Vulnerabilities > Redhat > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-08 | CVE-2022-3262 | Insecure Default Initialization of Resource vulnerability in Redhat Openshift 4.9 A flaw was found in Openshift. | 8.1 |
| 2022-10-28 | CVE-2022-3697 | Unspecified vulnerability in Redhat Ansible and Ansible Collection A flaw was found in Ansible in the amazon.aws collection when using the tower_callback parameter from the amazon.aws.ec2_instance module. | 7.5 |
| 2022-10-19 | CVE-2013-4253 | Exposure of Resource to Wrong Sphere vulnerability in Redhat Openshift 1.0 The deployment script in the unsupported "OpenShift Extras" set of add-on scripts, in Red Hat Openshift 1, installs a default public key in the root user's authorized_keys file. | 7.5 |
| 2022-10-19 | CVE-2022-1414 | Improper Input Validation vulnerability in Redhat 3Scale API Management 2.0 3scale API Management 2 does not perform adequate sanitation for user input in multiple fields. | 8.8 |
| 2022-10-17 | CVE-2019-14840 | Unspecified vulnerability in Redhat Decision Manager 7.0 A flaw was found in the RHDM, where sensitive HTML form fields like Password has auto-complete enabled which may lead to leak of credentials. | 7.5 |
| 2022-10-17 | CVE-2019-14841 | Improper Preservation of Permissions vulnerability in Redhat Decision Manager and Process Automation A flaw was found in the RHDM, where an authenticated attacker can change their assigned role in the response header. | 8.8 |
| 2022-10-14 | CVE-2022-2963 | Memory Leak vulnerability in multiple products A vulnerability found in jasper. | 7.5 |
| 2022-09-29 | CVE-2014-0144 | Improper Input Validation vulnerability in multiple products QEMU before 2.0.0 block drivers for CLOOP, QCOW2 version 2 and various other image formats are vulnerable to potential memory corruptions, integer/buffer overflows or crash caused by missing input validations which could allow a remote user to execute arbitrary code on the host with the privileges of the QEMU process. | 8.6 |
| 2022-09-13 | CVE-2022-1278 | Insecure Default Initialization of Resource vulnerability in Redhat products A flaw was found in WildFly, where an attacker can see deployment names, endpoints, and any other data the trace payload may contain. | 7.5 |
| 2022-09-13 | CVE-2022-2989 | An incorrect handling of the supplementary groups in the Podman container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container. | 7.1 |