Vulnerabilities > Redhat > Enterprise Linux > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-11-03 CVE-2023-3961 Path Traversal vulnerability in multiple products
A path traversal vulnerability was identified in Samba when processing client pipe names connecting to Unix domain sockets within a private directory.
network
low complexity
samba redhat fedoraproject CWE-22
critical
 9.8
9.8
2023-11-01 CVE-2023-5178 Use After Free vulnerability in multiple products
A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe/TCP subsystem in the Linux kernel.
network
low complexity
linux redhat netapp CWE-416
critical
 9.8
9.8
2023-05-30 CVE-2023-34152 OS Command Injection vulnerability in multiple products
A vulnerability was found in ImageMagick.
network
low complexity
imagemagick fedoraproject redhat CWE-78
critical
 9.8
9.8
2022-05-18 CVE-2022-30600 Incorrect Calculation vulnerability in multiple products
A flaw was found in moodle where logic used to count failed login attempts could result in the account lockout threshold being bypassed.
network
low complexity
moodle redhat fedoraproject CWE-682
critical
 9.8
9.8
2022-05-18 CVE-2022-30599 SQL Injection vulnerability in multiple products
A flaw was found in moodle where an SQL injection risk was identified in Badges code relating to configuring criteria.
network
low complexity
moodle redhat fedoraproject CWE-89
critical
 9.8
9.8
2022-05-16 CVE-2022-1587 Out-of-bounds Read vulnerability in multiple products
An out-of-bounds read vulnerability was discovered in the PCRE2 library in the get_recurse_data_length() function of the pcre2_jit_compile.c file.
network
low complexity
pcre redhat fedoraproject netapp CWE-125
critical
 9.1
9.1
2022-05-16 CVE-2022-1586 Out-of-bounds Read vulnerability in multiple products
An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file.
network
low complexity
pcre fedoraproject redhat netapp CWE-125
critical
 9.1
9.1
2022-02-18 CVE-2021-3657 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A flaw was found in mbsync versions prior to 1.4.4.
network
low complexity
isync-project fedoraproject redhat debian CWE-119
critical
 9.8
9.8
2022-02-18 CVE-2021-20325 Server-Side Request Forgery (SSRF) vulnerability in Redhat Enterprise Linux 8.5.0
Missing fixes for CVE-2021-40438 and CVE-2021-26691 in the versions of httpd, as shipped in Red Hat Enterprise Linux 8.5.0, causes a security regression compared to the versions shipped in Red Hat Enterprise Linux 8.4.
network
low complexity
redhat CWE-918
critical
 9.8
9.8
2022-02-16 CVE-2021-3773 A flaw in netfilter could allow a network-connected attacker to infer openvpn connection endpoint information for further use in traditional network attacks.
network
low complexity
linux fedoraproject redhat oracle
critical
 9.8
9.8