Vulnerabilities > Redhat > High

DATE CVE VULNERABILITY TITLE RISK
2023-10-04 CVE-2023-1832 Incorrect Authorization vulnerability in multiple products
An improper access control flaw was found in Candlepin.
network
low complexity
candlepinproject redhat CWE-863
8.1
2023-10-04 CVE-2023-3361 Cleartext Transmission of Sensitive Information vulnerability in multiple products
A flaw was found in Red Hat OpenShift Data Science.
network
low complexity
opendatahub redhat CWE-319
7.5
2023-10-04 CVE-2023-2422 Improper Certificate Validation vulnerability in Redhat products
A flaw was found in Keycloak.
network
low complexity
redhat CWE-295
7.1
2023-10-04 CVE-2023-4586 Improper Certificate Validation vulnerability in multiple products
A vulnerability was found in the Hot Rod client.
network
high complexity
redhat infinispan CWE-295
7.4
2023-10-03 CVE-2023-4911 Out-of-bounds Write vulnerability in multiple products
A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable.
7.8
2023-09-30 CVE-2023-44488 Improper Handling of Exceptional Conditions vulnerability in multiple products
VP9 in libvpx before 1.13.1 mishandles widths, leading to a crash related to encoding.
network
low complexity
webmproject redhat debian fedoraproject CWE-755
7.5
2023-09-28 CVE-2023-5217 Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
8.8
2023-09-27 CVE-2023-5157 A vulnerability was found in MariaDB.
network
low complexity
mariadb fedoraproject redhat
7.5
2023-09-27 CVE-2023-3223 Unspecified vulnerability in Redhat products
A flaw was found in undertow.
network
low complexity
redhat
7.5
2023-09-27 CVE-2023-0456 Missing Authorization vulnerability in Redhat Apicast 2.0.0
A flaw was found in APICast, when 3Scale's OIDC module does not properly evaluate the response to a mismatched token from a separate realm.
network
low complexity
redhat CWE-862
7.5