Vulnerabilities > Redhat > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-01-13 | CVE-2022-3782 | Path Traversal vulnerability in Redhat Keycloak 20.0.2 keycloak: path traversal via double URL encoding. | 9.1 |
2022-11-22 | CVE-2022-4116 | Code Injection vulnerability in multiple products A vulnerability was found in quarkus. | 9.8 |
2022-05-18 | CVE-2022-30600 | Incorrect Calculation vulnerability in multiple products A flaw was found in moodle where logic used to count failed login attempts could result in the account lockout threshold being bypassed. | 9.8 |
2022-05-18 | CVE-2022-30599 | SQL Injection vulnerability in multiple products A flaw was found in moodle where an SQL injection risk was identified in Badges code relating to configuring criteria. | 9.8 |
2022-05-16 | CVE-2022-1587 | Out-of-bounds Read vulnerability in multiple products An out-of-bounds read vulnerability was discovered in the PCRE2 library in the get_recurse_data_length() function of the pcre2_jit_compile.c file. | 9.1 |
2022-05-16 | CVE-2022-1586 | Out-of-bounds Read vulnerability in multiple products An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. | 9.1 |
2022-03-03 | CVE-2021-3762 | Path Traversal vulnerability in Redhat Clair and Quay A directory traversal vulnerability was found in the ClairCore engine of Clair. | 9.8 |
2022-02-21 | CVE-2021-44142 | Out-of-bounds Write vulnerability in multiple products The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide "...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver." Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via specially crafted extended file attributes. | 9.0 |
2022-02-18 | CVE-2021-3657 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A flaw was found in mbsync versions prior to 1.4.4. | 9.8 |
2022-02-18 | CVE-2021-20325 | Server-Side Request Forgery (SSRF) vulnerability in Redhat Enterprise Linux 8.5.0 Missing fixes for CVE-2021-40438 and CVE-2021-26691 in the versions of httpd, as shipped in Red Hat Enterprise Linux 8.5.0, causes a security regression compared to the versions shipped in Red Hat Enterprise Linux 8.4. | 10.0 |