Redhat Satellite 6.13/6.14/6.15 An authentication bypass vulnerability has been identified in Pulpcore when deployed with Gunicorn versions prior to 22.0, due to the puppet-pulpcore configuration. | 9.8 |
| 2024-02-14 | CVE-2024-1485 | Path Traversal vulnerability in multiple products A flaw was found in the decompression function of registry-support. | 9.3 |
| 2024-01-18 | CVE-2023-6816 | Out-of-bounds Write vulnerability in multiple products A flaw was found in X.Org server. | 9.8 |
| 2023-12-09 | CVE-2023-6394 | Missing Authorization vulnerability in multiple products A flaw was found in Quarkus. | 9.1 |
| 2023-11-03 | CVE-2023-3961 | Path Traversal vulnerability in multiple products A path traversal vulnerability was identified in Samba when processing client pipe names connecting to Unix domain sockets within a private directory. | 9.8 |
| 2023-09-22 | CVE-2022-4039 | Incorrect Default Permissions vulnerability in Redhat products A flaw was found in Red Hat Single Sign-On for OpenShift container images, which are configured with an unsecured management interface enabled. | 9.8 |
| 2023-09-22 | CVE-2022-3874 | OS Command Injection vulnerability in multiple products A command injection flaw was found in foreman. | 9.1 |
| 2023-09-20 | CVE-2023-0118 | OS Command Injection vulnerability in multiple products An arbitrary code execution flaw was found in Foreman. | 9.1 |
| 2023-09-20 | CVE-2023-0462 | Code Injection vulnerability in multiple products An arbitrary code execution flaw was found in Foreman. | 9.1 |