High

DATE	CVE	VULNERABILITY TITLE	RISK
2023-11-01	CVE-2023-3972	Exposure of Resource to Wrong Sphere vulnerability in Redhat products A vulnerability was found in insights-client. local low complexity redhat CWE-668	7.8
2023-11-01	CVE-2023-5625	Unspecified vulnerability in Redhat products A regression was introduced in the Red Hat build of python-eventlet due to a change in the patch application strategy, resulting in a patch for CVE-2021-21419 not being applied for all builds of all products. network low complexity redhat	7.5
2023-10-25	CVE-2023-5367	Out-of-bounds Write vulnerability in multiple products A out-of-bounds write flaw was found in the xorg-x11-server. local low complexity x-org redhat fedoraproject debian CWE-787	7.8
2023-10-25	CVE-2023-5574	Use After Free vulnerability in multiple products A use-after-free flaw was found in xorg-x11-server-Xvfb. local high complexity x-org redhat CWE-416	7.0
2023-10-25	CVE-2023-4692	Out-of-bounds Write vulnerability in multiple products An out-of-bounds write flaw was found in grub2's NTFS filesystem driver. local low complexity gnu redhat CWE-787	7.8
2023-10-23	CVE-2023-5633	Use After Free vulnerability in multiple products The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. local low complexity linux redhat CWE-416	7.8
2023-10-13	CVE-2023-5557	A flaw was found in the tracker-miners package. local high complexity gnome redhat	7.7
2023-10-10	CVE-2023-44487	Resource Exhaustion vulnerability in multiple products The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. network low complexity ietf nghttp2 netty envoyproxy eclipse caddyserver golang f5 apache apple grpc microsoft nodejs dena facebook amazon debian kazu-yamamoto istio varnish-cache-project traefik projectcontour linkerd linecorp redhat fedoraproject netapp akka konghq jenkins openresty cisco CWE-400	7.5
2023-10-10	CVE-2023-43787	Integer Overflow or Wraparound vulnerability in multiple products A vulnerability was found in libX11 due to an integer overflow within the XCreateImage() function. local low complexity x-org redhat fedoraproject CWE-190	7.8
2023-10-05	CVE-2022-3248	Incorrect Authorization vulnerability in Redhat products A flaw was found in OpenShift API, as admission checks do not enforce "custom-host" permissions. network low complexity redhat CWE-863	7.5