Vulnerabilities > Redhat > Software Collections > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-12-10 CVE-2023-5868 A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments.
network
low complexity
postgresql redhat
4.3
2023-12-10 CVE-2023-5870 A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher.
network
high complexity
postgresql redhat
4.4
2023-11-02 CVE-2022-4900 Out-of-bounds Write vulnerability in multiple products
A vulnerability was found in PHP where setting the environment variable PHP_CLI_SERVER_WORKERS to a large value leads to a heap buffer overflow.
local
low complexity
php redhat CWE-787
5.5
2023-06-09 CVE-2023-2455 Row security policies disregard user ID changes after inlining; PostgreSQL could permit incorrect policies to be applied in certain cases where role-specific policies are used and a given query is planned under one role and then executed under other roles.
network
low complexity
postgresql redhat fedoraproject
5.4
2023-03-23 CVE-2023-0056 Resource Exhaustion vulnerability in multiple products
An uncontrolled resource consumption vulnerability was discovered in HAProxy which could crash the service.
network
low complexity
haproxy redhat fedoraproject CWE-400
6.5
2022-08-24 CVE-2021-4189 Unchecked Return Value vulnerability in multiple products
A flaw was found in Python, specifically in the FTP (File Transfer Protocol) client library in PASV (passive) mode.
network
low complexity
python debian redhat netapp CWE-252
5.3
2022-03-02 CVE-2021-3677 A flaw was found in postgresql.
network
low complexity
postgresql redhat fedoraproject
6.5
2021-10-04 CVE-2021-32672 Out-of-bounds Read vulnerability in multiple products
Redis is an open source, in-memory database that persists on disk.
4.3
2021-05-20 CVE-2021-3426 Path Traversal vulnerability in multiple products
There's a flaw in Python 3's pydoc.
5.7
2021-04-01 CVE-2021-3393 An information leak was discovered in postgresql in versions before 13.2, before 12.6 and before 11.11.
network
low complexity
postgresql redhat
4.3