Vulnerabilities > Redhat
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-18 | CVE-2022-2625 | A vulnerability was found in PostgreSQL. | 8.0 |
| 2022-08-17 | CVE-2020-14394 | Infinite Loop vulnerability in multiple products An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Block (TRB) Ring. | 3.2 |
| 2022-08-16 | CVE-2020-14379 | XXE vulnerability in Redhat Jboss A-Mq 7 A flaw was found in Red Hat AMQ Broker in a way that a XEE attack can be done via Broker's configuration files, leading to denial of service and information disclosure. | 5.6 |
| 2022-08-10 | CVE-2022-2457 | Improper Restriction of Excessive Authentication Attempts vulnerability in Redhat Process Automation Manager 7.0/7.5.1 A flaw was found in Red Hat Process Automation Manager 7 where an attacker can benefit from a brute force attack against Administration Console as the application does not limit the number of unsuccessful login attempts. | 9.8 |
| 2022-08-10 | CVE-2022-2458 | XXE vulnerability in Redhat Process Automation Manager 7.0/7.5.1 XML external entity injection(XXE) is a vulnerability that allows an attacker to interfere with an application's processing of XML data. | 8.2 |
| 2022-08-05 | CVE-2022-1158 | Use After Free vulnerability in multiple products A flaw was found in KVM. | 7.8 |
| 2022-08-05 | CVE-2022-2668 | Unspecified vulnerability in Redhat Keycloak and Single Sign-On An issue was discovered in Keycloak that allows arbitrary Javascript to be uploaded for the SAML protocol mapper even if the UPLOAD_SCRIPTS feature is disabled | 7.2 |
| 2022-08-05 | CVE-2022-2053 | Resource Exhaustion vulnerability in Redhat Integration Camel K, Jboss Fuse and Undertow When a POST request comes through AJP and the request exceeds the max-post-size limit (maxEntitySize), Undertow's AjpServerRequestConduit implementation closes a connection without sending any response to the client/proxy. | 7.5 |
| 2022-08-01 | CVE-2022-2509 | Double Free vulnerability in multiple products A vulnerability found in gnutls. | 7.5 |
| 2022-07-25 | CVE-2022-35651 | Cross-site Scripting vulnerability in multiple products A stored XSS and blind SSRF vulnerability was found in Moodle, occurs due to insufficient sanitization of user-supplied data in the SCORM track details. | 6.1 |