Vulnerabilities > Redhat > Enterprise Linux Server > High

DATE CVE VULNERABILITY TITLE RISK
2023-02-01 CVE-2022-4254 sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters
network
low complexity
fedoraproject redhat
8.8
2022-09-29 CVE-2014-0144 Improper Input Validation vulnerability in multiple products
QEMU before 2.0.0 block drivers for CLOOP, QCOW2 version 2 and various other image formats are vulnerable to potential memory corruptions, integer/buffer overflows or crash caused by missing input validations which could allow a remote user to execute arbitrary code on the host with the privileges of the QEMU process.
local
low complexity
qemu redhat CWE-20
8.6
2022-09-01 CVE-2022-2738 The version of podman as released for Red Hat Enterprise Linux 7 Extras via RHSA-2022:2190 advisory included an incorrect version of podman missing the fix for CVE-2020-8945, which was previously fixed via RHSA-2020:2117.
network
high complexity
redhat podman-project
7.5
2022-04-29 CVE-2022-1227 Improper Privilege Management vulnerability in multiple products
A privilege escalation flaw was found in Podman.
8.8
2022-03-25 CVE-2022-0330 A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU.
local
low complexity
linux redhat fedoraproject netapp
7.8
2022-03-04 CVE-2021-3656 Missing Authorization vulnerability in multiple products
A flaw was found in the KVM's AMD code for supporting SVM nested virtualization.
local
low complexity
linux fedoraproject redhat CWE-862
8.8
2022-02-21 CVE-2021-44142 Out-of-bounds Write vulnerability in multiple products
The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide "...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver." Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via specially crafted extended file attributes.
8.8
2022-02-18 CVE-2020-25717 Improper Input Validation vulnerability in multiple products
A flaw was found in the way Samba maps domain users to local users.
network
low complexity
samba debian fedoraproject redhat canonical CWE-20
8.1
2022-02-18 CVE-2021-4091 Double Free vulnerability in multiple products
A double-free was found in the way 389-ds-base handles virtual attributes context in persistent searches.
network
low complexity
port389 redhat CWE-415
7.5
2022-01-28 CVE-2021-4034 Out-of-bounds Write vulnerability in multiple products
A local privilege escalation vulnerability was found on polkit's pkexec utility.
7.8