Vulnerabilities > Redhat
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-29 | CVE-2022-1055 | Use After Free vulnerability in multiple products A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain privilege escalation. | 7.8 |
| 2022-03-25 | CVE-2021-20323 | Cross-site Scripting vulnerability in Redhat Keycloak A POST based reflected Cross Site Scripting vulnerability on has been identified in Keycloak. | 6.1 |
| 2022-03-25 | CVE-2021-3814 | Missing Authorization vulnerability in Redhat 3Scale It was found that 3scale's APIdocs does not validate the access token, in the case of invalid token, it uses session auth instead. | 7.5 |
| 2022-03-25 | CVE-2021-3941 | In ImfChromaticities.cpp routine RGBtoXYZ(), there are some division operations such as `float Z = (1 - chroma.white.x - chroma.white.y) * Y / chroma.white.y;` and `chroma.green.y * (X + Z))) / d;` but the divisor is not checked for a 0 value. | 6.5 |
| 2022-03-25 | CVE-2021-4147 | Improper Locking vulnerability in multiple products A flaw was found in the libvirt libxl driver. | 6.5 |
| 2022-03-25 | CVE-2022-0330 | A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. | 7.8 |
| 2022-03-25 | CVE-2022-0435 | Out-of-bounds Write vulnerability in multiple products A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed. | 8.8 |
| 2022-03-25 | CVE-2022-0759 | Improper Certificate Validation vulnerability in Redhat Kubeclient A flaw was found in all versions of kubeclient up to (but not including) v4.9.3, the Ruby client for Kubernetes REST API, in the way it parsed kubeconfig files. | 8.1 |
| 2022-03-25 | CVE-2022-0897 | A flaw was found in the libvirt nwfilter driver. | 4.3 |
| 2022-03-23 | CVE-2021-3589 | Missing Authentication for Critical Function vulnerability in multiple products An authorization flaw was found in Foreman Ansible. | 8.0 |