Vulnerabilities > Redhat > Enterprise Linux > High

DATE CVE VULNERABILITY TITLE RISK
2023-03-06 CVE-2022-4904 Improper Validation of Specified Quantity in Input vulnerability in multiple products
A flaw was found in the c-ares package.
network
low complexity
c-ares-project redhat fedoraproject CWE-1284
8.6
8.6
2023-03-03 CVE-2023-27561 Use of Incorrectly-Resolved Name or Reference vulnerability in multiple products
runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go.
local
high complexity
linuxfoundation redhat debian CWE-706
7.0
7.0
2023-02-15 CVE-2023-0361 Information Exposure Through Discrepancy vulnerability in multiple products
A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS.
network
high complexity
gnu redhat debian fedoraproject netapp CWE-203
7.4
7.4
2023-02-01 CVE-2022-4254 sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters
network
low complexity
fedoraproject redhat
8.8
8.8
2023-01-12 CVE-2022-4743 Memory Leak vulnerability in multiple products
A potential memory leak issue was discovered in SDL2 in GLES_CreateTexture() function in SDL_render_gles.c.
network
low complexity
libsdl redhat CWE-401
7.5
7.5
2023-01-05 CVE-2022-3715 Out-of-bounds Write vulnerability in multiple products
A flaw was found in the bash package, where a heap-buffer overflow can occur in valid parameter_transform.
local
low complexity
gnu redhat CWE-787
7.8
7.8
2022-12-19 CVE-2022-3775 When rendering certain unicode sequences, grub2's font code doesn't proper validate if the informed glyph's width and height is constrained within bitmap size.
local
low complexity
gnu redhat
7.1
7.1
2022-12-14 CVE-2022-4283 Use After Free vulnerability in multiple products
A vulnerability was found in X.Org.
local
low complexity
x-org fedoraproject redhat debian CWE-416
7.8
7.8
2022-10-14 CVE-2022-2963 Memory Leak vulnerability in multiple products
A vulnerability found in jasper.
network
low complexity
jasper-project fedoraproject redhat CWE-401
7.5
7.5
2022-09-13 CVE-2022-2989 An incorrect handling of the supplementary groups in the Podman container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container.
local
low complexity
podman-project redhat
7.1
7.1