Vulnerabilities > Redhat

DATE CVE VULNERABILITY TITLE RISK
2022-11-29 CVE-2022-4144 Out-of-bounds Read vulnerability in multiple products
An out-of-bounds read flaw was found in the QXL display device emulation in QEMU.
local
low complexity
qemu fedoraproject redhat CWE-125
6.5
2022-11-22 CVE-2022-3500 Uncaught Exception vulnerability in multiple products
A vulnerability was found in keylime.
local
high complexity
keylime redhat fedoraproject CWE-248
5.1
2022-11-22 CVE-2022-4116 Code Injection vulnerability in Redhat Build of Quarkus
A vulnerability was found in quarkus.
network
low complexity
redhat CWE-94
critical
9.8
2022-11-08 CVE-2022-3821 Off-by-one Error vulnerability in multiple products
An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c.
5.5
2022-11-03 CVE-2022-3675 Missing Authorization vulnerability in Redhat Fedora Coreos 36.20220820.3.0
Fedora CoreOS supports setting a GRUB bootloader password using a Butane config.
local
low complexity
redhat CWE-862
5.5
2022-10-28 CVE-2022-3697 Unspecified vulnerability in Redhat Ansible and Ansible Collection
A flaw was found in Ansible in the amazon.aws collection when using the tower_callback parameter from the amazon.aws.ec2_instance module.
network
low complexity
redhat
7.5
2022-10-25 CVE-2022-3644 Insufficiently Protected Credentials vulnerability in multiple products
The collection remote for pulp_ansible stores tokens in plaintext instead of using pulp's encrypted field and exposes them in read/write mode via the API () instead of marking it as write only.
local
low complexity
pulpproject redhat CWE-522
5.5
2022-10-19 CVE-2013-4253 Exposure of Resource to Wrong Sphere vulnerability in Redhat Openshift 1.0
The deployment script in the unsupported "OpenShift Extras" set of add-on scripts, in Red Hat Openshift 1, installs a default public key in the root user's authorized_keys file.
network
low complexity
redhat CWE-668
7.5
2022-10-19 CVE-2013-4281 Incorrect Default Permissions vulnerability in Redhat Openshift 1.0
In Red Hat Openshift 1, weak default permissions are applied to the /etc/openshift/server_priv.pem file on the broker server, which could allow users with local access to the broker to read this file.
local
low complexity
redhat CWE-276
5.5
2022-10-19 CVE-2022-1414 Improper Input Validation vulnerability in Redhat 3Scale API Management 2.0
3scale API Management 2 does not perform adequate sanitation for user input in multiple fields.
network
low complexity
redhat CWE-20
8.8