Vulnerabilities > Redhat > High

DATE CVE VULNERABILITY TITLE RISK
2022-06-16 CVE-2022-32545 Integer Overflow or Wraparound vulnerability in multiple products
A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned char' at coders/psd.c, when crafted or untrusted input is processed.
local
low complexity
imagemagick redhat fedoraproject CWE-190
7.8
7.8
2022-06-16 CVE-2022-32546 Integer Overflow or Wraparound vulnerability in multiple products
A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned long' at coders/pcl.c, when crafted or untrusted input is processed.
local
low complexity
imagemagick redhat fedoraproject CWE-190
7.8
7.8
2022-06-16 CVE-2022-32547 Incorrect Type Conversion or Cast vulnerability in multiple products
In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and for type 'float', which requires 4 byte alignment at MagickCore/property.c.
local
low complexity
imagemagick redhat fedoraproject CWE-704
7.8
7.8
2022-06-16 CVE-2021-41411 XXE vulnerability in Redhat Drools 6.1.0
drools <=7.59.x is affected by an XML External Entity (XXE) vulnerability in KieModuleMarshaller.java.
network
low complexity
redhat CWE-611
7.5
7.5
2022-06-09 CVE-2022-1998 Use After Free vulnerability in multiple products
A use after free in the Linux kernel File System notify functionality was found in the way user triggers copy_info_records_to_user() call to fail in copy_event_to_user().
local
low complexity
linux fedoraproject redhat netapp CWE-416
7.8
7.8
2022-06-07 CVE-2022-1708 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
A vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyone with access to the Kube API.
network
low complexity
kubernetes fedoraproject redhat CWE-770
7.5
7.5
2022-06-02 CVE-2022-1652 Use After Free vulnerability in multiple products
Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a concurrency use-after-free flaw in the bad_flp_intr function.
local
low complexity
linux redhat debian netapp CWE-416
7.8
7.8
2022-06-02 CVE-2022-1949 Authorization Bypass Through User-Controlled Key vulnerability in multiple products
An access control bypass vulnerability found in 389-ds-base.
network
low complexity
port389 redhat fedoraproject CWE-639
7.5
7.5
2022-05-24 CVE-2021-3717 Files or Directories Accessible to External Parties vulnerability in Redhat products
A flaw was found in Wildfly.
local
low complexity
redhat CWE-552
7.8
7.8
2022-05-02 CVE-2021-3750 Use After Free vulnerability in multiple products
A DMA reentrancy issue was found in the USB EHCI controller emulation of QEMU.
local
low complexity
qemu redhat CWE-416
8.2
8.2