High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-09-29	CVE-2014-0144	Improper Input Validation vulnerability in multiple products QEMU before 2.0.0 block drivers for CLOOP, QCOW2 version 2 and various other image formats are vulnerable to potential memory corruptions, integer/buffer overflows or crash caused by missing input validations which could allow a remote user to execute arbitrary code on the host with the privileges of the QEMU process. local low complexity qemu redhat CWE-20	8.6
2022-09-01	CVE-2022-2738	Use After Free vulnerability in multiple products The version of podman as released for Red Hat Enterprise Linux 7 Extras via RHSA-2022:2190 advisory included an incorrect version of podman missing the fix for CVE-2020-8945, which was previously fixed via RHSA-2020:2117. network high complexity redhat podman-project CWE-416	7.5
2022-04-29	CVE-2022-1227	Improper Privilege Management vulnerability in multiple products A privilege escalation flaw was found in Podman. network low complexity podman-project psgo-project redhat fedoraproject CWE-269	8.8
2022-03-25	CVE-2022-0330	Improper Preservation of Permissions vulnerability in multiple products A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. local low complexity linux redhat fedoraproject netapp CWE-281	7.8
2022-03-04	CVE-2021-3656	Missing Authorization vulnerability in multiple products A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. local low complexity linux fedoraproject redhat CWE-862	8.8
2022-02-21	CVE-2021-44142	Out-of-bounds Write vulnerability in multiple products The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide "...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver." Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via specially crafted extended file attributes. network low complexity samba debian canonical synology fedoraproject redhat CWE-787	8.8
2022-02-18	CVE-2020-25717	Improper Input Validation vulnerability in multiple products A flaw was found in the way Samba maps domain users to local users. network low complexity samba debian fedoraproject redhat canonical CWE-20	8.1
2022-02-18	CVE-2021-4091	Double Free vulnerability in multiple products A double-free was found in the way 389-ds-base handles virtual attributes context in persistent searches. network low complexity port389 redhat CWE-415	7.5
2022-01-28	CVE-2021-4034	Out-of-bounds Write vulnerability in multiple products A local privilege escalation vulnerability was found on polkit's pkexec utility. local low complexity polkit-project redhat canonical suse oracle siemens starwindsoftware CWE-787	7.8
2020-10-27	CVE-2020-3864	Origin Validation Error vulnerability in multiple products A logic issue was addressed with improved validation. local low complexity apple redhat CWE-346	7.2