Critical

DATE	CVE	VULNERABILITY TITLE	RISK
2023-11-03	CVE-2023-3961	Path Traversal vulnerability in multiple products A path traversal vulnerability was identified in Samba when processing client pipe names connecting to Unix domain sockets within a private directory. network low complexity samba redhat fedoraproject CWE-22 critical	9.8
2023-05-30	CVE-2023-34152	OS Command Injection vulnerability in multiple products A vulnerability was found in ImageMagick. network low complexity imagemagick fedoraproject redhat CWE-78 critical	9.8
2022-05-18	CVE-2022-30600	Incorrect Calculation vulnerability in multiple products A flaw was found in moodle where logic used to count failed login attempts could result in the account lockout threshold being bypassed. network low complexity moodle redhat fedoraproject CWE-682 critical	9.8
2022-05-18	CVE-2022-30599	SQL Injection vulnerability in multiple products A flaw was found in moodle where an SQL injection risk was identified in Badges code relating to configuring criteria. network low complexity moodle redhat fedoraproject CWE-89 critical	9.8
2022-05-16	CVE-2022-1587	Out-of-bounds Read vulnerability in multiple products An out-of-bounds read vulnerability was discovered in the PCRE2 library in the get_recurse_data_length() function of the pcre2_jit_compile.c file. network low complexity pcre redhat fedoraproject netapp CWE-125 critical	9.1
2022-05-16	CVE-2022-1586	Out-of-bounds Read vulnerability in multiple products An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. network low complexity pcre fedoraproject redhat netapp CWE-125 critical	9.1
2022-02-18	CVE-2021-3657	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A flaw was found in mbsync versions prior to 1.4.4. network low complexity isync-project fedoraproject redhat debian CWE-119 critical	9.8
2022-02-18	CVE-2021-20325	Server-Side Request Forgery (SSRF) vulnerability in Redhat Enterprise Linux 8.5.0 Missing fixes for CVE-2021-40438 and CVE-2021-26691 in the versions of httpd, as shipped in Red Hat Enterprise Linux 8.5.0, causes a security regression compared to the versions shipped in Red Hat Enterprise Linux 8.4. network low complexity redhat CWE-918 critical	9.8
2022-02-16	CVE-2021-3773	A flaw in netfilter could allow a network-connected attacker to infer openvpn connection endpoint information for further use in traditional network attacks. network low complexity linux fedoraproject redhat oracle critical	9.8
2021-12-08	CVE-2021-4048	Out-of-bounds Read vulnerability in multiple products An out-of-bounds read flaw was found in the CLARRV, DLARRV, SLARRV, and ZLARRV functions in lapack through version 3.10.0, as also used in OpenBLAS before version 0.3.18. network low complexity lapack-project openblas-project julialang redhat fedoraproject CWE-125 critical	9.1