Vulnerabilities > Redhat > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-11-06 CVE-2023-42669 A vulnerability was found in Samba's "rpcecho" development server, a non-Windows RPC server used to test Samba's DCE/RPC stack elements.
network
low complexity
samba redhat
6.5
6.5
2023-11-03 CVE-2023-46846 HTTP Request Smuggling vulnerability in multiple products
SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems.
network
low complexity
squid-cache redhat CWE-444
5.3
5.3
2023-11-03 CVE-2023-4091 Incorrect Default Permissions vulnerability in multiple products
A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "acl_xattr" is configured with "acl_xattr:ignore system acls = yes".
network
low complexity
samba fedoraproject redhat CWE-276
6.5
6.5
2023-11-02 CVE-2022-4900 Out-of-bounds Write vulnerability in multiple products
A vulnerability was found in PHP where setting the environment variable PHP_CLI_SERVER_WORKERS to a large value leads to a heap buffer overflow.
local
low complexity
php redhat CWE-787
5.5
5.5
2023-11-02 CVE-2023-38473 Reachable Assertion vulnerability in multiple products
A vulnerability was found in Avahi.
local
low complexity
avahi redhat CWE-617
5.5
5.5
2023-11-02 CVE-2023-38469 Reachable Assertion vulnerability in multiple products
A vulnerability was found in Avahi, where a reachable assertion exists in avahi_dns_packet_append_record.
local
low complexity
avahi redhat CWE-617
5.5
5.5
2023-11-02 CVE-2023-38470 Reachable Assertion vulnerability in multiple products
A vulnerability was found in Avahi.
local
low complexity
avahi redhat CWE-617
5.5
5.5
2023-11-02 CVE-2023-38471 Reachable Assertion vulnerability in multiple products
A vulnerability was found in Avahi.
local
low complexity
avahi redhat CWE-617
5.5
5.5
2023-11-02 CVE-2023-38472 Reachable Assertion vulnerability in multiple products
A vulnerability was found in Avahi.
local
low complexity
avahi redhat CWE-617
5.5
5.5
2023-11-02 CVE-2023-3164 Out-of-bounds Write vulnerability in multiple products
A heap-buffer-overflow vulnerability was found in LibTIFF, in extractImageSection() at tools/tiffcrop.c:7916 and tools/tiffcrop.c:7801.
local
low complexity
libtiff redhat CWE-787
5.5
5.5