Vulnerabilities > Redhat > Low

DATE CVE VULNERABILITY TITLE RISK
2023-06-06 CVE-2023-2602 Memory Leak vulnerability in multiple products
A vulnerability was found in the pthread_create() function in libcap.
3.3
2023-03-23 CVE-2023-1513 Improper Initialization vulnerability in multiple products
A flaw was found in KVM.
local
low complexity
linux fedoraproject redhat CWE-665
3.3
2023-03-06 CVE-2022-4134 Inclusion of Functionality from Untrusted Control Sphere vulnerability in multiple products
A flaw was found in openstack-glance.
local
low complexity
openstack redhat CWE-829
2.8
2023-03-03 CVE-2022-41862 In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption.
network
high complexity
postgresql fedoraproject redhat
3.7
2023-01-13 CVE-2023-0091 Incorrect Authorization vulnerability in Redhat Keycloak
A flaw was found in Keycloak, where it did not properly check client tokens for possible revocation in its client credential flow.
network
low complexity
redhat CWE-863
3.8
2022-10-17 CVE-2017-7517 Improper Input Validation vulnerability in Redhat Openshift 3.0
An input validation vulnerability exists in Openshift Enterprise due to a 1:1 mapping of tenants in Hawkular Metrics and projects/namespaces in OpenShift.
network
low complexity
redhat CWE-20
3.5
2022-09-01 CVE-2022-2256 Cross-site Scripting vulnerability in Redhat Single Sign-On 7.0
A Stored Cross-site scripting (XSS) vulnerability was found in keycloak as shipped in Red Hat Single Sign-On 7.
network
low complexity
redhat CWE-79
3.8
2022-08-24 CVE-2021-4217 NULL Pointer Dereference vulnerability in multiple products
A flaw was found in unzip.
local
low complexity
unzip-project fedoraproject redhat CWE-476
3.3
2022-08-17 CVE-2020-14394 Infinite Loop vulnerability in multiple products
An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Block (TRB) Ring.
local
low complexity
qemu fedoraproject redhat CWE-835
3.2
2022-07-01 CVE-2014-3650 Cross-site Scripting vulnerability in Redhat Jboss Aerogear 1.0.0
Multiple persistent cross-site scripting (XSS) flaws were found in the way Aerogear handled certain user-supplied content.
network
redhat CWE-79
3.5