Vulnerabilities > Redhat
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-18 | CVE-2021-3930 | Off-by-one Error vulnerability in multiple products An off-by-one error was found in the SCSI device emulation in QEMU. | 6.5 |
| 2022-02-18 | CVE-2021-3948 | Incorrect Default Permissions vulnerability in multiple products An incorrect default permissions vulnerability was found in the mig-controller. | 6.3 |
| 2022-02-18 | CVE-2021-4091 | Double Free vulnerability in multiple products A double-free was found in the way 389-ds-base handles virtual attributes context in persistent searches. | 7.5 |
| 2022-02-18 | CVE-2021-4093 | Out-of-bounds Write vulnerability in multiple products A flaw was found in the KVM's AMD code for supporting the Secure Encrypted Virtualization-Encrypted State (SEV-ES). | 8.8 |
| 2022-02-18 | CVE-2022-0671 | Server-Side Request Forgery (SSRF) vulnerability in Redhat Vscode-Xml A flaw was found in vscode-xml in versions prior to 0.19.0. | 9.1 |
| 2022-02-16 | CVE-2021-3560 | Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges of the requestor to the root user. | 7.8 |
| 2022-02-16 | CVE-2021-3752 | Race Condition vulnerability in multiple products A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. | 7.1 |
| 2022-02-16 | CVE-2021-3753 | A race problem was seen in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vc_mode is not protected by lock-in vt_ioctl (KDSETMDE). | 4.7 |
| 2022-02-16 | CVE-2021-3773 | A flaw in netfilter could allow a network-connected attacker to infer openvpn connection endpoint information for further use in traditional network attacks. | 9.8 |
| 2022-02-16 | CVE-2021-3551 | Cleartext Storage of Sensitive Information vulnerability in multiple products A flaw was found in the PKI-server, where the spkispawn command, when run in debug mode, stores admin credentials in the installation log file. | 7.8 |