VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Redhat
> Critical
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2023-09-15
CVE-2023-0923
Missing Authorization vulnerability in Redhat Openshift Data Science
A flaw was found in the Kubernetes service for notebooks in RHODS, where it does not prevent pods from other namespaces and applications from making requests to the Jupyter API.
network
low complexity
redhat
CWE-862
critical
9.8
9.8
2023-05-30
CVE-2023-34152
OS Command Injection vulnerability in multiple products
A vulnerability was found in ImageMagick.
network
low complexity
imagemagick
fedoraproject
redhat
CWE-78
critical
9.8
9.8
2023-05-17
CVE-2023-2319
It was discovered that an update for PCS package in RHBA-2023:2151 erratum released as part of Red Hat Enterprise Linux 9.2 failed to include the fix for the Webpack issue CVE-2023-28154 (for PCS package), which was previously addressed in Red Hat Enterprise Linux 9.1 via erratum RHSA-2023:1591.
network
low complexity
clusterlabs
redhat
critical
9.8
9.8
2023-01-13
CVE-2022-3782
Path Traversal vulnerability in Redhat Keycloak 20.0.2
keycloak: path traversal via double URL encoding.
network
low complexity
redhat
CWE-22
critical
9.1
9.1
2022-11-22
CVE-2022-4116
A vulnerability was found in quarkus.
network
low complexity
redhat
quarkus
critical
9.8
9.8
2022-08-22
CVE-2020-27836
Incorrect Permission Assignment for Critical Resource vulnerability in Redhat Openshift Container Platform 4.6
A flaw was found in cluster-ingress-operator.
network
low complexity
redhat
CWE-732
critical
9.8
9.8
2022-08-22
CVE-2021-3586
Insecure Default Initialization of Resource vulnerability in Redhat Openshift Service Mesh and Servicemesh-Operator
A flaw was found in servicemesh-operator.
network
low complexity
redhat
CWE-1188
critical
9.8
9.8
2022-08-10
CVE-2022-2457
Improper Restriction of Excessive Authentication Attempts vulnerability in Redhat Process Automation Manager 7.0/7.5.1
A flaw was found in Red Hat Process Automation Manager 7 where an attacker can benefit from a brute force attack against Administration Console as the application does not limit the number of unsuccessful login attempts.
network
low complexity
redhat
CWE-307
critical
9.8
9.8
2022-07-25
CVE-2022-0670
A flaw was found in Openstack manilla owning a Ceph File system "share", which enables the owner to read/write any manilla share or entire file system.
network
low complexity
linuxfoundation
redhat
fedoraproject
critical
9.1
9.1
2022-07-08
CVE-2022-1245
Authorization Bypass Through User-Controlled Key vulnerability in Redhat Keycloak
A privilege escalation flaw was found in the token exchange feature of keycloak.
network
low complexity
redhat
CWE-639
critical
9.8
9.8
«
Previous
1
2
(current)
3
4
5
...
49
50
»
Next