| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2023-3628 | Infispan: rest bulk ops don't check permissions | Red Hat | Red Hat Data Grid 8.4.4 | Medium | 6.5 | 2023-12-18 13:43:08 | Deep Dive |
| CVE-2023-3629 | Infinispan: non-admins should not be able to get cache config via rest api | Red Hat | Red Hat Data Grid 8.4.4 | Medium | 4.3 | 2023-12-18 13:43:08 | Deep Dive |
| CVE-2023-4320 | Satellite: arithmetic overflow in satellite | Red Hat | Red Hat Satellite 6.15 for RHEL 8 | High | 7.6 | 2023-12-18 13:43:08 | Deep Dive |
| CVE-2023-47038 | Perl: write past buffer end via illegal user-defined unicode property | - | - | High | 7.0 | 2023-12-18 13:43:08 | Deep Dive |
| CVE-2023-5056 | Skupper-operator: privelege escalation via config map | Red Hat | Service Interconnect 1 for RHEL 9 | Medium | 6.8 | 2023-12-18 13:43:08 | Deep Dive |
| CVE-2023-5115 | Ansible: malicious role archive can cause ansible-galaxy to overwrite arbitrary files | Red Hat | Red Hat Ansible Automation Platform 2.3 for RHEL 8 | Medium | 6.3 | 2023-12-18 13:43:08 | Deep Dive |
| CVE-2023-5236 | Infinispan: circular reference on marshalling leads to dos | Red Hat | Red Hat Data Grid 8.4.4 | Medium | 4.4 | 2023-12-18 13:43:08 | Deep Dive |
| CVE-2023-6134 | Keycloak: reflected xss via wildcard in oidc redirect_uri | Red Hat | Red Hat build of Keycloak 22 | Medium | 4.6 | 2023-12-14 21:42:12 | Deep Dive |
| CVE-2023-6563 | Keycloak: offline session token dos | Red Hat | Red Hat Single Sign-On 7.6 for RHEL 7 | High | 7.7 | 2023-12-14 18:01:26 | Deep Dive |
| CVE-2023-6377 | Xorg-x11-server: out-of-bounds memory reads/writes in xkb button actions | Red Hat | Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION | High | 7.8 | 2023-12-13 06:27:41 | Deep Dive |
| CVE-2023-6478 | Xorg-x11-server: out-of-bounds memory read in rrchangeoutputproperty and rrchangeproviderproperty | Red Hat | Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION | High | 7.6 | 2023-12-13 06:27:41 | Deep Dive |
| CVE-2023-6710 | Mod_cluster/mod_proxy_cluster: stored cross site scripting | Red Hat | JBoss Core Services for RHEL 8 | Medium | 5.4 | 2023-12-12 22:01:34 | Deep Dive |
| CVE-2023-5764 | Ansible: template injection | Red Hat | Red Hat Ansible Automation Platform 2.4 for RHEL 8 | High | 7.1 | 2023-12-12 22:01:33 | Deep Dive |
| CVE-2023-5379 | Undertow: ajp request closes connection exceeding maxrequestsize | Red Hat | Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 | High | 7.5 | 2023-12-12 21:54:53 | Deep Dive |
| CVE-2023-4958 | Stackrox: missing http security headers allows for clickjacking in web ui | Red Hat | Red Hat Advanced Cluster Security 4.2 | Medium | 6.1 | 2023-12-12 10:02:34 | Deep Dive |
| CVE-2023-6679 | Kernel: null pointer dereference in dpll_pin_parent_pin_set() in drivers/dpll/dpll_netlink.c | Red Hat | Red Hat Enterprise Linux 9 | Medium | 5.5 | 2023-12-11 18:31:29 | Deep Dive |
| CVE-2023-5870 | Postgresql: role pg_signal_backend can signal certain superuser processes. | Red Hat | Red Hat Advanced Cluster Security 4.2 | Low | 2.2 | 2023-12-10 17:58:30 | Deep Dive |
| CVE-2023-5868 | Postgresql: memory disclosure in aggregate function calls | Red Hat | Red Hat Advanced Cluster Security 4.2 | Medium | 4.3 | 2023-12-10 17:56:57 | Deep Dive |
| CVE-2023-5869 | Postgresql: buffer overrun from integer overflow in array modification | Red Hat | Red Hat Advanced Cluster Security 4.2 | High | 8.8 | 2023-12-10 17:56:57 | Deep Dive |
| CVE-2023-6394 | Quarkus: graphql operations over websockets bypass | Red Hat | Red Hat build of Quarkus 2.13.9.Final | High | 7.4 | 2023-12-09 01:26:53 | Deep Dive |