Vulnerabilities > Redhat > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-05 | CVE-2022-2053 | Resource Exhaustion vulnerability in Redhat Integration Camel K, Jboss Fuse and Undertow When a POST request comes through AJP and the request exceeds the max-post-size limit (maxEntitySize), Undertow's AjpServerRequestConduit implementation closes a connection without sending any response to the client/proxy. | 7.5 |
| 2022-08-01 | CVE-2022-2509 | Double Free vulnerability in multiple products A vulnerability found in gnutls. | 7.5 |
| 2022-07-06 | CVE-2021-3697 | Out-of-bounds Write vulnerability in multiple products A crafted JPEG image may lead the JPEG reader to underflow its data pointer, allowing user-controlled data to be written in heap. | 7.0 |
| 2022-07-01 | CVE-2014-3648 | Resource Exhaustion vulnerability in Redhat Jboss Aerogear 1.0.0 The simplepush server iterates through the application installations and pushes a notification to the server provided by deviceToken. | 7.5 |
| 2022-06-21 | CVE-2022-1665 | Unspecified vulnerability in Redhat Enterprise Linux 8.0 A set of pre-production kernel packages of Red Hat Enterprise Linux for IBM Power architecture can be booted by the grub in Secure Boot mode even though it shouldn't. | 8.2 |
| 2022-06-21 | CVE-2022-1833 | Incorrect Default Permissions vulnerability in Redhat AMQ Broker 7.9.4 A flaw was found in AMQ Broker Operator 7.9.4 installed via UI using OperatorHub where a low-privilege user that has access to the namespace where the AMQ Operator is deployed has access to clusterwide edit rights by checking the secrets. | 8.8 |
| 2022-06-16 | CVE-2022-32545 | Integer Overflow or Wraparound vulnerability in multiple products A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned char' at coders/psd.c, when crafted or untrusted input is processed. | 7.8 |
| 2022-06-16 | CVE-2022-32546 | Integer Overflow or Wraparound vulnerability in multiple products A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned long' at coders/pcl.c, when crafted or untrusted input is processed. | 7.8 |
| 2022-06-16 | CVE-2022-32547 | Incorrect Type Conversion or Cast vulnerability in multiple products In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and for type 'float', which requires 4 byte alignment at MagickCore/property.c. | 7.8 |
| 2022-06-09 | CVE-2022-1998 | Use After Free vulnerability in multiple products A use after free in the Linux kernel File System notify functionality was found in the way user triggers copy_info_records_to_user() call to fail in copy_event_to_user(). | 7.8 |