Vulnerabilities > Redhat > Enterprise Linux
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-25 | CVE-2021-4145 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference issue was found in the block mirror layer of QEMU in versions prior to 6.2.0. | 6.5 |
| 2022-01-20 | CVE-2021-45417 | Out-of-bounds Write vulnerability in multiple products AIDE before 0.17.4 allows local users to obtain root privileges via crafted file metadata (such as XFS extended attributes or tmpfs ACLs), because of a heap-based buffer overflow. local low complexity advanced-intrusion-detection-environment-project redhat fedoraproject canonical debian CWE-787 | 7.8 |
| 2022-01-13 | CVE-2022-21682 | Path Traversal vulnerability in multiple products Flatpak is a Linux application sandboxing and distribution framework. | 6.5 |
| 2022-01-12 | CVE-2021-43860 | Incorrect Default Permissions vulnerability in multiple products Flatpak is a Linux application sandboxing and distribution framework. | 8.6 |
| 2022-01-01 | CVE-2021-41819 | Reliance on Cookies without Validation and Integrity Checking vulnerability in multiple products CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in cookie names. | 7.5 |
| 2022-01-01 | CVE-2021-41817 | Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS (regular expression Denial of Service) via a long string. | 7.5 |
| 2021-12-25 | CVE-2021-4166 | vim is vulnerable to Out-of-bounds Read | 7.1 |
| 2021-12-23 | CVE-2021-3621 | OS Command Injection vulnerability in multiple products A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. | 8.8 |
| 2021-12-23 | CVE-2021-3622 | A flaw was found in the hivex library. | 4.3 |
| 2021-12-23 | CVE-2021-4024 | Origin Validation Error vulnerability in multiple products A flaw was found in podman. | 6.5 |