Vulnerabilities > Redhat > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-12-18 | CVE-2023-5236 | A flaw was found in Infinispan, which does not detect circular object references when unmarshalling. | 6.5 |
2023-12-14 | CVE-2023-6134 | Cross-site Scripting vulnerability in Redhat products A flaw was found in Keycloak that prevents certain schemes in redirects, but permits them if a wildcard is appended to the token. | 5.4 |
2023-12-12 | CVE-2023-6710 | Cross-site Scripting vulnerability in multiple products A flaw was found in the mod_proxy_cluster in the Apache server. | 5.4 |
2023-12-12 | CVE-2023-4958 | Unspecified vulnerability in Redhat Advanced Cluster Security 3.0/4.0 In Red Hat Advanced Cluster Security (RHACS), it was found that some security related HTTP headers were missing, allowing an attacker to exploit this with a clickjacking attack. | 6.1 |
2023-12-11 | CVE-2023-6679 | NULL Pointer Dereference vulnerability in multiple products A null pointer dereference vulnerability was found in dpll_pin_parent_pin_set() in drivers/dpll/dpll_netlink.c in the Digital Phase Locked Loop (DPLL) subsystem in the Linux kernel. | 5.5 |
2023-12-10 | CVE-2023-5868 | A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. | 4.3 |
2023-12-10 | CVE-2023-5870 | A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. | 4.4 |
2023-12-08 | CVE-2023-6622 | NULL Pointer Dereference vulnerability in multiple products A null pointer dereference vulnerability was found in nft_dynset_init() in net/netfilter/nft_dynset.c in nf_tables in the Linux kernel. | 5.5 |
2023-12-06 | CVE-2023-6393 | Unspecified vulnerability in Redhat Build of Quarkus A flaw was found in the Quarkus Cache Runtime. | 5.3 |
2023-11-28 | CVE-2023-5981 | Information Exposure Through Discrepancy vulnerability in multiple products A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding. | 5.9 |