Vulnerabilities > Redhat > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-12-18 CVE-2023-5236 A flaw was found in Infinispan, which does not detect circular object references when unmarshalling.
network
low complexity
redhat infinispan
6.5
2023-12-14 CVE-2023-6134 Cross-site Scripting vulnerability in Redhat products
A flaw was found in Keycloak that prevents certain schemes in redirects, but permits them if a wildcard is appended to the token.
network
low complexity
redhat CWE-79
5.4
2023-12-12 CVE-2023-6710 Cross-site Scripting vulnerability in multiple products
A flaw was found in the mod_proxy_cluster in the Apache server.
network
low complexity
redhat modcluster CWE-79
5.4
2023-12-12 CVE-2023-4958 Unspecified vulnerability in Redhat Advanced Cluster Security 3.0/4.0
In Red Hat Advanced Cluster Security (RHACS), it was found that some security related HTTP headers were missing, allowing an attacker to exploit this with a clickjacking attack.
network
low complexity
redhat
6.1
2023-12-11 CVE-2023-6679 NULL Pointer Dereference vulnerability in multiple products
A null pointer dereference vulnerability was found in dpll_pin_parent_pin_set() in drivers/dpll/dpll_netlink.c in the Digital Phase Locked Loop (DPLL) subsystem in the Linux kernel.
local
low complexity
linux fedoraproject redhat CWE-476
5.5
2023-12-10 CVE-2023-5868 A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments.
network
low complexity
postgresql redhat
4.3
2023-12-10 CVE-2023-5870 A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher.
network
high complexity
postgresql redhat
4.4
2023-12-08 CVE-2023-6622 NULL Pointer Dereference vulnerability in multiple products
A null pointer dereference vulnerability was found in nft_dynset_init() in net/netfilter/nft_dynset.c in nf_tables in the Linux kernel.
local
low complexity
linux redhat CWE-476
5.5
2023-12-06 CVE-2023-6393 Unspecified vulnerability in Redhat Build of Quarkus
A flaw was found in the Quarkus Cache Runtime.
network
high complexity
redhat
5.3
2023-11-28 CVE-2023-5981 Information Exposure Through Discrepancy vulnerability in multiple products
A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding.
network
high complexity
gnu redhat fedoraproject CWE-203
5.9