Vulnerabilities > Redhat > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-12-08 | CVE-2023-6610 | Out-of-bounds Read vulnerability in multiple products An out-of-bounds read vulnerability was found in smb2_dump_detail in fs/smb/client/smb2ops.c in the Linux Kernel. | 7.1 |
2023-11-03 | CVE-2023-5088 | Improper Synchronization vulnerability in multiple products A bug in QEMU could cause a guest I/O operation otherwise addressed to an arbitrary disk offset to be targeted to offset 0 instead (potentially overwriting the VM's boot code). | 7.0 |
2023-11-03 | CVE-2023-1476 | Use After Free vulnerability in multiple products A use-after-free flaw was found in the Linux kernel’s mm/mremap memory address space accounting source code. | 7.0 |
2023-11-03 | CVE-2023-46847 | Classic Buffer Overflow vulnerability in multiple products Squid is vulnerable to a Denial of Service, where a remote attacker can perform buffer overflow attack by writing up to 2 MB of arbitrary data to heap memory when Squid is configured to accept HTTP Digest Authentication. | 7.5 |
2023-11-03 | CVE-2023-46848 | Incorrect Conversion between Numeric Types vulnerability in multiple products Squid is vulnerable to Denial of Service, where a remote attacker can perform DoS by sending ftp:// URLs in HTTP Request messages or constructing ftp:// URLs from FTP Native input. | 7.5 |
2023-11-03 | CVE-2023-5824 | Improper Handling of Exceptional Conditions vulnerability in multiple products A flaw was found in Squid. | 7.5 |
2023-11-02 | CVE-2023-5408 | Unspecified vulnerability in Redhat Openshift Container Platform A privilege escalation flaw was found in the node restriction admission plugin of the kubernetes api server of OpenShift. | 7.2 |
2023-11-01 | CVE-2023-5178 | Use After Free vulnerability in multiple products A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe/TCP subsystem in the Linux kernel. | 8.8 |
2023-11-01 | CVE-2023-3972 | Exposure of Resource to Wrong Sphere vulnerability in Redhat products A vulnerability was found in insights-client. | 7.8 |
2023-11-01 | CVE-2023-5625 | Resource Exhaustion vulnerability in Redhat products A regression was introduced in the Red Hat build of python-eventlet due to a change in the patch application strategy, resulting in a patch for CVE-2021-21419 not being applied for all builds of all products. | 7.5 |