| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2023-7008 | Systemd-resolved: unsigned name response in signed zone is not refused when dnssec=yes | Red Hat | Red Hat Enterprise Linux 8 | Medium | 5.9 | 2023-12-23 13:00:51 | Deep Dive |
| CVE-2023-7042 | Kernel: null pointer dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() | Red Hat | Red Hat Enterprise Linux 6 | Medium | 4.4 | 2023-12-21 20:02:16 | Deep Dive |
| CVE-2023-6546 | Kernel: gsm multiplexing race condition leads to privilege escalation | Red Hat | Red Hat Enterprise Linux 8 | High | 7.0 | 2023-12-21 20:01:03 | Deep Dive |
| CVE-2023-2585 | Keycloak: client access via device auth request spoof | Red Hat | Red Hat Single Sign-On 7 | Low | 3.5 | 2023-12-21 09:24:17 | Deep Dive |
| CVE-2023-6918 | Libssh: missing checks for return values for digests | Red Hat | Red Hat Enterprise Linux 8 | Low | 3.7 | 2023-12-18 23:27:49 | Deep Dive |
| CVE-2023-6927 | Keycloak: open redirect via "form_post.jwt" jarm response mode | Red Hat | Red Hat build of Keycloak 22 | Medium | 4.6 | 2023-12-18 22:59:07 | Deep Dive |
| CVE-2023-5384 | Infinispan: credentials returned from configuration as clear text | Red Hat | Red Hat Data Grid 8.4.6 | High | 7.2 | 2023-12-18 13:43:09 | Deep Dive |
| CVE-2023-6228 | Libtiff: heap-based buffer overflow in cpstriptotile() in tools/tiffcp.c | Red Hat | Red Hat Enterprise Linux 8 | Low | 3.3 | 2023-12-18 13:43:09 | Deep Dive |
| CVE-2023-3628 | Infispan: rest bulk ops don't check permissions | Red Hat | Red Hat Data Grid 8.4.4 | Medium | 6.5 | 2023-12-18 13:43:08 | Deep Dive |
| CVE-2023-3629 | Infinispan: non-admins should not be able to get cache config via rest api | Red Hat | Red Hat Data Grid 8.4.4 | Medium | 4.3 | 2023-12-18 13:43:08 | Deep Dive |
| CVE-2023-4320 | Satellite: arithmetic overflow in satellite | Red Hat | Red Hat Satellite 6.15 for RHEL 8 | High | 7.6 | 2023-12-18 13:43:08 | Deep Dive |
| CVE-2023-47038 | Perl: write past buffer end via illegal user-defined unicode property | - | - | High | 7.0 | 2023-12-18 13:43:08 | Deep Dive |
| CVE-2023-5056 | Skupper-operator: privelege escalation via config map | Red Hat | Service Interconnect 1 for RHEL 9 | Medium | 6.8 | 2023-12-18 13:43:08 | Deep Dive |
| CVE-2023-5115 | Ansible: malicious role archive can cause ansible-galaxy to overwrite arbitrary files | Red Hat | Red Hat Ansible Automation Platform 2.3 for RHEL 8 | Medium | 6.3 | 2023-12-18 13:43:08 | Deep Dive |
| CVE-2023-5236 | Infinispan: circular reference on marshalling leads to dos | Red Hat | Red Hat Data Grid 8.4.4 | Medium | 4.4 | 2023-12-18 13:43:08 | Deep Dive |
| CVE-2023-6134 | Keycloak: reflected xss via wildcard in oidc redirect_uri | Red Hat | Red Hat build of Keycloak 22 | Medium | 4.6 | 2023-12-14 21:42:12 | Deep Dive |
| CVE-2023-6563 | Keycloak: offline session token dos | Red Hat | Red Hat Single Sign-On 7.6 for RHEL 7 | High | 7.7 | 2023-12-14 18:01:26 | Deep Dive |
| CVE-2023-6377 | Xorg-x11-server: out-of-bounds memory reads/writes in xkb button actions | Red Hat | Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION | High | 7.8 | 2023-12-13 06:27:41 | Deep Dive |
| CVE-2023-6478 | Xorg-x11-server: out-of-bounds memory read in rrchangeoutputproperty and rrchangeproviderproperty | Red Hat | Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION | High | 7.6 | 2023-12-13 06:27:41 | Deep Dive |
| CVE-2023-6710 | Mod_cluster/mod_proxy_cluster: stored cross site scripting | Red Hat | JBoss Core Services for RHEL 8 | Medium | 5.4 | 2023-12-12 22:01:34 | Deep Dive |