Vulnerabilities > Redhat

DATE CVE VULNERABILITY TITLE RISK
2022-05-18 CVE-2022-30600 Incorrect Calculation vulnerability in multiple products
A flaw was found in moodle where logic used to count failed login attempts could result in the account lockout threshold being bypassed.
network
low complexity
moodle redhat fedoraproject CWE-682
critical
 9.8
9.8
2022-05-18 CVE-2022-30596 Cross-site Scripting vulnerability in multiple products
A flaw was found in moodle where ID numbers displayed when bulk allocating markers to assignments required additional sanitizing to prevent a stored XSS risk.
network
low complexity
moodle redhat fedoraproject CWE-79
5.4
5.4
2022-05-17 CVE-2022-1706 Incorrect Authorization vulnerability in multiple products
A vulnerability was found in Ignition where ignition configs are accessible from unprivileged containers in VMs running on VMware products.
network
low complexity
redhat fedoraproject CWE-863
6.5
6.5
2022-05-16 CVE-2022-1586 Out-of-bounds Read vulnerability in multiple products
An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file.
network
low complexity
pcre fedoraproject redhat netapp CWE-125
critical
 9.1
9.1
2022-05-16 CVE-2022-1587 Out-of-bounds Read vulnerability in multiple products
An out-of-bounds read vulnerability was discovered in the PCRE2 library in the get_recurse_data_length() function of the pcre2_jit_compile.c file.
network
low complexity
pcre redhat fedoraproject netapp CWE-125
critical
 9.1
9.1
2022-05-11 CVE-2021-3611 A stack overflow vulnerability was found in the Intel HD Audio device (intel-hda) of QEMU.
local
low complexity
qemu redhat
6.5
6.5
2022-05-10 CVE-2022-0866 Incorrect Authorization vulnerability in Redhat products
This is a concurrency issue that can result in the wrong caller principal being returned from the session context of an EJB that is configured with a RunAs principal.
network
low complexity
redhat CWE-863
5.3
5.3
2022-05-02 CVE-2021-3750 A DMA reentrancy issue was found in the USB EHCI controller emulation of QEMU.
local
low complexity
qemu redhat
8.2
8.2
2022-04-29 CVE-2021-4206 Incorrect Calculation of Buffer Size vulnerability in multiple products
A flaw was found in the QXL display device emulation in QEMU.
local
low complexity
qemu redhat debian CWE-131
8.2
8.2
2022-04-29 CVE-2021-4207 Classic Buffer Overflow vulnerability in multiple products
A flaw was found in the QXL display device emulation in QEMU.
local
low complexity
qemu redhat debian CWE-120
8.2
8.2