Vulnerabilities > Redhat > Enterprise Linux > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-01 | CVE-2022-2509 | Double Free vulnerability in multiple products A vulnerability found in gnutls. | 7.5 |
| 2022-07-06 | CVE-2021-3697 | Out-of-bounds Write vulnerability in multiple products A crafted JPEG image may lead the JPEG reader to underflow its data pointer, allowing user-controlled data to be written in heap. | 7.0 |
| 2022-06-21 | CVE-2022-1665 | Unspecified vulnerability in Redhat Enterprise Linux 8.0 A set of pre-production kernel packages of Red Hat Enterprise Linux for IBM Power architecture can be booted by the grub in Secure Boot mode even though it shouldn't. | 8.2 |
| 2022-06-16 | CVE-2022-32545 | Integer Overflow or Wraparound vulnerability in multiple products A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned char' at coders/psd.c, when crafted or untrusted input is processed. | 7.8 |
| 2022-06-16 | CVE-2022-32546 | Integer Overflow or Wraparound vulnerability in multiple products A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned long' at coders/pcl.c, when crafted or untrusted input is processed. | 7.8 |
| 2022-06-16 | CVE-2022-32547 | Incorrect Type Conversion or Cast vulnerability in multiple products In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and for type 'float', which requires 4 byte alignment at MagickCore/property.c. | 7.8 |
| 2022-06-09 | CVE-2022-1998 | Use After Free vulnerability in multiple products A use after free in the Linux kernel File System notify functionality was found in the way user triggers copy_info_records_to_user() call to fail in copy_event_to_user(). | 7.8 |
| 2022-06-07 | CVE-2022-1708 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products A vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyone with access to the Kube API. | 7.5 |
| 2022-06-02 | CVE-2022-1652 | Use After Free vulnerability in multiple products Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a concurrency use-after-free flaw in the bad_flp_intr function. | 7.8 |
| 2022-06-02 | CVE-2022-1949 | Authorization Bypass Through User-Controlled Key vulnerability in multiple products An access control bypass vulnerability found in 389-ds-base. | 7.5 |