Vulnerabilities > Redhat > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-01-29 CVE-2023-40546 NULL Pointer Dereference vulnerability in multiple products
A flaw was found in Shim when an error happened while creating a new ESL variable.
local
low complexity
redhat fedoraproject CWE-476
5.5
2024-01-29 CVE-2023-40549 Out-of-bounds Read vulnerability in multiple products
An out-of-bounds read flaw was found in Shim due to the lack of proper boundary verification during the load of a PE binary.
local
low complexity
redhat fedoraproject CWE-125
5.5
2024-01-29 CVE-2023-40550 Out-of-bounds Read vulnerability in multiple products
An out-of-bounds read flaw was found in Shim when it tried to validate the SBAT information.
local
low complexity
redhat fedoraproject CWE-125
5.5
2024-01-29 CVE-2023-40551 Out-of-bounds Read vulnerability in multiple products
A flaw was found in the MZ binary format in Shim.
local
low complexity
redhat fedoraproject CWE-125
5.1
2024-01-18 CVE-2024-0408 A flaw was found in the X.Org server.
local
low complexity
x-org tigervnc redhat fedoraproject
5.5
2024-01-18 CVE-2024-0607 A flaw was found in the Netfilter subsystem in the Linux kernel.
local
low complexity
linux fedoraproject redhat
6.6
2024-01-17 CVE-2024-0639 Improper Locking vulnerability in multiple products
A denial of service vulnerability due to a deadlock was found in sctp_auto_asconf_init in net/sctp/socket.c in the Linux kernel’s SCTP subsystem.
local
low complexity
linux redhat CWE-667
5.5
2024-01-17 CVE-2024-0641 Improper Locking vulnerability in multiple products
A denial of service vulnerability was found in tipc_crypto_key_revoke in net/tipc/crypto.c in the Linux kernel’s TIPC subsystem.
local
low complexity
linux redhat CWE-667
5.5
2024-01-16 CVE-2024-0232 Use After Free vulnerability in multiple products
A heap use-after-free issue has been identified in SQLite in the jsonParseAddNodeArray() function in sqlite3.c.
local
low complexity
sqlite redhat fedoraproject CWE-416
5.5
2024-01-15 CVE-2023-4001 Authentication Bypass by Spoofing vulnerability in multiple products
An authentication bypass flaw was found in GRUB due to the way that GRUB uses the UUID of a device to search for the configuration file that contains the password hash for the GRUB password protection feature.
low complexity
gnu redhat fedoraproject CWE-290
6.8