Vulnerabilities > Redhat > Enterprise Linux > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-06-30 CVE-2022-1852 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference flaw was found in the Linux kernel’s KVM module, which can lead to a denial of service in the x86_emulate_insn in arch/x86/kvm/emulate.c.
local
low complexity
linux redhat CWE-476
5.5
5.5
2022-06-30 CVE-2022-2078 A vulnerability was found in the Linux kernel's nft_set_desc_concat_parse() function .This flaw allows an attacker to trigger a buffer overflow via nft_set_desc_concat_parse() , causing a denial of service and possibly to run code.
local
low complexity
linux redhat debian
5.5
5.5
2022-06-02 CVE-2022-1462 An out-of-bounds read flaw was found in the Linux kernel’s TeleTYpe subsystem.
local
high complexity
linux redhat debian
6.3
6.3
2022-06-02 CVE-2022-1789 NULL Pointer Dereference vulnerability in multiple products
With shadow paging enabled, the INVPCID instruction results in a call to kvm_mmu_invpcid_gva. 		6.8
6.8
2022-05-18 CVE-2022-30597 A flaw was found in moodle where the description user field was not hidden when being set as a hidden user field.
network
low complexity
moodle redhat fedoraproject
5.3
5.3
2022-05-18 CVE-2022-30598 A flaw was found in moodle where global search results could include author information on some activities where a user may not otherwise have access to it.
network
low complexity
moodle redhat fedoraproject
4.3
4.3
2022-05-18 CVE-2022-30596 Cross-site Scripting vulnerability in multiple products
A flaw was found in moodle where ID numbers displayed when bulk allocating markers to assignments required additional sanitizing to prevent a stored XSS risk.
network
low complexity
moodle redhat fedoraproject CWE-79
5.4
5.4
2022-05-17 CVE-2022-1706 Incorrect Authorization vulnerability in multiple products
A vulnerability was found in Ignition where ignition configs are accessible from unprivileged containers in VMs running on VMware products.
network
low complexity
redhat fedoraproject CWE-863
6.5
6.5
2022-05-11 CVE-2021-3611 A stack overflow vulnerability was found in the Intel HD Audio device (intel-hda) of QEMU.
local
low complexity
qemu redhat
6.5
6.5
2022-04-29 CVE-2022-0984 Incorrect Authorization vulnerability in multiple products
Users with the capability to configure badge criteria (teachers and managers by default) were able to configure course badges with profile field criteria, which should only be available for site badges.
network
low complexity
moodle fedoraproject redhat CWE-863
4.3
4.3