Vulnerabilities > Redhat > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-05 | CVE-2022-3715 | Out-of-bounds Write vulnerability in multiple products A flaw was found in the bash package, where a heap-buffer overflow can occur in valid parameter_transform. | 7.8 |
| 2022-12-21 | CVE-2022-38065 | Improper Privilege Management vulnerability in Redhat Openstack A privilege escalation vulnerability exists in the oslo.privsep functionality of OpenStack git master 05194e7618 and prior. | 8.8 |
| 2022-12-19 | CVE-2022-3775 | Out-of-bounds Write vulnerability in multiple products When rendering certain unicode sequences, grub2's font code doesn't proper validate if the informed glyph's width and height is constrained within bitmap size. | 7.1 |
| 2022-12-14 | CVE-2022-2601 | Heap-based Buffer Overflow vulnerability in multiple products A buffer overflow was found in grub_font_construct_glyph(). | 8.6 |
| 2022-12-14 | CVE-2022-4283 | Use After Free vulnerability in multiple products A vulnerability was found in X.Org. | 7.8 |
| 2022-12-09 | CVE-2022-3259 | Improper Initialization vulnerability in Redhat Openshift 4.9 Openshift 4.9 does not use HTTP Strict Transport Security (HSTS) which may allow man-in-the-middle (MITM) attacks. | 7.4 |
| 2022-12-08 | CVE-2022-3262 | Insecure Default Initialization of Resource vulnerability in Redhat Openshift 4.9 A flaw was found in Openshift. | 8.1 |
| 2022-10-28 | CVE-2022-3697 | Unspecified vulnerability in Redhat Ansible and Ansible Collection A flaw was found in Ansible in the amazon.aws collection when using the tower_callback parameter from the amazon.aws.ec2_instance module. | 7.5 |
| 2022-10-19 | CVE-2013-4253 | Exposure of Resource to Wrong Sphere vulnerability in Redhat Openshift 1.0 The deployment script in the unsupported "OpenShift Extras" set of add-on scripts, in Red Hat Openshift 1, installs a default public key in the root user's authorized_keys file. | 7.5 |
| 2022-10-19 | CVE-2022-1414 | Improper Input Validation vulnerability in Redhat 3Scale API Management 2.0 3scale API Management 2 does not perform adequate sanitation for user input in multiple fields. | 8.8 |