Vulnerabilities > Redhat > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-05 | CVE-2022-1158 | Use After Free vulnerability in multiple products A flaw was found in KVM. | 7.8 |
| 2022-08-05 | CVE-2022-2668 | Unspecified vulnerability in Redhat Keycloak and Single Sign-On An issue was discovered in Keycloak that allows arbitrary Javascript to be uploaded for the SAML protocol mapper even if the UPLOAD_SCRIPTS feature is disabled | 7.2 |
| 2022-08-05 | CVE-2022-2053 | Resource Exhaustion vulnerability in Redhat Integration Camel K, Jboss Fuse and Undertow When a POST request comes through AJP and the request exceeds the max-post-size limit (maxEntitySize), Undertow's AjpServerRequestConduit implementation closes a connection without sending any response to the client/proxy. | 7.5 |
| 2022-08-01 | CVE-2022-2509 | Double Free vulnerability in multiple products A vulnerability found in gnutls. | 7.5 |
| 2022-07-06 | CVE-2021-3697 | Out-of-bounds Write vulnerability in multiple products A crafted JPEG image may lead the JPEG reader to underflow its data pointer, allowing user-controlled data to be written in heap. | 7.0 |
| 2022-07-01 | CVE-2014-3648 | Resource Exhaustion vulnerability in Redhat Jboss Aerogear 1.0.0 The simplepush server iterates through the application installations and pushes a notification to the server provided by deviceToken. | 7.5 |
| 2022-06-21 | CVE-2022-1665 | Unspecified vulnerability in Redhat Enterprise Linux 8.0 A set of pre-production kernel packages of Red Hat Enterprise Linux for IBM Power architecture can be booted by the grub in Secure Boot mode even though it shouldn't. | 8.2 |
| 2022-06-21 | CVE-2022-1833 | Incorrect Default Permissions vulnerability in Redhat AMQ Broker 7.9.4 A flaw was found in AMQ Broker Operator 7.9.4 installed via UI using OperatorHub where a low-privilege user that has access to the namespace where the AMQ Operator is deployed has access to clusterwide edit rights by checking the secrets. | 8.8 |
| 2022-06-16 | CVE-2022-32545 | Integer Overflow or Wraparound vulnerability in multiple products A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned char' at coders/psd.c, when crafted or untrusted input is processed. | 7.8 |
| 2022-06-16 | CVE-2022-32546 | Integer Overflow or Wraparound vulnerability in multiple products A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned long' at coders/pcl.c, when crafted or untrusted input is processed. | 7.8 |