Vulnerabilities > Redhat

DATE CVE VULNERABILITY TITLE RISK
2022-07-25 CVE-2022-35653 Cross-site Scripting vulnerability in multiple products
A reflected XSS issue was identified in the LTI module of Moodle.
network
low complexity
moodle fedoraproject redhat CWE-79
6.1
6.1
2022-07-25 CVE-2022-0670 A flaw was found in Openstack manilla owning a Ceph File system "share", which enables the owner to read/write any manilla share or entire file system.
network
low complexity
linuxfoundation redhat fedoraproject
critical
 9.1
9.1
2022-07-22 CVE-2022-1655 Incorrect Permission Assignment for Critical Resource vulnerability in Redhat Openstack 16.2
An Incorrect Permission Assignment for Critical Resource flaw was found in Horizon on Red Hat OpenStack.
network
low complexity
redhat CWE-732
6.5
6.5
2022-07-14 CVE-2022-2393 A flaw was found in pki-core, which could allow a user to get a certificate for another user identity when directory-based authentication is enabled.
low complexity
pki-core-project redhat
5.7
5.7
2022-07-12 CVE-2022-2211 Classic Buffer Overflow vulnerability in multiple products
A vulnerability was found in libguestfs.
network
low complexity
libguestfs redhat CWE-120
6.5
6.5
2022-07-08 CVE-2022-1245 Authorization Bypass Through User-Controlled Key vulnerability in Redhat Keycloak
A privilege escalation flaw was found in the token exchange feature of keycloak.
network
low complexity
redhat CWE-639
critical
 9.8
9.8
2022-07-06 CVE-2014-8164 Improper Certificate Validation vulnerability in Redhat Cloudforms Management Engine 5.0
A insecure configuration for certificate verification (http.verify_mode = OpenSSL::SSL::VERIFY_NONE) may lead to verification bypass in Red Hat CloudForms 5.x.
network
low complexity
redhat CWE-295
critical
 9.1
9.1
2022-07-06 CVE-2021-3695 Out-of-bounds Write vulnerability in multiple products
A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write in the heap area.
local
high complexity
gnu fedoraproject redhat netapp CWE-787
4.5
4.5
2022-07-06 CVE-2021-3696 Out-of-bounds Write vulnerability in multiple products
A heap out-of-bounds write may heppen during the handling of Huffman tables in the PNG reader.
local
high complexity
gnu redhat netapp CWE-787
4.5
4.5
2022-07-06 CVE-2021-3697 Out-of-bounds Write vulnerability in multiple products
A crafted JPEG image may lead the JPEG reader to underflow its data pointer, allowing user-controlled data to be written in heap.
local
high complexity
gnu redhat CWE-787
7.0
7.0