High

DATE	CVE	VULNERABILITY TITLE	RISK
2024-02-06	CVE-2023-4503	Improper Initialization vulnerability in Redhat products An improper initialization vulnerability was found in Galleon. network low complexity redhat CWE-665	7.5
2024-02-05	CVE-2023-50781	Information Exposure Through Discrepancy vulnerability in multiple products A flaw was found in m2crypto. network low complexity redhat m2crypto-project CWE-203	7.5
2024-02-05	CVE-2023-50782	Information Exposure Through Discrepancy vulnerability in multiple products A flaw was found in the python-cryptography package. network low complexity redhat cryptography-io couchbase CWE-203	7.5
2024-01-31	CVE-2024-1086	Use After Free vulnerability in multiple products A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cause a double free vulnerability when NF_DROP is issued with a drop error which resembles NF_ACCEPT. We recommend upgrading past commit f342de4e2f33e0e39165d8639387aa6c19dff660. local low complexity linux fedoraproject redhat debian netapp CWE-416	7.8
2024-01-29	CVE-2023-40548	Integer Overflow or Wraparound vulnerability in multiple products A buffer overflow was found in Shim in the 32-bit system. local high complexity redhat fedoraproject CWE-190	7.4
2024-01-28	CVE-2024-0841	NULL Pointer Dereference vulnerability in multiple products A null pointer dereference flaw was found in the hugetlbfs_fill_super function in the Linux kernel hugetlbfs (HugeTLB pages) functionality. local low complexity linux redhat CWE-476	7.8
2024-01-26	CVE-2023-6291	Open Redirect vulnerability in Redhat products A flaw was found in the redirect_uri validation logic in Keycloak. network low complexity redhat CWE-601	7.1
2024-01-25	CVE-2023-52355	Out-of-bounds Write vulnerability in multiple products An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFRasterScanlineSize64() API. network low complexity libtiff redhat CWE-787	7.5
2024-01-25	CVE-2023-52356	Out-of-bounds Write vulnerability in multiple products A segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt() API. network low complexity libtiff redhat CWE-787	7.5
2024-01-25	CVE-2023-40547	Out-of-bounds Write vulnerability in Redhat Enterprise Linux and Shim A remote code execution vulnerability was found in Shim. high complexity redhat CWE-787	8.3