Vulnerabilities > Redhat
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-22 | CVE-2021-3586 | Insecure Default Initialization of Resource vulnerability in Redhat Openshift Service Mesh and Servicemesh-Operator A flaw was found in servicemesh-operator. | 9.8 |
| 2022-08-22 | CVE-2021-3590 | Cleartext Transmission of Sensitive Information vulnerability in multiple products A flaw was found in Foreman project. | 8.8 |
| 2022-08-22 | CVE-2021-3659 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference flaw was found in the Linux kernel’s IEEE 802.15.4 wireless networking subsystem in the way the user closes the LR-WPAN connection. | 5.5 |
| 2022-08-22 | CVE-2022-2873 | Incorrect Calculation of Buffer Size vulnerability in multiple products An out-of-bounds memory access flaw was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way a user triggers the I2C_SMBUS_BLOCK_DATA (with the ioctl I2C_SMBUS) with malicious input data. | 5.5 |
| 2022-08-18 | CVE-2022-2568 | Improper Privilege Management vulnerability in Redhat Ansible Automation Platform 2.0/2.1/2.2 A privilege escalation flaw was found in the Ansible Automation Platform. | 6.5 |
| 2022-08-18 | CVE-2022-2625 | A vulnerability was found in PostgreSQL. | 8.0 |
| 2022-08-17 | CVE-2020-14394 | Infinite Loop vulnerability in multiple products An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Block (TRB) Ring. | 3.2 |
| 2022-08-16 | CVE-2020-14379 | XXE vulnerability in Redhat Jboss A-Mq 7 A flaw was found in Red Hat AMQ Broker in a way that a XEE attack can be done via Broker's configuration files, leading to denial of service and information disclosure. | 5.6 |
| 2022-08-10 | CVE-2022-2457 | Improper Restriction of Excessive Authentication Attempts vulnerability in Redhat Process Automation Manager 7.0/7.5.1 A flaw was found in Red Hat Process Automation Manager 7 where an attacker can benefit from a brute force attack against Administration Console as the application does not limit the number of unsuccessful login attempts. | 9.8 |
| 2022-08-10 | CVE-2022-2458 | XXE vulnerability in Redhat Process Automation Manager 7.0/7.5.1 XML external entity injection(XXE) is a vulnerability that allows an attacker to interfere with an application's processing of XML data. | 8.2 |