Vulnerabilities > Redhat
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-19 | CVE-2013-4281 | Unspecified vulnerability in Redhat Openshift 1.0 In Red Hat Openshift 1, weak default permissions are applied to the /etc/openshift/server_priv.pem file on the broker server, which could allow users with local access to the broker to read this file. | 5.5 |
| 2022-10-19 | CVE-2022-1414 | Improper Input Validation vulnerability in Redhat 3Scale API Management 2.0 3scale API Management 2 does not perform adequate sanitation for user input in multiple fields. | 8.8 |
| 2022-10-19 | CVE-2022-2805 | Unspecified vulnerability in Redhat Virtualization 4.0 A flaw was found in ovirt-engine, which leads to the logging of plaintext passwords in the log file when using otapi-style. | 6.5 |
| 2022-10-17 | CVE-2017-7517 | Unspecified vulnerability in Redhat Openshift 3.0 An input validation vulnerability exists in Openshift Enterprise due to a 1:1 mapping of tenants in Hawkular Metrics and projects/namespaces in OpenShift. | 3.5 |
| 2022-10-17 | CVE-2019-14840 | Unspecified vulnerability in Redhat Decision Manager 7.0 A flaw was found in the RHDM, where sensitive HTML form fields like Password has auto-complete enabled which may lead to leak of credentials. | 7.5 |
| 2022-10-17 | CVE-2019-14841 | Improper Preservation of Permissions vulnerability in Redhat Decision Manager and Process Automation A flaw was found in the RHDM, where an authenticated attacker can change their assigned role in the response header. | 8.8 |
| 2022-10-14 | CVE-2022-2850 | NULL Pointer Dereference vulnerability in multiple products A flaw was found In 389-ds-base. | 6.5 |
| 2022-10-14 | CVE-2022-2963 | Memory Leak vulnerability in multiple products A vulnerability found in jasper. | 7.5 |
| 2022-10-07 | CVE-2020-15855 | Cross-site Scripting vulnerability in Redhat Bodhi Two cross-site scripting vulnerabilities were fixed in Bodhi 5.6.1. | 6.1 |
| 2022-09-29 | CVE-2014-0144 | Improper Input Validation vulnerability in multiple products QEMU before 2.0.0 block drivers for CLOOP, QCOW2 version 2 and various other image formats are vulnerable to potential memory corruptions, integer/buffer overflows or crash caused by missing input validations which could allow a remote user to execute arbitrary code on the host with the privileges of the QEMU process. | 8.6 |