Vulnerabilities > Redhat > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-12 | CVE-2023-6710 | Cross-site Scripting vulnerability in multiple products A flaw was found in the mod_proxy_cluster in the Apache server. | 5.4 |
| 2023-12-12 | CVE-2023-4958 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Redhat Advanced Cluster Security 3.0/4.0 In Red Hat Advanced Cluster Security (RHACS), it was found that some security related HTTP headers were missing, allowing an attacker to exploit this with a clickjacking attack. | 6.1 |
| 2023-12-11 | CVE-2023-6679 | NULL Pointer Dereference vulnerability in multiple products A null pointer dereference vulnerability was found in dpll_pin_parent_pin_set() in drivers/dpll/dpll_netlink.c in the Digital Phase Locked Loop (DPLL) subsystem in the Linux kernel. | 5.5 |
| 2023-12-10 | CVE-2023-5868 | A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. | 4.3 |
| 2023-12-10 | CVE-2023-5870 | A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. | 4.4 |
| 2023-12-08 | CVE-2023-6622 | NULL Pointer Dereference vulnerability in multiple products A null pointer dereference vulnerability was found in nft_dynset_init() in net/netfilter/nft_dynset.c in nf_tables in the Linux kernel. | 5.5 |
| 2023-12-06 | CVE-2023-6393 | Unspecified vulnerability in Redhat Build of Quarkus A flaw was found in the Quarkus Cache Runtime. | 5.3 |
| 2023-11-28 | CVE-2023-5981 | Information Exposure Through Discrepancy vulnerability in multiple products A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding. | 5.9 |
| 2023-11-27 | CVE-2023-5871 | Reachable Assertion vulnerability in Redhat Enterprise Linux and Libnbd A flaw was found in libnbd, due to a malicious Network Block Device (NBD), a protocol for accessing Block Devices such as hard disks over a Network. | 5.3 |
| 2023-11-16 | CVE-2023-6176 | NULL Pointer Dereference vulnerability in multiple products A null pointer dereference flaw was found in the Linux kernel API for the cryptographic algorithm scatterwalk functionality. | 4.7 |